Passport? Money? Sun hat? Semi-skimmed milk?

Tesco's bold move into rolling out virtual shops as part of a two week trial at Gatwick Airport is, in many ways, rather innovative. Not for the technology – this sort of thing is the backbone of Japanese vending machine culture and has already been successful for Tesco itself in Korea and Covent Garden, as well as for Ocado in London last summer and Birmingham this –  but more for the it's boldness as an off-the-wall ad campaign for its multichannel (or should that now be ‘omni-channel’?) offering in general and it's grocery app in particular.

As our story this week reveals, Tesco has installed ten interactive screens the size of vending machines in Gatwick's North Terminal with the top line mission of getting consumers who are about to jet off on their holidays to pre-order their victuals – bread, milk, cheese, olive oil, wine; to name but a few of the 80 items on offer – so that they can be delivered just after the happy holiday makers step through the door of their house all tanned and relaxed. (WARNING: this is assuming that French air traffic controllers don't unleash sudden industrial action as you wait to board your homeward bound Airbus and you sit in Alicante knowing that your groceries are rotting on your doorstep or have been taken back to the warehouse.)

But joking aside, really what these virtual shops do is advertise in a very large and shiny way that if you download the Tesco app onto your smartphone you can do your shopping where ever you may roam. But is it such a great idea? For starters, if I had battled my way through security and was finally in the departure lounge waiting to jet off to the sun, the last thing it'd want to do is my shopping.

But, I may be prompted to do it the day before I head home using the app from the comfort of my sun lounger, hotel wifi permitting. I may also be reminded that I have the app and I might just start doing my shopping from it again. So perhaps the mega-omni-retailer is on to something.

But what's in it for Tesco? The retailer is adamant that multichannel retailing — or “offering the consumer as many easy and convenient ways to shop at Tesco as possible”, in the company's own parlance – is its future. But not at the expense of pushing people from one channel to another, but in being so convenient that new people start to use its channels.

And this is really the driver behind the trial at Gatwick. It lets Tesco push new people to its app, get existing app users to reignite their usage (and perhaps this time stay sticky – which is crucial: as revealed in the news below, according to comScore only one in eight European smartphone users have bought anything through their smartphone). The services could also make loyal Tesco mobile and online shoppers feel even more warm and fuzzy toward their favourite supermarket.

But it also serves another even more useful purpose for Tesco: it lets the company see whether consumers will shop using these virtual shop fronts as part of the shopping mix. If they do then the company will no doubt roll them out elsewhere at travel hubs and all sorts of other places, including perhaps their own storefronts (for the gentleman shoppers amongst us – they may even think of putting them in pubs, at football grounds or even the bookies). It is in essence a proof of concept of something that could either cut Tesco’s store costs or extend the reach of the company to many, many, many new locations and tap into a whole new way of shopping.

I went to the launch of the service at Gatwick and have no idea if I had just seen a really expensive but cool ad campaign for an app, or the future of shopping? Even if the former is the case, and given that Webcredible has found that UK consumers only use an average of four apps regularly – and they are the four they consider most useful, as our story below shows – getting consumers to include Tesco’s grocery app as one of these ‘can’t live without’ apps is probably worth this sort of elaborate marketing. And who knows, it may even actually fulfil a consumer demand, I just can’t tell. Perhaps I need to jet off to a beach somewhere and think about it?

Lessons Learned from Mat Honan’s Epic Hacking

by Rob Sobers

“ Password-based security mechanisms — which can be cracked, reset, and socially engineered — no longer suffice in the era of cloud computing.”

If you haven’t read Gizmodo writer Mat Honan’s gut-wrenching play-by-play of how his entire digital life was evaporated in the matter of hours, do yourself a favor and Instapaper it. Or, if you’re too busy to read the whole article, I’ve created a quick-and-dirty summary that retraces the hacker’s steps and highlights some steps we can take to protect ourselves from similar attacks.

How It Happened

1.) Hacker targets @mat via Twitter

2.) Hacker browses to @mat’s personal website, which is linked from his Twitter profile

3.) Hacker sees @mat’s Gmail address on his website

4.) Hacker tries to login to Gmail using @mat’s (knowing he won’t get in)

Hmm, if the hacker can’t break into @mat’s Gmail account, why is this important?

When you tell Gmail that you’ve lost your password, it responds by showing you the partially obscured alternate email address it has on file for account recovery.

This is a big hole. Why? Because m***n@me.com was enough information to know which service to attack next – iCloud, which, as you’ll see in a minute, is extremely vulnerable to social engineering.

It’s worth noting that, as @mat mentions in Wired, if Gmail’s two-factor authentication was enabled, the nightmare ends here. Hopefully Google will figure out a better mechanism for securing your alternate email account other than blanking out a few characters (a security question would be a good start!).

Email is the skeleton key to your online identity since so many services reset your account via a confirmation link sent to your email address. Guard it well.

How can you protect your Gmail account?

Go enable two-factor authentication for your gmail account…now! Jeff Atwood wrote an excellent tutorial for Gmail in his Make Your Email Hacker Proof post and Matt Cutts posted a video today.

5.) Hacker obtains @mat’s billing address by doing a simple WHOIS lookup on his website’s domain name

I can’t really ding @mat here since, as he points out, most peoples’ billing addresses are obtainable via WhitePages or a similar service unless you’re unlisted, which isn’t a bad idea. If you own a domain name, think about paying the extra $20/year for private registration.

6.) Hacker obtains last 4 digits of @mat’s credit card

Why was the hacker after the last 4 digits? Because this was the last piece of the iCloud-cracking puzzle. In order to verify your identity, AppleCare phone support requires: 1) name, 2) email, 3) billing address, and 4) the last 4 digits of the credit card on file. The hacker already had 3 of the 4.

Where might someone’s credit card number be stored? Amazon!

The hacker (correctly) assumed that @mat had an Amazon account that used one of his two known email addresses as the account name. But how did the hacker gain access? Hint: he didn’t crack the password. He used social engineering.

The hacker placed a call to Amazon tech support claiming to be @mat. He provided his name, address, and email (yikes!), and then asked the tech support rep to add a new credit card number to the account. Then he hung up the phone and waited.

Later, the hacker placed a subsequent call to Amazon saying he lost access to his account. Upon providing name, address, and the newly added fake credit card number, Amazon support let the hacker add a new email address to the account (e.g.,hacker@danger.com).

Game over.

The hacker could now click “forgot password” on the Amazon login page and the subsequent password reset email would go tohacker@danger.com instead of @mat’s real email address. Having reset the password, the hacker then logged into the Amazon account and nabbed the last 4 digits of the real credit card on file.

@mat notes:

“And it’s also worth noting that one wouldn’t have to call Amazon to pull this off. Your pizza guy could do the same thing, for example. If you have an AppleID, every time you call Pizza Hut, you’re giving the 16-year-old on the other end of the line all he needs to take over your entire digital life.”

How can you protect your Amazon account?

Until Amazon rethinks their identity verification process, the only way to protect against this social engineering hack is to delete any credit card data you have on file with Amazon. Yes, it’s painful to have to enter your credit card information every time you place an order, but is it as painful as having your digital identity stolen?

Let’s recap: Hacker grabs public information: name, gmail address, billing address. Gmail’s login system reveals that @mat has an AppeID (m***n@me.com). The hacker knows that in order to own that AppleID the only missing piece is the last 4 digits of @mat’s credit card, which can be socially engineered from Amazon support. Whew.

Still with me? Good. Here’s where it gets really ugly.

7.) Hacker calls AppleCare with the information required to infiltrate an iCloud account: name (public), email (public), billing address (public) and last 4 digits of a credit card (virtually public).

How can you protect your AppleID?

Apple requires you to have a credit card on file if you want to use iTunes and the App Store, so deleting your credit card data might not be a viable option. However, you could dedicate a single purpose credit card for Apple. If the card @mat stored with Amazon didn’t match the card stored with Apple, the attack would have stopped here. Regardless, Apple needs to seriously rethink their identity verification process.

8.) Hacker remote wipes @mat’s iPhone, iPad and Macbook Pro

There are more security steps involved to opt into a MailChimp newsletter than to remotely decimate an entire laptop. The way iCloud’s remote wipe process was designed leads me to believe they didn’t even think through the possibility that an iCloud account could be hacked.

How can you protect your data?

Backup your data. No excuses. Have multiple backups and test your restores. You can get a 2TB external hard drive for $120 on (wait for it…) Amazon, and online backup services are a few bucks a month for unlimited data. (Anecdotally, the only hard drive failure I ever experienced was 1 day after my very first online backup completed. Most people aren’t so lucky.)

So many systems are interconnected in the cloud making things more convenient than ever before, but we have to realize that this same interconnectedness makes security exponentially harder. Passwords are no longer good enough—not for the important stuff. If Apple, Amazon, and (too a much lesser extent) Google—companies with a combined market cap of 900B—can’t get security right, what are the lesser known providers doing?

www.varonis.com

txt? 2right m8 :-)

It is very interesting that text is still very much on the agenda when consumers are asked as to what they want to do with mobile technology. According to Ofcom’s latest study of consumer’s ‘digital’ habits, the regulator found that the average UK consumer now sends 50 texts per week – which has more than doubled in four years – with over 150 billion text messages sent in 2011.

Almost another ninety minutes per week is spent accessing social networking sites and e-mail, or using a mobile to access the internet, while for the first time ever fewer phone calls are being made on both fixed and mobile phones.

Teenagers and young adults are leading these changes, increasingly socialising with friends and family online and through text messages despite saying they prefer to talk face to face.

According to Ofcom’s Communications Market Report 2012, 96% of 16-24s are using some form of text based application on a daily basis to communicate with friends and family; with 90% using texts and nearly three quarters (73%) using social networking sites.

By comparison, talking on the phone is less popular among this younger age group, with 67% making mobile phone calls on a daily basis, and only 63% talking face to face.

The report shows that traditional forms of communications are declining in popularity, with the overall time spent on the phone falling by 5% in 2011. This reflects a 10% fall in the volume of calls from landlines, and for the first time ever, a fall in the volume of mobile calls (by just over 1%) in 2011.

These changes in communication habits reflect the rapid increase in ownership of internet-connected devices, such as tablets and smartphones – making access to web-based communications easier.

This shift away from calling marks a significant move in the world of communications. The dream of voice transmission over vast distances has been supplanted by the written word. As our feature this month points out, messaging of all sorts is very much the way the kids (and some adults) like to correspond, be that social, IM, BBM, whatsapp or good ole text.

And that plays very much to the strengths of telemedia, which while its pedigree is in voice calls, has over the past decade harnessed the power of text. And this is something that is set to be a key theme at the forthcoming WORLD TELEMEDIA show in Marbella on 17-19 October. While the show aims to look at the business opportunities around interactive media, marketing, commerce and retail (as well as the latest developments within the telemedia business itself), text is, I suspect, going to feature quite highly.

There is a lot of really cool smartphone and tablet technology out there, but text works and it works for everyone. While judging several categories of the Meffy Awards this month, the role of simple text services to enable m-commerce for the vast majority of people has become clear. I can’t give away any of the details, but I have been surprised at how a lot of the innovation and moreover the successful services entered into the awards this year have used text to let the widest possible number of consumers into the m-commerce world.

This is vital. M-commerce has huge potential to shake up the way all businesses operate, but to do so it has to reach the most people out there and text really does offer that reach. Engaging everyone is becoming the theme of the m-commerce space and WORLD TELEMEDIA MARBELLA is going to showcase how this can be achieved – and point to how sometimes it's the innovative use of existing technology that really holds the key to opening up new markets.

Sign up for WORLD TELEMEDIA here

Messages very much not in a bottle

Last week, Ofcom released its report into how people use all things digital and revealed that in the UK consumers use text, mobile email and social networks more than they make phone calls to keep in touch with friends and family. In fact, only 47% use voice calls on the mobiles.

The average UK consumer now sends 50 texts per week – which has more than doubled in four years – with over 150 billion text messages sent in 2011. Almost another ninety minutes per week is spent accessing social networking sites and e-mail, or using a mobile to access the internet, while for the first time ever fewer phone calls are being made on both fixed and mobile phones.

Teenagers and young adults are leading these changes, increasingly socialising with friends and family online and through text messages despite saying they prefer to talk face to face.

According to Ofcom’s Communications Market Report 2012, 96% of 16-24s are using some form of text based application on a daily basis to communicate with friends and family; with 90% using texts and nearly three quarters (73%) using social networking sites.

By comparison, talking on the phone is less popular among this younger age group, with 67% making mobile phone calls on a daily basis, and only 63% talking face to face.

The report shows that traditional forms of communications are declining in popularity, with the overall time spent on the phone falling by 5% in 2011. This reflects a 10% fall in the volume of calls from landlines, and for the first time ever, a fall in the volume of mobile calls (by just over 1%) in 2011.

These changes in communication habits reflect the rapid increase in ownership of internet-connected devices, such as tablets and smartphones – making access to web-based communications easier.

To anyone who has wondered around any town or city in the UK this can come as no real surprise. Most people I know now only communicate with me via social media (are they trying to tell me something?) and I use text pretty much all the time (and by that I also mean iOS IM, whatsapp and so on…) to keep in touch and make arrangements with family, friends and loved ones. In fact it is only really my cat that I actually talk to these days, purely because he insists on using BBM and I’m on iPhone.

But this shift to messaging rather than talking is a boon to the industry – and presents a massive opportunity. Consumers are increasingly engaged now with social and messaging via mobile and in many ways treat these very differently to how they treated voice calls in the past: there is a certain degree of laissez faire around what they will and won’t share.

This provides a great opportunity to communicate in a much more engaged and personal way as a business and, with a few simple rules of thumb, is set to revolutionise marketing and customer engagement.

But it isn’t happening. Textlocal, the UK’s leading business mobile messaging company, states that there is still work to be done to educate businesses to communicate with their audiences in this way.

Alastair Shortland CEO of Textlocal explains: “Our own research indicates that many businesses are aware of mobile messaging, but there are still some who are yet to tap into the full potential of how powerful it can be as a business driver. We know that, whether businesses have a mobile strategy or not, there will always be a place for opt-in bulk SMS within the marketing mix, as a personal communication tool, sales or promotion tool or simply to send alerts and updates. Texting leads the way in fast, low-cost, direct conversations with consumers.”

Textlocal believe that mobile messaging is based on trust and permission. Their online system ‘Messenger’ enables any businesses to grow opt-in lists of customer data and intelligence and to text from PC, targeted communications directly the palms of customer’s hands. This powerful blend of design, usability and technology has been commended for being cost-effective, quick and proven to deliver results.

The fact that Ofcom have reported that text is on the rise, suggests that people want to communicate on the fly. Smart businesses give the customers what they want, while Textlocal provide those businesses with the tools to reach thousands of people instantly from one central place, managing responses and opening up long-term conversations and relationships. After all, isn’t texting about convenience, speed and that personal touch that no other medium offers?

READ MORE ABOUT THE IMPACT OF MESSAGING IN TELEMEDIA MONTH ONLINE FROM 31 JULY

PRS booming, but bad news for networks

What did the O2 customer say to his friend? Nothing. Hopefully its a happy Friday for all you O2 users who lost connectivity this week. Hopefully everyone is back on line. What it shows is how reliant we are on mobile networks for our everyday lives. It also doesn’t bode well for O2’s much trumped 4G roll out. The outage comes hot on the heals of a nine hour breakdown of Orange France’s network in France last week. Ho hum.

Askar Sheibani, CEO of IT and telecoms repair company, Comtek, sums it up well: “O2 has failed to deliver a basic service to its customers in the past few no basic call connectivity nor the ability to send text messages. To have an entire network down is a poor show for the company, and does not bode well for an operator who plans to deliver 4G services in a year’s time. Mobile phones are an increasingly essential part of day-to-day life for consumers and businesses alike, and incidents such as this are simply un-acceptable.  This failure to deliver basic 2G and 3G services, indicates that O2 may have taken its eye off the ball – ignoring the maintenance of its existing service in the rush to deliver 4G.

“For too many businesses, simple practices such as repairing and maintaining existing technology gets overlooked, in favour of newer fads.  Unfortunately this ‘throw-away’ culture is not just wasteful and inefficient, but it is also detrimental to the service the consumer receives – as O2 customers have witnessed in the past 24 hours. Investing in innovation and developing new technologies is, of course, worthwhile; but it is absolutely paramount that companies continue to deliver the level of service which existing customers are paying for and relying upon.  Whilst O2 has paid the price this time round, other network providers following a similar path would do well to take heed of the warning signs, and ensure their existing infrastructure is up to scratch.”

Quite. Take note network operators.

But while this is bad news for MNOs, there is better news, however, for the premium rate industry with PhonePay Plus finding that the UK is the hub of the international PRS business, with consumers spending more per head on such services than anywhere else and with many international companies basing themselves here in the UK.

PhonepayPlus’ annual market review – Current & Future Market for PRS 2011 – published this week underlines how sophisticated and successful the UK PRS sector has become.

In its Annual Report 2011/12, PhonepayPlus, UK regulator of PRS, reveals figures for the first ever PRS industry-wide Registration Scheme. Out of almost 4,000 registered providers, 14% have headquarters located overseas, with providers based in 75 countries including Australia, Russia, China, India, Nigeria, Argentina and the USA.

The attractiveness of the UK PRS market for international providers and investment is underlined by research published in 2011 by PhonepayPlus that shows while the average global PRS revenue per capita (based on 20 bench-marked countries) was 4.57USD, in the UK it is 18.70USD. PhonepayPlus’ annual market review, Current & Future Market for PRS 2011, shows that some providers are capitalising on the ‘borderless’ reach of global sites, such as Facebook, by facilitating mobile payments across a range of international markets. In addition, many UK mobile aggregators are now part of international consortia.

And this is not only good news for the telemedia industry, but shows that there is still a great role for PRS to play in consumer’s everyday lives. While the usual premium rate services continue to generate revenues, the growth in digital interaction, entertainment, commerce and retail are all set to drive even more growth in the PRS sector – if we get it right. The borderless nature of mobile payments on sites such as Facebook and other social media is also offering a great and growing opportunity, especially for the youth market.

This growth in spending via global social media sites and the like is seeing mobile payments boom much as online payment tools – and later mobile pSMS did – around online adult services.

But today the opportunity is very much in the global mainstream and, as such, offers a vast potential revenue source. Using mobile as an easy way for the unbanked to buy through social sites – and commerce sites – quickly and easily is one opportunity. Extending this to more traditional retail is very encouraging.

There is no shortage of mobile payment offerings around, but this increasing keenness among consumers to use PRS for digital and entertainment services offers a huge advantage for retail and commerce. While no one technology for mobile payments has moved into poll position, PRS continues to be grow, as witnesses by the PPP study.

And this is something to rejoice. While PRS revenues always go up during a downturn – driven by the desire to be entertained out of the prevailing gloom, but not wanting to spend too much money – the growing use of PRS to pay for everything from entertainment to media, to goods and services, through social media or through ‘normal’ sites shows that the growth is something much more organic and needs to be capitalized on. So, tell your friends in the industry (except those on O2, they won’t get the call or the text) and we can see these PRS figures rise further still.

But with this good news come some words of caution. While an increasingly globalised and digitised mobile market place opens up new opportunities for business, consumers and the UK digital economy, it also poses new challenges for regulation that has to operate across borders. In December 2011, PhonepayPlus launched an investigation into the operation in the UK market of a particular premium rate malware that was active in 18 countries. The regulator subsequently took robust action to ensure that the malware could no longer operate through a premium rate mechanism and that those responsible for the fraud did not profit from UK consumers.

With an increasingly globalised digital market place comes the increased potential for fraud that operates across borders and in a number of countries simultaneously. Acting to understand and pre-empt such activity, PhonepayPlus will lead discussion about regulation in international markets when it hosts a summit of international regulators in October 2012.

Paul Whiteing, PhonepayPlus’ Chief Executive, says: “When we look at the map of PRS providers active in the UK market, we see a picture of a market that is increasingly global. However, this is a picture still in formation and the opportunities for the UK to lead the way in m-commerce and digital micropayments, such as PRS, are significant. To realise this potential, we need to ensure regulation remains fit for purpose, allowing business innovation to flourish while robustly protecting consumers. We need to do this with an eye, not just to the domestic market, but to a digital economy that is global and indifferent towards state borders.”

UK consumers lead the way in smartphone use, but SMEs getting left behind in capitalising on this

The UK is the most advanced nation in world at using smartphones, using it for everything from keeping in touch with family to doing sophisticated price comparisons and buying things when in shops, finds a study by Ghent-based analysts InSites Consulting. And UK consumers are increasingly adept at using their mobiles while doing other things: 68% use their smartphone while shopping, 48% while watching TV and 34% while sitting on the toilet.

The UK leads the pack with 89% of smartphone owners having a data connection (though it does beg the question, what are the other 11% doing with a smartphone?) and this makes the UK the most mature and sophisticated mobile market assessed by InSite.

Elias Veris, Mobile expert at InSites Consulting explains: “Although on the European mainland the Netherlands are often seen as thé example for smartphone usage, we see that on the mobile front the UK is even more advanced. This is reflected in the number of data connections, but also in the fact that the US and the UK make more use of options such as in-store searching for the competitors’ pricing.”

Staying in touch with friends and family is the traditional motive for using a mobile phone (74%). Those remain the main motives for smartphone users, which is also reflected in the high level of usage of social media applications. Added to that are 2 more typical usage motives: first of all 64% of smartphone users admit that a motive is making one’s life easier by having access to information (e.g. online, but also by constantly having access to one’s agenda); and the second motive is entertainment, e.g. at moment when one is waiting for something.

All this – well maybe not the toilet part – shows what a huge opportunity for any business mobile actually is. The fact that using mobile while shopping comes out so high, shows that mobile commerce, and mobile retail in particular, have really grasped the public’s imagination and, with 64% saying they use a phone for all these data apps because it makes their lives easier, it is surprising that more isn’t done to tap into the market.

Another study, by MoPowered, finds that 89% of small retailers really want to get going with mobile to sate this growing need, yet only a quarter of them have done anything about it. Why? Well they are stymied by the lack of knowledge and information around how to actually do it.

While this pertains purely to the retail sector, I think the lessons can be extrapolated back into any vertical market. While the big players get it – and have pockets deep enough to try it and sometimes get it wrong – smaller businesses, which make up the vast majority of commercial organisations, can’t take that risk. And while they are in the dark about how to do it, they are losing business and pissing off all those consumers who want to buy and interact with them (though pissing the ones off that are sitting on the bog is probably not such a big deal, they are after all ideally placed to be pissed off, if I may be so crude).

What the InSite study reveals is that consumers want an easy life, and want to be entertained while they are doing other things. Of course, the telemedia industry – and telemedia-news and all our products – have long recognised this and we spend the vast majority of our time showing businesses how to make this happen. But they are typically the big boys and girls out there. What of the smaller businesses?

As the world moves away from PCs towards smartphones and tablets – which may well happen quicker that we think: Microsoft’s Surface is here, kindle has sold millions of Fires in the US, Google is putting out a £159 7inch tab later this month and now Apple is pretty certain to be launching iPad Mini towards year end – the way consumers interact with businesses is going to be significantly different from the ‘old’ internet model.

In many cases the PC is still the preferred device: for e-mailing, for surfing, for working and for social networking. But this preference is not always reflected by the actual behaviour: in many cases the smartphone is the only available appliance, so that is the one which is used.

“Users estimate that at least 5% of the time they currently spend on computer and laptop will go to smartphones and tablets in the near future,” says Veris. “I personally think it will be a lot more; at home the tablet will claim a lot more time, and on the road the smartphone will do the same.”

But how do businesses that want to engage with consumers this way actually make it happen? Sure much of the back end is the same, but the experience and, moreover, the payment/purchase side is going to be crucial. Making it simple, affordable and easy to do for small commercial entities is where I believe the real telemedia in m-commerce opportunity lies. And the businesses that want it need our help to make it happen.

At a time of economic uncertainty – not to mention a time of crooks being finally unmasked in banks – everyone needs to get on board with m-commerce and it is up to us, as an industry, to make it happen.