Customers’ own information in-store Freddy Moíses Brofman Epelbaum E-MBA in food and agribusiness student Royal Agricultural College Cirencester, United Kingdom +44 (0) 7870642569 [email protected] [email protected]

Luís Kluwe Aguiar Senior lecturer in Marketing and International Business Royal Agricultural College Cirencester, United Kingdom +44 (0)1285 652531 ext 2281 [email protected]

Abstract: The present paper explores the benefits to retailers and customers of RFID based loyalty programs, the privacy issues that this generates and proposes a guideline to redesign existing loyalty programs. The outlined RFID based loyalty program redesign is based on current industry examples and literature. It can be used as a starting point between the different stakeholders to tackle customers’ privacy concerns on loyalty programs and its technology.

adoption of RFID technology since it enhances the card experience to the customer. [1] RFID technology can hugely improve companies’ logistics, but customers need to realize the benefits of having RFID tags on their products in order to accept and pay for LPs service improvements. Experience from different retailers ([2], [3]) and consultations [4] shows that consumers see a benefit on the technology, but as reference [5] states, there is a long lasting trade-off between privacy and convenience augmented by technological developments. Retailers’ experience shows that, if companies do not confront the privacy concerns of customers first; deployment plans of RFID inside LP won’t gain in popularity. ([6], [7]) Moreover, if retailers want to completely reap the benefits of item level tagging, then customers must be able to see a real/tangible benefit. The present paper is structured as follows, first the benefits for retailers and customers when deploying RFID technology inside LPs is explored. Then, privacy issues that customers have with current LPs and RFID technology are summarized in order to develop a guideline for deploying RFID inside LPs, which is stated on the third section. Finally, the paper concludes.

The present paper addresses customer and retailers concerns on deploying Radio Frequency Identification (RFID) passive tags as part of loyalty programs. Its main purpose is to serve as a starting point for discussions between retailers, RFID industry members and privacy activist on how to address customers’ privacy concerns using a future technology that can bring huge benefits to retailers and consumers alike. The present paper does not analyze any technological feature of RFID technology. It assumes that RFID passive tags are going to be deployed both on item level and inside loyalty program (LP) cards. The assumptions are based on: American retailers’ mandates to use passive RFID tags on pallet and case levels, European retailers move to item level tagging for inventory management and passive RFID lowering price. LPs are key for increasing RFID technology usage. Market studies, including different card issuers – American Express, Visa and Master Card- state that LPs credit/debit cards schemes will be a driver for the

I. Retailers and consumer benefits for deploying RFID inside loyalty programs Loyalty programs are designed to increase the patronage of customer towards the retailer brand – which is the Retailers’ main concern .

1

Technological developments have made barcodes, Electronic Point of Sale payments, networks and data storage technologies more affordable and have allowed retailers to collect information on the customer in order to compete for his/her patronage. As reference [8] states during the 90’s there has been a strong competition between retailers with their loyalty schemes. The competition continues by increasing the number of brands and range of products retailers offer to customers, not only in-store, but with strategic partners as well. [9] As it can be observed on the following lines RFID is designed to help both retailers and customer inside loyalty programs for this new type of competition.

•

Share of wallet: measures the periodical percentage of disposable income spent by the customer inside the company. • Customer retention: compares against rivals, the number of customers that stayed, changed or are undecided about the brand on a periodical basis. • Customer lifetime and its value: measures the longevity of the customer and what is the value of the customer to the company In addition LPs reports are also used to report on customer behaviour: • Bathtub report: Periodically reflects how many customers are active, first shoppers, reactivated and inactive shoppers. • Recency, frequency and value report: that is an individual report on the last purchase, frequency and values of each LP customer. • Quo vadis report: reports on the periodical value to the company that retained and deflected customers represent. • New member frequency reports: reports on the activity of new customers as a comparison to other periods. • Cardholders’ summary report: Is the summary of the activity report

Benefits for retailers There are a number of reports used to ascertain customers’ loyalty – shown in Table I Measures such as: • Patronage: how much a customer favours a store over another that offers the same product. • Switching: how many products a customer bought from other stores that are offered by the company.

Table I Loyalty programs reports and RFID improvement Customer information Ratio or report

Purchase Information

Track, trace or location information

√ √ √

√√ √√ √

√ √ √ √ √ √ √ √ √

√√

Patronage ratio: Switching ratio: Budget ratio or (share of wallet): Enis-Paul index (combination of patronage, switching and share of wallet ratios) Customer retention rate Customer lifetime Customer lifetime value: The bathtub report: The Recency, Frecuency, Value report: The Quo Vadis retention report: The New Member frequency report: The Cardholders summary report: √ reflects improvement on measure of the information √√ reflects high improvement on information Source: Proposed by the author

2

√ √ √ √ √ √√

of each cardholder. As it can be observed, all these reports follow schematically customers buying behavior, processing the information and obtaining the relevant reports or measurement. LPs information technology applications have been used to create and improve these measurements, not to follow and manage people. Table I shows that RFID can improve the level of information as is more indepth. However, some reports do not need tracking and tracing information.

•

Privileges: Rewarding customers according to their commitment to the program and giving them access to places were the club has been able to negotiate a special rates. • Information: It can be as highly regarded as cash: the better the information provided back to the customer the more effective and efficient the customer decision. Some retailers use information to customize the previous three rewards according to the customer profile increasing the redemptions of the rewards and therefore increasing brand awareness. RFID helps rewards feed-back to customers, known on-line as Customer Managed Interaction (CMI); thanks to RFID this settings can be deployed instore, improving information quality. ([10], [11]) RFID impact depends on the selected LP variables. Also, customers’ wellbeing will be increased thanks to the additional rewards they will be able to get. Figure 1 shows the redesign of LP and the effects it will have on customer rewards and privacy. As it can be observed RFID brings instore information for the customer as a form of reward on all settings of LP. On customized LP programs design (the ones that accumulate rewards) RFID can improve the rewards claim. Moreover, correlation with databanks enable the customer to specify his/her agenda, preferences and immediate needs in-store, creating emotional bonds between the company brand and the customers. As reference [12] states, the means used to feed-back this new information could come as: • Special notifications that can be customized for regulars who require special services such as allergies notifications, sourcing notification of the product or anything that the customer considers relevant for his decision about a product.

Benefits for customers: LPs redesign with RFID brings considerable benefits for customers. Loyalty programs (LPs) design rests on selecting a combination of three variables of the presented above: • Anonymous or personalized: Should purchasing information be associated to a customer or just to an anonymous number. • Opt-in or automatic: Are customers going to be included in the LP immediately or they should opt-in for the service. Note that data protection acts promoted by the OECD are in favour of opt-in LPs. • Rewards on-demand or cumulative: Should the LP reward customer’s on-demand or should it accumulate the rewards for them. Cumulative rewards posses another trade-off, should they have an expiration date or should the company accumulate liabilities with customer rewards. It is worth noting that inside LPs there are four types of rewards: • Points: Earned at a flexible or variable manner that act as retribution to the customer. They represent a value implicit on the LP, if the value of the points is reduced customers tend to notice it and the credibility of the program is at stake. • Discounts: Inside retailers it implies that items have two prices: a normal price for common shoppers and a loyalty price for LP members.

3

Figure 1 Privacy implication for RFID based loyalty programs redesign Custom er Type of Type of Type of Privacy Inform ation Enrollm ent Rew ards Rew ards Com pliance Feeding Points Som e RFID and O n dem and

Opt-in Anonym ous

Inform ation is safely discarded after the purchase.

Cum ulative

Autom atic

Inform ation is stored to reward custom er

Not privacy com pliant

Inform ation

NEW

Privileges Points

Full com pliance with RFID and CRM for data m anagem ent and RFID guideline.

Discounts Inform ation

NEW

Privileges

O n dem and Opt-in

CRM principles for data m anagem ent principles and RFID guideline.

Discounts

Inform ation is safely discarded after the purchase.

Points

Full com pliance with RFID and CRM for data m anagem ent and RFID guideline.

Discounts Inform ation

NEW

Privileges

Personalized

Cum ulative ce an

Discounts

d

Points nh

Inform ation is stored to reward custom er

E

Autom atic Not privacy com pliant

Inform ation Privileges

Full com pliance with RFID and CRM for data m anagem ent and RFID guideline.

Source: Proposed by the author

•

Bill of material for personal use, with promotions that RFID can provide according to the actual purchase of the customer, found on the trolley or basket. • Product information when a product is chosen, the customer can be prompted with product information and history in order to give a chance for the customer to learn more and better combine his/her purchase. The ability to give information back to the customer increases the expected outcome of the purchase decision and will increase customers’ well-being. Figure 1 also shows that LPs have to comply with privacy set-ups already designed for RFID and Customer Relationship Management (CRM) applications comprehended under current OECD data management principles and a proposed privacy guideline for LPs developed on further sections.

privacy in current marketing applications. As reference [5] stated back in 1890 this is a common trade-off between privacy and convenience. CRM applications, if deployed ethically, can have important benefits to customer who in –return increase the patronage of a brand. ([8], [9]) Some of the criticism against RFID within LP are based on claims that already exist against barcode or swipe-cards LPs; Others are based on the physical properties of RFID Current loyalty programs privacy issues The main criticism against current swipe cards and barcodes LPs can be divided in two: in-store and out-store. In-store privacy issues Some retailers’ practices up until now have not used customers’ data to it’s full potential and moreover they allowed customers’ data being passed onto third parties. Bad practices have created a bridge in customers’ trust and therefore privacy concerns on LPs, these practices can be summarized as follows:

II.Loyalty programs privacy issues Reference [13] developed a series of criticisms to LPs and RFID based LPs claiming that there is a constant loss of

4

•

Issuing Identifying card a practice required by all loyalty programs. • Not customizing the reward has led to an increasing number of customers observed to complain that the rewards they receive “are useless”. • Rewarding with discounts that rivals can match without a LP is seen as an unethical practice of Loyalty programs. • Not clearly stating or enforcing the purpose of the collected data • In some cases allowing unauthorized personnel to access the data • Correlating databases with other companies’ data to profile the customer: • Bad practices in safeguarding data, either voluntarily or involuntarily Out-store privacy issues Relates to the external practices some retailers have in place to share the data. It must be understood that this also refers to legal organization trying to get hold to the data. Out-store practices both by retailers and other organizations have created public awareness on the value of their information and privacy. Examples of such practices are: • Using the information in court, Practiced mainly by American retailers • Sharing the information with health organizations: for example: Public organizations such as Great Britain’s’ attempt to study the consequences of GMO on shoppers’ health. [14] Health insurance organizations who need certain information in order to work out the premium to be charged to the customers. • Using for law-enforcement: Some law-enforcement organisations have tried to get hold of the information already gathered by retailers. Companies with the best guarded Loyalty Programs have kept customers’ private information from other organizations ([8], [9]).

Both in-store and out-store practises refer to the data provided by the customer to the company. Regulation in place to protect the data can be summarized on the OECD data management principles. RFID loyalty programs issues. The privacy issues that RFID brings to a retailer are not only on the database safeguards only, but on the physical property of the tags inside products and cards as well. Again we can classify these issues as in-store privacy issues and out-store privacy issues In-store privacy issues Relate to all application were RFID can be used to increase customer service: • Identification tracking: Privacy activists argue that RFID exposes peoples’ identity and their buying behaviour. It is not stated that retailers have tried to keep the identification on the loyalty cards to a minimum. • Universal numbering: concerns arise as every product could be correlated to every consumer inside store and outside store, were this settings would be for life. • Dynamic pricing: referring to RFID’s applicability to retransmit a designated price according to the customer profile to electronic shelves. [12] • Bill of materials: Privacy activist state that RFID can be used to increase customer products surveillance in real time, providing bills of materials is an example of this. • In-store surveillance: The last related issue is the in-store tracking capacity of customers inside the store. All these concerns are based on the fact that RFID LPs will be used to identify the customer, eliminating the anonymity option they currently have when they decide not to provide their loyalty card at the checkout counter. Issuing loyalty cards with signal distorting wallets (Faraday cages) is a good solution in order to leave the decision to be identified in the customers’ hands

5

Out-store privacy issues There are two out-store concerns on RFID loyalty programs: • The fear of trusted companies monitoring individuals out-side the store. • The possibility of indirect monitoring by third parties. These claims are unfounded: • In order to be cost effective passive RFID tags do not contain information about the individual or the object. • The farthest distance required to read a passive tag is 3 meters in the best case scenario. Reference [15] and other authors state that this last physical property of passive RFID tags makes them privacy friendly, yet as reference [4] shows the public is still uncomfortable with this solution. Therefore, in order to increase awareness, privacy activist have created a number of Orwellian scenarios based on future RFID applications: • Payment tracking: RFID is claimed to make payments unsafe as radio frequency could be “captured” by others in order to get insight on how much customers spend at a particular store. • Marketing concerns: o House tracking: This has created the fear that companies will monitor all the consumption habits of customers whilst on their premises. o Pharmaceutical tracking: The fear that Pharmaceuticals companies will track the consumption of drugs of any household. • Outsider-marketers surveillance: Marketing companies will “eavesdrop” on people to develop competitive promotions according to the customers’ belongings. • Villains’ convenience: RFID will ultimately make villains life easier as their prey can be located easily. Ultimately, the greatest fear is that RFID will create a virtual world since objects and people will be linked to

databases. Humans will exist in a physical and a virtual world. All these concerns are related to the loss of privacy customers may face, the solutions proposed are allowing the customers to decide whether to kill the tag, reduce the tags reading range or leaving the tag active. An even better solution, as Reference [11] states, is to modify and constantly communicate retailers’ privacy policy so that customers can appreciate the benefits from RFID based loyalty programs. Retailing companies that address and enforce customers privacy concerns through their privacy policies will ultimately benefit from RFID tagging. III.RFID guideline for Loyalty programs The double existence of RFID technology, both virtually and physically, has created a number of principles on how to deploy RFID inside different business areas. For RFID based Loyalty Programs (RFIDLPs) a proposed guideline is stated below: 1. Customers should be able to realise the benefits of the system. 2. The loyalty program provider should comply with data regulations in place for each country. 3. A person has the right to know when, where and why RFID tags are being read. 4. RFID tags either on loyalty cards or products should not store personal data, they should store numbers. 5. Customers should be provided with the necessary means to alter the read range or deactivate tags from products and cover cards from being read when they choose to do so. 6. Customers should have the right to use services without RFID enabled loyalty cards. 7. Customers should have the right to disclose their information in public when desired. Principle 1 relates to the customers’ understanding of the loyalty programs, principles 2 to 4 relate to the

6

company manages its own numbering scheme, like code 128 nowadays.

customers’ option to safeguard their privacy and principles 5 to 7 outlines the customers’ choice on LPs.

Principle 5: Customers should be provided with the necessary means to alter the read-range or deactivate tags from products and cover cards from being read when they choose to do so. Even though the last option gives responsibilities to the individual, it also keeps his/her information from others reading it and keeps the information sharing decision to the individual.

Principle number 1: Customers should be able to realise the benefits of the system. Rewards, a clear purpose and openness of the system has been used to attract customer to loyalty programs, this is not enough. Customers need to realize that the RFID system will help them make more educated buying decisions and therefore increase their comfort and well-being. Once all the benefits are understood by the customer the company must assure the customer privacy.

Principle 6: Customers should have the right to use services without RFID enabled loyalty cards. Ultimately when a customer desires he/she should be able to use the service without RFID enabled loyalty cards.

Principle 2: The loyalty program provider should comply with data regulations in place for each country. Data protection acts have been developed on country, continental and world organizations settings in order to protect customers’ data. Retailers’ must re-assure the commitment to these regulations and germinate this respect within the lawmaking agencies both on their homecountries and internationally.

Principle 7: Customers should have the right to disclose their information in public when desired. With RFID a company can retrieve the information in-store or on-line. Individuals should choose to disclose the information whenever desired and should be able to modify or rank it in a secure manner.

Principle number 3: A person has the right to know when, where and why RFID tags are being read. Clearly signalizing the places, times and reasons where loyalty cards and products are being associated has to be communicated to the customer in order to keep the system as open as possible.

IV.Conclusions The present paper explores the use of RFID technology within retailers Loyalty programs. Even though more study is required, it is clear that the customers who want to benefit from the new system are enabled to do so improving their comfort and well-being. The constant trade-off between privacy and convenience is reinforced by the technology. Therefore a guideline for deploying the technology on loyalty programs is proposed. The proposed guideline takes into account the current privacy concerns and future privacy concerns of customers. The guideline must be submitted to close scrutiny by retailing organizations, RFID industry and privacy activist as to determine its usefulness. Retailing companies will benefit from the technology, especially if the

Principle number 4: RFID tags either on loyalty cards or products should not store personal data, they should store numbers. Because “eavesdroppers”, either with criminal intentions or working for marketing firms, can read RFID from a close distance. Customers should be assured that neither personal nor proprietary data will be possible to read from the tag and system. The proposed numbering format world-wide is the EPCTM. For Loyalty cards, it would be preferable if each

7

customers implement RFID into their daily life. Retailers willing to deploy RFID based loyalty programs have to reinforce customers’ knowledge of the privacy policy in order to approach and gain the customer trust. More research on the area is needed as to corroborate the conclusions presented here.

torio/7/documentos/palestrawatson_p rograma.pdf [date accessed 31/01/2007] [11] Brofman F. (2007) “Radio frequency identification (RFID) and loyalty programs: How to address consumers’ privacy concerns (Based on TESCO Plc loyalty program” [Forthcoming E-MBA dissertation, Royal Agricultural College] [12] Brofman F. & Aguiar L. (2006) “Customers’ benefits inside the retail store with RFID technology” RFIDjournal Available from: http://www.rfidjournal.com/whitepape rs/6 [date accessed 31/01/2007] [13] Albrecht K. (2005) “Spychips” First edition. Nelson Current. [14] Albrecht K. (2003) “Supermarkets cards: the tip of the retail surveillance iceberg” Denver university law review. Vol 79 (number 4): 534-565 [15] Langheinrich(2007) “RFID and Privacy” In: Milan Petkovic, Willem Jonker (Eds.): Security, Privacy, and Trust in Modern Data Management. Springer.

V.References [1] O’connor, K (2006) “Retailers likely to wed RFID to loyalty” RFIDjournal. Available from: http://www.rfidjournal.com [2] Wolfram G. (2004) “Metro future store” Conference speech RFID Journal Live 2004. Available from: http://www.rfidjournal.com [date accessed 31/1/2007] [3]Dillman L. (2003) “Wall-mart spell out RFID Vision” Retail Systems 2003/VICS Collaborative Commerce event. Available from: http://www.rfidjournal.com [date accessed 31/1/2007] [4] Reding, V. (2006) “Keynote Presentation: The Need for an RFID Policy in Europe” EU RFID conference 2006 heading for the future. Available from: http://www.rfidconsultation.eu/ [date accessed 31/01/2007] [5] Warren and Brandeis (1890) “The right to privacy” Harvard Law Review. Vol. IV (number 5) [6]CASPIAN (2004) “The Metro extra “future store”” CASPAIN available from: http://www.spychips.com/metro/over view.html [date accessed 31/01/2007] [7] CASPIAN (2006) “Tell Levi Strauss What You Think about RFID” CASPAIN available from: http://www.spychips.com/blog/2006/0 4/tell_levi_strauss_what_you_thi.html [date accessed 31/01/2007] [8] McGoldrick P. (2002) “Retail Marketing” Second edition. McGrawHill Education [9] Humby C., Hunt T., Phillips T. (2007) “Scoring Points” Second Edition. Kogan Page. [10] Watson R., Piccoli G., Brohman K. Parasuraman A. (2005) FIA. Available from: http://www.fia.com.br/portalfia/reposi

8