Tech update for convenience services: AI, contactless payments and cybercrime| NAMA 2022

Every year, it gets harder to keep up with technology updates in convenience services.

For many industry players, the pandemic put some projects on hold, but the surging interest in contactless transactions accelerated expansion of technology innovation.

Mike Kasavana introduces speakers John Hickey, Carly Furman and Paresh Patel.

An early morning session, “Trending Technologies in Convenience Services,” gave attendees a chance to unpack the key tech innovations at the National Automatic Merchandising Association show at Chicago’s McCormick Place.

“The pandemic has given us a lot of new terms, and it’s also accelerated the digital transformation of the industry,” session moderator Michael Kasavana, Ph.D., the NAMA endowed professor emeritus, observed at the outset.

The well attended session provided updates on artificial intelligence services for convenience services, contactless payments and ways to prevent the growing cybercrime threat.

AI and big data

Panelist Paresh Patel, CEO of PayRange Inc., provided an update on artificial intelligence and big data. While technology companies have introduced AI based services to help operators address some of their most time consuming tasks, such as machine menuing, Patel reminded his listeners that AI has played a role in convenience services for several years.

In its simplest terms, AI is about how a computer learns and then takes action.

The email spam filter uses AI to mark spam better over time, for example.

“It’s learning based on your behavior,” Patel said.

Vending machines have long advised customers when a spiral was not working and did not make that choice available to the next customer. That was also an early example of AI. Since then, AI services have offered more customer support benefits.

Improved customer support, merchandising

Patel has already deployed AI in his own operation to simplify customer support operations. About 45% of his company’s incoming support tickets are handled by automation.

“That takes a lot of labor off somebody individually reading those tickets and figuring out (what to do), and more importantly it improves the response time to the consumer that’s asking,” Patel said. “It can actually take action based on what’s stated in that email.”

Paresh Patel explains the numerous benefits of artificial intelligence.

Merchandising is another area where AI has offered new benefits.

“You can lift sales when you customize things one-to-one for each machine based on the location,” Patel said.

AI also brings new benefits to sales optimization and service.

“More data means better data and better processing,” he said.

When you have data, you can analyze it. For example, Patel was able to learn that 23% of PayRange app users using an operator’s machines accounted for 77% of the mobile sales.

“The systems will take the data,” he said. “The systems will then analyze the users and then create programs targeted specifically to them.”

Contactless transaction capabilities expand

Panelist Carly Furman, CEO of Nayax LLC, focused on payment technology, an area that has seen major change with the rising customer demand for contactless transactions and as card brands are mandating EMV, the industry security standard for credit, debit and near-field communication mobile payments, for unattended contactless transactions.

Furman said EMV (the acronym for Europay, Mastercard and Visa), which enables the operator to use the chip on the card as the method of transmitting the credit card securely to the payment terminal, offers operators of unattended equipment a way to boost revenue.

There are two types of EMV contactless payments: tapping an RFID enabled chip card on a machine and paying using a mobile wallet.

Operators need to be aware that not all contactless payments are EMV, Furman said. Legacy card readers can use near-field communication technology to accept magstripe (non-EMV) transactions.

“You can actually have a contactless type of experience, but not using EMV,” she said. “You’re just using the RFID capability, either your credit card or your mobile phone, but still using static information that’s on the credit card. That’s called MSD contactless.”

EMV contactless, by contrast, refers to using the secure chip in the card to create a transaction in the most secure manner.

Not all readers are upgradable from magstripe to EMV, Furman said, even if they have accepted contactless payments.

EMV needed to support continued contactless

The major credit card companies will turn off the MSD contactless acceptance in 2022. A terminal that does not have over-the-air firmware upgradable to allow it to take EMV contactless payment will not be able to take contactless payments by the end of the year. Hence, EMV is required to keep accepting contactless payments.

The issue was not material when most payments were not contactless, Furman said, but as of Q2 2021, contactless payments were about 21% of all Nayax transactions. In Q1 2022, contactless payment accounted for 35% of all transactions.

“This means that this is a requirement to be profitable,” she said.

Additionally, EMV transactions have a higher acceptance rate than magstripe transactions.

EMV supports multi-vend

Another way to boost revenue is to implement multi-vend with EMV incremental authorization.

Multi-vend with EMV incremental authorization allows consumers to select multiple products and pay simultaneously.

“This of course allows consumers to easily purchase more,” Furman said.

One sticking point in the food and beverage industry was a policy that required pre-authorization for the highest potential transaction amount in a multi-vend purchase, a hold that could take days to settle.

Card brands and processors have since made it possible for certain payment solution providers to allow a multi-vend without a large pre-authorized hold. This eliminates overdrafts of consumers’ bank accounts and the need to call customer service to resolve transaction inquiries.

“You can actually do the pre-auth for the lowest (priced) item in the machine,” Furman said.

(Editor’s note: Furman noted in a followup email with this website that Nayax is the only payment solution provider that offers this for the unattended food and beverage market.)

John Hickey offers tips on preventing cybercrime.

What about cybercrime?

Cybercrime attacks have been on the as of late, and convenience services operators have not been spared. Panelist John Hickey, co-founder of Tech2Success, addressed the importance of protecting the business from cybercrime.

One reality of business today as that many aspects of business operations are connected to the Internet.

“As your company deploys more and more connected devices, you and your team need to be really cognizant of the security that goes along with exposing your business to more connections out on the Internet,” Hickey said.

“As those connections expand, it’s not just connections from your business. You’ve got remote employees now connecting to your office from home. You have customers connecting to your network whether it be a card reader or your own phone.”

“You are the target of cybercriminals,” he said. “75% of cyber attacks are against small businesses.”

“You manage thousands of unmanned payments,” he said. “The reality is, you guys all have the money to pay a ransom to get your data back. If you have to spend $10,000 to get your data back, you’ll come up with a way to get your $10,000 to get your data back.”

A ransomware attack can cripple a business for days at a time.

Where to begin

The first thing is to have a security plan.

“Just start by doing something,” he said.

Payment technology companies are a good resource, he said, as “They work hard and take the payments security seriously.”

Technology, process and people are the pillars that will prevent cybercrime.

Employees must be trained to follow security procedures.

Assign someone to oversee security to be responsible for sharing information and keeping the team updated on security.

Most of Hickey’s suggestions were common sense ideas, but things that require consistent attention.

• Update routers when security patches are introduced. “They can’t be left out there. Then they become a target for criminals that can get in.”
• “Stop sharing passwords and logins.” Change that one password you use for everything. And make the passwords longer.
• Implement multi-factor authentication.
• Turn up spam settings.
• Implement web security on your domain name server.
• Eliminate any unnecessary software and operating systems.

If you are victimized by a cyber attack, the first step is to call for help from your IT vendor or IT staff. Then run your antivirus program, reset passwords and disconnect from the public Internet.
Then get legal advice and report the attack to the proper authorities.

Photos: Networld Media Group.