We all remember cramming — all that coffee and/or soda, all those books, notes and ink stains. Not to mention, all those late nights desperately striving to absorb all the information we should have learned over the course of weeks instead of hours, had we the good sense to keep pace with the work. Years later, memories of cramming can make us cringe or induce a nostalgic celebratory attitude: “Hey, I actually managed to do it! Heck, yeah!”
Maybe one day, quick-service restaurant (QSR) operators will look back upon 2019 as their cramming experience when it comes to digital security and fraud prevention.
In a new PYMNTS interview, Karen Webster and Rich Stuppy, chief customer experience officer at Kount, talked about all the recent digital and mobile strides that QSRs have been making — and why they are still behind the curve when it comes to protecting their technology, customers and brand reputations from online criminals.
The progress is easy to see.
For instance, in 2016, 5 percent of Starbucks‘ sales came from mobile orders, a figure that has since increased to 12 percent. As PYMNTS research has shown, innovation is indeed spreading in the QSR world, even though there are significant gaps about what QSR managers and customers prefer when it comes to newer payment methods. QSRs that keep up with the digital curve — via not only wise investments, but buy-ins from franchise owners, and proper focus on back-end tasks such as security — stand to make significant revenue gains. After all, average order spend increases 20 percent for digital orders.
QSRs have long been tied to their brick-and-mortar ways (the customer orders and pays, food comes out quickly, the customer leaves or sits down for a bit to eat), but things are changing, Stuppy told Webster. “Now, they are doing all this digital innovation, and it’s really moving the needle,” he said.
However, moving the needle is attracting the attention of online criminals and online gangs, many of them much more sophisticated than QSR operators understand (given their long-standing focus on loss prevention and other traditional issues). Gift card fraud, loyalty account theft and account takeovers, based on data stolen from QSRs, stand as some of the main threats those businesses face when it comes to moving further into the digital world.
In fact, missteps in digital fraud prevention can, as Stuppy said, “put the entire digital investment at risk.” While QSRs are indeed getting wiser about digital and mobile commerce, they are generally trying to do in weeks or months what other retailers (closer to the dawn of eCommerce) did over the course of years or even a decade, he said. Yet, there is little choice: Customers want more digital features when it comes to all kinds of retail, including fast food, and the QSR that falls behind in that competitive landscape could have a difficult time catching up.
Many of those QSRs are “going to learn the hard way,” Stuppy said. For instance, a QSR brand “will promote and market an app,” then take a measure of joy as downloads run into the hundreds, thousands and perhaps tens of thousands. However, when the QSR operator gets a letter, or call centers start receiving complaints from customers about wrong charges and other signs of fraud, criminals have found a way around the relatively weak digital defenses of that QSR.
Fraud Prevention Optimism
That said, there are reasons for optimism, Stuppy said.
That includes education and the benefits of experience. QSRs, in general, have made enough advances into digital and mobile that the larger QSR community — including franchise owners and corporates — can now trade advice on lessons learned and what works best. Stuppy said that among the general messages from the more experienced members of that community, at least regarding online security, is this: “Get ready now, build it into your plan and get help, because you are going to need it.”
Yet, the “fundamental problem number one,” according to Stuppy, is that QSRs, for the most part, don’t know what they don’t know about online security. That will change one way or another — either through experiences with fraud or via educational efforts.
Make no mistake, though. There seems little chance that the digital genie can be put back into the bottle when it comes to QSRs, so the earlier the message gets through, the better.