Hummus and pita with a side of cybersecurity? When it comes to warding off fraudsters, QSRs would be wise to adopt biometric authentication and entrust customer data storage to partners, says Dan Simpson, CEO of the Taziki’s Mediterranean Café chain. In the latest Mobile Order-Ahead Tracker, Simpson explains how it is possible to keep fraud controls current, without having to be a tech pioneer.
In a world where there’s a mobile device in nearly every pocket, and cybercriminals looking for any advantage, all businesses — restaurants included — need to be tech-savvy. The many quick service restaurants (QSRs) that have recently adopted mobile order-ahead offerings must provide robust security and customer authentication procedures without sacrificing convenience. They must also provide fast and frictionless ordering experiences that don’t compromise the safety of customer information.
Providing these experiences requires tapping into modern authentication technologies and partnering with security experts for tailored solutions, said Dan Simpson, the CEO of Taziki’s Mediterranean Café.
In a recent conversation with PYMNTS, Simpson explained how the Alabama-based Mediterranean food chain brings secure mobile ordering to its 85 restaurants with biometric technology and other tools.
Upping Authentication
Modern customers are accustomed to taking out their smartphones and tapping apps to quickly place orders, but some solutions hit major speedbumps by forcing consumers to type in their passwords each time they make an order. To keep the process moving quickly, while preventing unauthorized access, Simpson said Taziki’s has adopted biometric authentication. The company launched the latest version of its app about a month ago, which includes a new feature that allows customers to log in via face or fingerprint recognition.
While Taziki’s aims to keep its technology modern, it also looks at how other companies have implemented solutions to learn more before incorporating them itself. Simpson noted that customer demand prompted Taziki’s to offer biometric login, and he credits the iPhone X, among other technologies, with driving consumers’ comfort and familiarity with those processes.
“We’re not trying to pioneer and invent everything,” Simpson said. “The iPhone X made [biometrics] a social norm.”
Customers must provide one additional piece of information at the in-app point of purchase, but they need only enter three numbers: their credit cards’ CVV codes.
“Requiring people to enter in their three-digit security codes is a feature to make sure that they actually are who they say they are,” he said, “by evidence of them having this physical card on their person and being able to prove that at time of order, rather than somehow gaining access to someone’s account.”
Handling Payments
Neither Taziki’s nor the digital ordering company it partnered with on its mobile app payments stores customer credit card information, Simpson said. Instead, all information is tokenized.
“We have multiple levels of separation and distance and checks and balances in place, so [customer] information is being stored securely,” he said. “Credit card information is only ever being accessed to process a payment by the right parties, directly with the financial institutions, not by us as a restaurant business.”
Hundreds of thousands of customers choose to check out as guests instead of saving any information, Simpson said. He believes this is largely driven by customers who don’t want their payment information saved and those who are trying Taziki’s for the first time.
Partnership Power
Simpson said that hackers are always looking to access sensitive data, and that security remains a high priority for Taziki’s. Fortunately, he said, most businesses no longer need to store customers’ personal and financial information in their own secure databases. Instead, businesses can partner with cloud-based storage and hosting services that have more resources and expertise in safeguarding data.
“We have to make really good decisions around not trying to control [customer data by] having our own data warehouse and all,” he said. “The better decision is not controlling it [ourselves] — it’s partnering with people that have the capacity to do a world-class job with it.”
Simpson noted that Taziki’s also works with a partner for its tailored app solution instead of buying one off the shelf. He expects restaurants to increasingly “become more savvy at omnichannel and being [technologists] … not just buying an app off the shelf, but actually being involved and investing money into building an app into their ecosystem.”
As customers’ appetites for mobile convenience continue to grow, cybercriminals are getting smarter. Now, it’s up to restaurants to forge strong partnerships and leverage the latest, trusted tech to provide seamless security. By doing this, they can stop fraudsters in their tracks and keep customers coming back for more.