Trusting Wal-Mart to do the Right Thing

This column was written by Evan Schuman, the editor of, a site that tracks retail technology, e-commerce and security issues. Retail Realities will appear each Friday. Evan can be reached by e-mail and on Twitter.

Wal-Mart recently became the latest major retailer to experiment with self-service kiosks, selling space in 77 stores for units that buy back used video games and issue credits directly to various payment cards. But Wal-Mart isn't playing games with this trial, which has a huge potential to change how consumer information is used, how widely available consumer's private credit card data will become in addition to a host of other legal implications threatening both retailers and consumers.

The potential for a dramatic impact is based on two things. First, as the world's largest retailer, Wal-Mart's moves are always watched-- and almost always copied-by many other major retail chains. (Heck, if $375 billion in annual sales can't buy a little influence, what good is it?) On that basis alone, if Wal-Mart likes the results of this trial, you could see similar kiosks in Wal-Mart times 1,000 by next year.

The second issue is based on where Wal-Mart takes this first trial. Initially, they are rolling it out in a very limited fashion, with the kiosks having no access to the rest of Wal-Mart. If it stays that way, the impact will be minimal, beyond having a line-avoiding way to get rid of old video games. But Wal-Mart has said that it's considering allowing these machines to issue in-store gift cards. To make that happen will require Wal-Mart opening its network much more and that's where things could get dicey.

There are quite a few technical and legal issues prompted by the Wal-Mart kiosk trial that primarily impact retailers. But the key consumer issues involve perception. If two consumers walk into a Wal-Mart and see a kiosk inside that store and the kiosk has the same logo colors that Wal-Mart does, would those consumers believe that the kiosk is owned by Wal-Mart? Put more bluntly, if anything goes wrong with that transaction, ranging from monies not paid to cyber-thieves breaking in and stealing that consumer's credit card and driver's license, will they blame Wal-Mart? Should they?

In the Wal-Mart trial, the retailer is stressing that they will not own the kiosks and that, therefore, all of the liability for any problems should be borne by the vendor that does own those kiosks. Although that is a legally sound position, how will consumers feel? If they feel wronged, will they punish the retailer by shopping elsewhere? Will the nuance that the kiosk is owned by a Wal-Mart supplier be meaningful to them?

The "who owns the kiosk" issue is actually an issue of trust. Consumers tend to shop at particular retailers because they have developed some trust in that chain. They trust that the retailer will make sure that the food isn't poisoned, that the pricing on the shelf is what they'll be charged and that the store will later stand behind that purchase. That trust is crucial when it comes to payment. Many consumers will (wisely) refuse to give their credit card number and related data to a site that they've never heard of, especially if they think that it looks suspicious.

That's one of the reasons the Wal-Mart supplier wants to be situated inside a Wal-Mart, displaying the Wal-Mart colors. They want consumers to be as comfortable giving their credit card and driver's license to that machine as they would be giving those documents to a Wal-Mart cashier. But they're not and that's where things get interesting.

Beyond trusting that the kiosk owner won't try and run up bogus charges on that consumer's credit card or use their driver's license to commit crimes and that it will simply complete the transaction honorably, the consumer trusts that the information given won't be used in some unspecified manner.

Truth be told, the consumers have no such assurances of what Wal-Mart will do with that information. What if the record of what they purchased and how they paid is sold to someone else? The manufacturer of a competing product? A credit card company? For that matter, why not a realtor or someone trying to sell a car?

The vendor involved in the Wal-Mart, for example, has refused to specify how it may use the data in the future. We're seeing today quite a few companies offering what seem to be technology services-such as kiosks or coupons for mobile phones-when they are actually in the data-acquisition-and-resale business. To be fair, it's more like the data-acquisition-enhancement-and-resale business. But some retail execs haven't thought through what happens to the data about their customers after their project is done and that leaves that consumer data out there somewhere, available to the highest bidder.

Last year, for example, McDonald's wanted to do an experiment last year to see how much coffee they could sell. They set up a deal for more than 100 restaurants in the Salt Lake City region to offer free iced coffee to anyone showing a specific coupon on the screen of their mobile phone. The company that McDonald's brought it to offer the mobile coupons said they didn't have names of people who had purchased coffee, but they would blast the offer to their Salt Lake City subscribers and see what happened.

The trial went well. But all of the data was retained by the mobile coupon outfit, just as McDonald's did. Weeks later, a direct rival to McDonald's could have made the identical request but-courtesy of McDonald's' money-the competitor would be given the names of those who had already purchased coffee through their phone. As the firm does more projects, it learns more about its subscribers and can sell that information more.

This brings us back to Wal-Mart. When consumers walk up to their kiosks, are they looking at a reverse Roach Motel, where data goes in and it does come out? The only problem: nobody knows where.

By Evan Schuman
Special to