Archive for the ‘online shopping’ Category

Amazon drops $25 free shipping minimum for all US holiday shoppers

November 5th, 2018
Amazon drops $25 free shipping minimum for all US holiday shoppers

(credit: Getty Images)

Amazon's latest perk will be available not just for its Prime members but for all holiday shoppers this year. The online retailer announced that starting today, November 5, all US-based Amazon customers can get free shipping with no minimum purchase amount. While the perk lasts only for a "limited time," Amazon explains that the promotion will affect orders that arrive in time for the Christmas holiday.

Typically, Amazon imposes a $25 minimum order amount for non-Prime members to get free shipping. This promotion waives that minimum for the time being and puts Amazon in step with competitor Target, which waived its $35 order minimum and now offers free two-day shipping to all customers through December 22. Walmart, arguably Amazon's biggest competitor in the US, has kept its $35 minimum threshold for free shipping for this holiday season (so far, at least).

Amazon is trying to capture as much of the holiday shopping market as possible as it faces growing competition from the likes of Target, Walmart, and other retailers. Amazon already offers free two-day shipping to its Prime members as a standard benefit, but those customers pay $120 annually for Prime. Amazon raised the price of a Prime membership by $20 earlier this year.

Read 3 remaining paragraphs | Comments

Posted in amazon, free shipping, online shopping, target, Tech, walmart | Comments (0)

Amazon Prime members will get even deeper discounts at Whole Foods

August 25th, 2017

Enlarge (credit: Francisco Antunes)

Amazon has the official green light to go through with its acquisition of Whole Foods, and customers will soon feel the difference in their wallets. According to a press release from Amazon, the company is set to lower prices of Whole Foods items the same day that the merger closes: Monday, August 28.

“We’re determined to make healthy and organic food affordable for everyone,” Jeff Wilke, CEO of Amazon Worldwide Consumer, wrote in the release. “Everybody should be able to eat Whole Foods Market quality.”

Customers shopping at Whole Foods locations on Monday will see new, lower prices on various “grocery staples,” including organic bananas, apples, salmon, organic large brown eggs, lean ground beef, avocados, and more. Amazon didn’t detail how low those new prices would be, but any change is likely welcomed by Whole Foods customers. The store has been cheekily called “Whole Paycheck,” due to how much money one can spend on a week’s worth of groceries there.

Read 3 remaining paragraphs | Comments

Posted in amazon, Amazon Prime, Biz & IT, online shopping, whole foods | Comments (0)

Amazon made a package delivery locker specifically for apartments

July 28th, 2017

Enlarge (credit: Amazon)

If you’ve ever lived in an apartment, you know how difficult it can be to receive packages. They get lost, misplaced, or dropped in front of the wrong door all the time. Amazon wants to change this with what is, essentially, a big digital storage unit for your apartment building. Amazon Hub is a new system that’s similar to the online retailer’s locker units that safely stores packages inside locked boxes so you can retrieve your items whenever is most convenient for you by using a special unlock code.

According to the Hub webpage, it’s built for use by residents of apartment buildings and housing complexes. Indoor and outdoor “hubs” are available, depending on the layout of the apartment structure, and the physical unit starts at 6 feet wide and includes over 20 compartments. When a package is delivered, it is safely stored in a locked box. Residents use the touchscreen keypad to enter a unique code that unlocks the individual unit that contains their package. Residents can pick up packages at any time since the hub doesn’t require personnel to operate. Amazon is billing it as “self-service delivery” and a system that can benefit apartment owners by “freeing you and your staff from daily package management.”

Hubs are not exclusively for Amazon packages either. The company says any delivery service can use hubs, meaning residents could get packages from USPS, FedEx, UPS, and others delivered to the locked boxes. It’s unclear how those companies would deliver unlock codes to residents, though. Amazon would likely send residents their unlock code via e-mail or through the Amazon mobile app.

Read 2 remaining paragraphs | Comments

Posted in amazon, amazon hub, Biz & IT, online shopping, Tech | Comments (0)

Tokenization and E-commerce: The Silver Bullet We’ve Been Looking For?

September 28th, 2015

As we work with customers to help advance their anti-fraud efforts in their online channels, we’ve increasingly been asked about the impact of tokenization – will it simplify security efforts, or even make some of our existing technologies obsolete as a result of the protection it provides?

To answer these questions, we need to first clarify some implementation and use case details about tokenization. First, we should acknowledge that tokenization technology has been around for some time, and many organizations have deployed it to successfully protect payment card information, account data, personally identifiable information, and other sensitive data types. In successful implementations, tokens serve as seamless stand-ins for sensitive data they replace, reducing the potential points of exposure and rendering data useless to those who may gain unauthorized access to the tokenized data. So, broader use of tokenization should have the overall effect of reducing systemic risk associated with handing, processing, and storing sensitive data.

The more interesting new use case is the use of tokenized data to initiate transactions. In an implementation based on the EMVCo  EMV Payment Tokenisation Specification, (such as ApplePay), a Token Service Provider enrolls a particular user and provisions a token corresponding to their payment card to an e-wallet. This token can subsequently be used to initiate transactions from that wallet.

One argument has been offered that as more transactions (both card-not-present and card-present) are initiated using tokens or similar instruments, the need for many controls that protect transaction data goes away. This argument ultimately depends on a significant degree of trust in the Token Service Providers. They must be able to reliably protect the underlying sensitive data, and ensure it is only disclosed to those parties who have a legitimate need for it and not the tokenized substitute.

Another argument that has been put forth is the need for technologies such as 3-D Secure to be reduced or eliminated. This is certainly not true, in fact, cardholder authentication is even more essential in a token-driven world. First, authentication of the cardholder for provisioning of the token (i.e., ensuring that the user is the cardholder and has the right to provision a card to a wallet) is perhaps the most important step in building a chain of trust in a transaction. The EMV Specification refers to this process as Identification and Verification (ID&V). It was widely reported that fraudsters exploited weak provisioning controls during the early days of Apple Pay rollouts at some issuing banks. Second, authentication of the wallet holder as they initiate transactions with a token is also important – akin to the PIN component of a card-present EMV Chip and PIN transaction. ApplePay’s phone-based implementation relies on biometric authentication of the user, but the EMV Tokenization specification provides for data fields to pass additional ID&V information per transaction to verify the identity of the user initiating the transaction.

Finally, despite the architectural features that provide for enhanced security and authentication, we know from experience that implementations are often less than perfect and thus open to exploitation. The use of tokenization should not obviate the need for transaction monitoring for patterns of potential fraud or abuse.

Like many security technologies, tokenization can have significant benefits when implemented correctly. However, despite what some may believe, there are no silver bullets in security, and implementations will need to continue to be supported by additional layers of complementary security controls and anti-fraud solutions to ensure comprehensive protection of cardholder data and transactions.

The post Tokenization and E-commerce: The Silver Bullet We’ve Been Looking For? appeared first on Speaking of Security – The RSA Blog and Podcast.

Posted in 3-D Secure, Anti-Fraud, anti-fraud solutions, ApplePay, EMV Chip and PIN transactions, Home, ID&V, Identification and Verification, Identity, online shopping, tokenization, Tokenization and E-Commerce, transaction monitoring, transaction monitoring patterns | Comments (0)

My So-Called Digital Life

September 21st, 2015

Like most, I have a very rich and fulfilling digital life. My smart phone is at hand 24×7 and I use apps to check weather and Facebook, bank, shop, scan real estate and even tell me if I have hung a picture straight. (Alas I am not a gamer.) I also do all of these things on my laptop.

However unlike most, I work in online security. So much like Angela in the critically acclaimed, single-season teen drama “My So-Called Life,” I do have a lot of angst around my digital life. (Note: if you haven’t seen the series, it is worth seeking out. Starring a teenage, pre-Homeland Claire Danes, this is a show from the mid-90s that actually holds up.)

On one hand I do worry that app and site developers haven’t built in smart-enough security or that one of the sites that stores my credit card and/or personal information isn’t keeping up with the evolving fraud landscape. On the other I get irrationally irritated if I am asked to re-authenticate or I can’t complete a transaction with a few clicks – even though I know EXACTLY why they are asking me to do so! It’s behavior worthy of a moody 15 year old.

So what do I do? First I assume that my information has already been compromised and keep an eye on my credit card and bank statements. Once I accepted that unfortunate fact, which not incidentally coincided with my joining a cybersecurity firm, it’s a matter of simply being smart about sharing personal information online.

And I am passionate about ensuring that other consumers do the same. After all, if the internet reverts to the Wild West from a security standpoint, I won’t have access to all of the apps and sites that make my digital life so rewarding.

Online security may be the Jordan Catalano of My So-Called [Digital] Life. (Watch the series – seriously.)

There are many proactive nontraditional things consumer-facing organizations can do to better protect their customers’ digital lives. Want to know more about you can keep up with the evolving fraud landscape? RSA has been featured in the London Time’s special interest report Fighting Fraud 2015. You should also follow us on @RSAFraud to stay up to date with the latest.

The post My So-Called Digital Life appeared first on Speaking of Security – The RSA Blog and Podcast.

Posted in Anti-Fraud, Cybercrime and Fraud, My So-Called Life, online fraud, online shopping | Comments (0)