With Google delaying it’s cookie tracking ban, it may seem like retail marketers have a reprieve and can pause their preparation for a future without cookies. That assumption is problematic, says National Retail Federation Vice President of Retail Technology and Cybersecurity Christian Beckner. Speaking on the latest episode of Retail Uncharted, Christian explains, “These changes are going to happen, and are already happening on Apple and Facebook. You should prepare for the cookie phase-out now, as opposed to scrambling in 2023 when Google’s ban is in place.”
Preparing for a cookie-less future means finding new and innovative ways to retarget shoppers, collect first-party data, and build more meaningful relationships with shoppers. The days of purely transactional relationships, where retailers collect shopper data with no real added value, are over, says Christian.
Alongside privacy concerns, retail marketers increasingly need to take into account cybersecurity. The pixels and codes that many marketers add to their sites can introduce their customers to malicious cyberattacks if marketers don’t take appropriate precautions.
In this podcast, Christian explains how retailers can balance privacy and security concerns with the ultimate goal of reaching the right shoppers and driving sales.
During the episode we ask Christian:
- How can retail marketers prepare for Google’s cookie ban?
- What can retailers do to collect more first-party data and better implement their existing data?
- Aside from cookies, how can retail marketers retarget and reengage shoppers online?
- What are the biggest cybersecurity threats retailers need to contend with?
- How can small retailers, who may not have a Chief Security Officer, protect online shoppers and stay current on cybersecurity trends?
- What is the number one piece of advice you would give retailers when it comes to privacy and cybersecurity?
Top Sound Bites
On consumers’ growing demand for online privacy:
Christian: I think consumers want and deserve control of their personal information when they’re engaging as consumers with retailers and other companies. There’s a shift in the nature of the relationship and in the dialogue between consumers and retailers on costs and benefits.
We’ve seen, even though 75% don’t want their phone and apps tracking them, consumers are willing to share their information with retailers who they know and trust, especially if there is a direct benefit to them. Maybe it’s through discounts and coupons. Maybe it’s through other types of rewards from a loyalty program or other exclusive benefits. It’s really about changing the nature of the relationship, and making it much less short term and transactional and much more about having that longer term relationship with your customers.
On how retailers can assess the impact of the cookie ban on their business:
Christian: I would look at several key metrics to baseline what effect this will have on you. First of all, what percentage of sales are in store versus online? Companies that are online-only are more impacted by this than companies that still sell primarily in stores.
I also think this is less of an issue for well-known brands where you already have a loyal base of customers who are going to come to your website, without needing to come through an online advertisement.
Another metric is the percentage of your sales from online ads versus customer-directed visits to your website. If you have high dependency on third-party ads, then that is going to be more of a factor for you.
On top cybersecurity threats retailers should be aware of:
Christian: The way I look at this, cybersecurity is really the flip side of these issues that we’ve been talking about so far around privacy and trust. Privacy is about how companies collect and use information. Security is about ensuring that that same information isn’t stolen or misused by a bad actor.
In terms of the threats facing retailers, they are the broader threats that you hear about today that all companies are facing like ransomware or different types of software supply chain attacks, like the Solar Winds attack that happened at the end of 2020.
Specific to retail, there are a number of threats that we see as ongoing concerns. One of these is around point of sale systems. Cyber criminals have traditionally tried to go after payment information through point of sale systems. That’s harder than it used to be because a lot of that information is now encrypted or tokenized, so the card data is not accessible. That type of attack still has not entirely gone away.
Other areas that are relevant are account takeover attacks. Basically, cyber criminals will use bots to try to guess passwords to log into customer accounts and then initiate fraudulent transactions. In a lot of cases, those attacks are because of customers reusing passwords and those passwords being exploited.
Finally, digital skimming. These are when you have third-party extensions or apps being put on e-commerce websites. Then that code basically is infected by the cyber criminals. When that code is updated you have malicious code inserted in some cases on hundreds or thousands of websites.
On retail marketers’ roles in keeping their websites safe for shoppers:
Christian: Marketing and digital professionals should care about these issues for a few reasons. First, cybersecurity is critical for your relationship with your customers. It’s something you don’t think about until you have to think about it. If you ignore it and if there is an incident, it will affect customer trust.
In a lot of cases, these decisions around different types of third-party code or extensions used on retail websites are made, not by the Chief Information Officer, but by the marketing team. Those decisions have an impact on the company security, so it really is critical for there to be that connection between the security team and marketing team. You also need to make sure that security is factored into those decisions when you’re looking at adding code to e-commerce websites to serve marketing purposes.