RILA comments on House Hearings on data security and consumer privacy

House Hearings Address Consumer Privacy In The Digital Age

Arlington , VA, 2017-Nov-02 — /EPR Retail News/ — In response to hearings held today (11/1/2017) in the House Financial Services and Energy and Commerce Committees focusing on data security and consumer privacy, the Retail Industry Leaders Association (RILA) issued the following statement:

“Consumer privacy and data security are top priorities for America’s retailers,”said Nicholas Ahrens, vice president of privacy and cybersecurity for RILA. “As retail and technology converge, maintaining customer trust is the bedrock of the retail business model. That’s why retailers have long advocated for federal legislation that addresses federal data security standards and data breach notice requirements.

“Today’s hearings are an encouraging sign that Congress is taking these issues seriously and working towards a solution. Retailers embrace the careful stewardship of customer data not only because maintaining customer trust is a core business imperative, but because it is the right thing to do. RILA stands ready to work with Congress to find a solution that protects consumers while providing reasonable guide rails to help businesses maintain and deepen customer trust relationships.”

RILA is the trade association of the worlds largest and most innovative retail companies. RILA members include more than 200 retailers, product manufacturers, and service suppliers, which together account for more than $1.5 trillion in annual sales, millions of American jobs, and more than 100,000 stores, manufacturing facilities, and distribution centers domestically and abroad.

Christin Fernandez
Vice President, Communications
Phone: 703-600-2039

Source: RILA

BRP new white paper provides retailers tips on how to improve payment and data security across all channels

BRP new white paper provides retailers tips on how to improve payment and data security across all channels


New Report from BRP Offers Tips for Improving Payment Security both In-Store and Online

Boston, MA, 2017-Aug-16 — /EPR Retail News/ — According to a new white paper from BRP, fraudsters have become more sophisticated and retailers need to adapt new security tactics to protect their customers’ payment card and personal data. The Payment Security Update: What’s Next After EMV white paper provides retailers practical tips on how to improve payment and data security across all channels.

“While EMV has received most of the attention in the last few years, there are several other critical security strategies that play a much greater role in protecting sensitive payment card and personal information,” said Perry Kramer, vice president and practice lead at BRP. “It is imperative that retailers have the right strategies and controls in place to thwart the ever-increasing advances made by fraudsters.”

EMV doesn’t really offer data security functionality, for that, retailers need to look to end-to-end encryption (E2EE) and tokenization. BRP’s 2017 POS/Customer Engagement Survey recently found that 68% of retailers have implemented E2EE and 48% have implemented tokenization of payment data. Increasingly, retailers realize that simply meeting PCI compliance standards is no longer sufficient to protect customer data.

“Hackers are becoming increasingly sophisticated, requiring organizations to re-analyze and revamp their current security protocols to adequately protect their customers’ payment and personal data,” said Ryan Grogman, vice president at BRP. “Retailers who have not implemented these technologies are at high risk, as the likelihood of being targeted by hackers increases every day.”

The challenge lies in deploying a comprehensive security strategy that mitigates risk, while at the same time protecting and maintaining corporate advances in unified commerce initiatives. The development of a synergistic payment security strategy is imperative, and must incorporate industry best practices in order to ensure an appropriate balance is struck between the customer experience and data security.

This white paper provides insights on the following topics:

  • Baseline Payment Security Measures
  • A Multi-Tiered Security Approach
  • The Rapid Growth of Omni-Channel Transactions’ Impact on Tokens
  • The Shift to Online Fraud
  • Increased Mobile Transactions Create Additional Security Complexities
  • Quick Wins to Beat Online Fraud
  • Quick Hit Protective Tactics

To download the complete WHITE PAPER: Payment Security Update: What’s Next After EMV?, visit:

About BRP

BRP is an innovative retail management consulting firm dedicated to providing superior service and enduring value to our clients. BRP combines its consultants’ deep retail business knowledge and cross-functional capabilities to deliver superior design and implementation of strategy, technology, and process solutions. The firm’s unique combination of industry focus, knowledge-based approach, and rapid, end-to-end solution deployment helps clients to achieve their business potential. BRP’s consulting services include:

Strategy | Business Intelligence | Business Process Optimization | Point of Sale (POS)
Mobile POS | Payment Security | E-Commerce | Store Systems and Operations | CRM
Unified Commerce | Customer Experience | Order Management | Networks
Merchandise Management | Supply Chain | Private Equity

For more information on BRP, visit

Source: BRP

RILA: the retail industry leads the efforts to enhance cyber security and data security; makes massive investment in stores

The Retail Industry Highlights Efforts To Protect Consumers, Thwart Cyber Attacks

Arlington, VA, 2015-4-22 — /EPR Retail News/ — Over the past year the retail industry has led efforts to enhance cyber security and data security, starting with a massive investment in our stores.​
​​Retailers Are Investing $8.65 Billion To Upgrade Payment Terminals. New technology about to be deployed by credit card companies will require U.S. consumers to carry a new kind of card and retailers across the nation to upgrade payment terminals.  (“Costly Shift To New Credit Cards Won’t Fix Security Issues,” Reuters, 3/3/15)

Retailers are building cross-industry alliances to work toward solutions that thwart cyber threats.

The Retail Industry Leaders Association (RILA) Joins With Financial Services Roundtable (FSR) In An Effort To Fight Hackers. Financial Services Roundtable is joining forces with the Retail Industry Leaders Association (RILA), the American Bankers Association, the National Restaurant Association, and other trade groups to launch a new working group.  Together the industries plan to combine their brain power to fight hackers and work with Congress on any new possible laws. (“Stores, Banks Team Up To Fight Hackers,” The Hill, 2/13/14)

Retailers are leading the fight for “chip-and-PIN” technology, which is the safest technology available today to protect against data breaches and fraud.

Including A PIN Can Make A Transaction Up To 700 Percent More Secure. A 2013 study by the Federal Reserve found that using PINs in debit card transactions reduced fraud by 700 percent. (“2011 Interchange Fee Revenue, Covered Issuer Costs, And Covered Issuer And Merchant Fraud Losses Related To Debit Card Transactions,” Federal Reserve, 3/5/13)

“Chip-And-PIN” Is A Tested Technology That The U.S. Needs To Employ. When defending against cyber-attacks, there are no silver bullets.  Instead, strong defenses rely on layers of protections.  Widespread migration to Chip-and-PIN is one of those very important layers.  Working across the payments ecosystem with merchants, card networks, banks and credit unions, we hope to achieve that goal and build for a more secure future for our shared customer, the American consumer. (“Chip-And-PIN Increases Cybersecurity,” The Hill, 10/21/14)

The retail industry has been at the forefront of cybersecurity – just last month the Retail Cyber Intelligence Sharing Center (R-CISC) launched a portal to speed up its ability to spread information in the face of rapidly escalating attacks on payment and other retail data.

A Retailer’s Group Formed To Share Cyberattack And Threat Information. Along with making it easier for retailers to report threat information that they uncover, the portal will allow retailers to receive intelligence from law enforcement, government agencies and key partners.  It’s also intended to help provide security education and research offerings for retailers. (“Retail’s Cybersecurity Center Adopts Intel-Sharing Portal,” PYMNTS, 3/26/14)

Retailers are working with Congress to craft new data breach and cyber security legislation that will inform and safeguard our customers.

Retailers Are Backing Strong Federal Data Breach Legislation To Protect Consumers.When attacks on consumer information are successful and will cause economic harm, retailers believe that their customers have the right to be notified as promptly as possible.  Retailers also believe that they have an obligation to provide customers with information that is as accurate and actionable as possible so that they can take steps to protect themselves.(RILA Outlines Key Elements Of Data Breach Legislation At Congressional Hearing, 1/27/15)

Retailers Support Legislation To Strengthen Info Sharing Tools With Law Enforcement.Retailers understand that defense against cyber-attacks must be an ongoing effort, evolving to addre​ss the changing nature of the threat.  RILA is committed to working with Congress to give law enforcement and retailers the tools necessary to thwart this unprecedented attack on the U.S. economy and bring the fight to cybercriminals around the globe. (RILA Outlines Key Elements Of Data Breach Legislation At Congressional Hearing, 1/27/15)


Jason Brewer
Vice President, Communications & Advocacy
Phone: 703-600-2050