A great business idea is only half the battle in an always-on, digitally connected world — the other half involves convincing consumers to try it out. In the case of new mobile order-ahead services, consumers need assurance that providers will keep their payment information safe and secure in addition to offering a helpful solution.
Boston-based Food for All, a startup that fights food waste and food insecurity, confronted that task before the launch of its mobile app in 2017. Every day, restaurants throw out the prepared meals that remain unsold at closing time, even though the food is still fit for consumption — Food for All was created to solve this problem. This is a regular and often deliberate practice in the food industry. Many restaurants intentionally make more meals than they expect to sell so that their shelves do not look empty, said Sabine Valenga, Food for All’s co-founder and chief marketing officer. This costs restaurants money and labor, but the practice continues to occur even while many people struggle to afford meals.
Food for All addresses this issue with an app that allows consumers to pre-order and pre-purchase surplus meals from restaurants and farmers markets. Customers are given a discount of at least 50 percent on the meals and collect them an hour or two before closing time. Restaurants often know how many orders they’ll have left over, but they don’t always know which items will be available. Consumers who use the app are aware that they won’t know whether they’ll get a chicken burrito or a burger with fries, for example.
Offering an app-based solution to fighting food waste wasn’t going to be enough to win over users, however. The startup also needed to reassure consumers and businesses that the service would keep their details and payment information safe. Families facing food insecurity don’t want to worry about fraudsters making off with their credit card information, and restaurants will avoid signing onto a service if its security practices are lax.
PYMNTS recently caught up with Valenga and Victor Carreño, another of the company's co-founders and its chief technology officer, to discuss how Food for All designed its app to deliver security while serving the greater good.
Secure payment handling
Valenga said Food for All works with approximately 200 vendors — including farmers markets and restaurants — in Boston and New York City. Providing a simple and secure way for consumers to pay these vendors was of the utmost importance.
Customers must input credit card information to register and use the app, but Food for All recognizes that, as a new startup, it is an untested entity that hasn’t yet established a trustworthy reputation. To address this consumer anxiety, all card details are managed by an established payment processor.
“We operate with Braintree, so we never actually touch the payments,” Valenga said. “[We made that] decision so our users could trust us as a new startup for the service we’re providing.”
The payment processor, powered by Kount, applies a variety of security measures, including protecting cardholder data storage with multiple encryption keys that feature split knowledge and dual control, Carreño said.
“This data store cannot be connected to via the internet,” he said. Should the data be accessed, a “data thief would not be able to make use of information stolen from the database without also having the key.”
The company added an additional security measure by limiting the amount of data involved. The app requires very few user details: Users are only asked to provide a credit card to link to the app, their email addresses and geolocation permissions, so that local offerings can be displayed. Valenga said the goal was to get as little information as possible from the customer while still being able to provide the service.
Food for All’s unusual model means it works within constraints that other ordering apps don’t have. Restaurants are able to offer Food for All predictions about the number of surplus meals they will have left over at the end of each day, but they’re still only estimates.
As such, Food for All tries to hedge its bets. For instance, if a restaurant claims it has an average of 10 to 15 unpurchased meals left over each day, Food for All takes the lower estimate and offers 10 meals. Despite everyone’s best efforts, it’s possible that the restaurant could run out of a pre-purchased meal. In these cases, Food for All refunds the meal and also provides the customer with a $5 meal credit. Additionally, consumers can refer the app to friends and earn points that can be used for free meals.
That’s where fraud can most easily slip in. According to Carreño, the biggest fraud risk faced by the startup is dishonest users who might abuse its refund and referral programs. To prevent this, the company monitors users’ points, transaction histories and refund requests in an effort to spot suspicious activity. The platform also asks restaurants to confirm each completed transaction, which helps thwart improper refund claims. To avoid false positives, the company’s customer service team will contact customers if they are suspected of fraud.
The startup stops other sources of fraud by carefully overseeing app activities. The payment processor validates each card before it processes a transaction, ensuring that the card number is associated with a valid, open account. Carreño added that the startup also monitors and reviews customer, employee and vendor activity to safeguard against any unauthorized transactions.
By being highly cautious, the startup is building its reputation as a trusted solution and pursuing its mission to advance both food and payments security.