“Bricks and mortar is dead; long live bricks and mortar!” This was the surprising theme that emerged from the sprawling 2014 Internet Retailer Conference and Exhibition, reported Laura Heller, editor in chief of the online trade magazine FierceRetail.1 Everybody in retail had previously been emphasizing only the tremendous advantage that digital retailers had over physical stores because of the vast amounts of customer information they could amass and exploit. True, brick-and-mortar stores also could size up customers by recording their purchase history and by purchasing additional information about them from data brokers. But digital sellers could do the same—and a whole lot more. They could follow customers around the internet and track them at any site where they had shopped, and they could also present them with ads on other sites for the same items the shoppers had viewed earlier on the merchants’ site. When those shoppers returned to the sellers’ website the merchant could offer up the products they had previously considered and possibly rejigger the deal—change the price, add other items, reconfigure the warranty, and more—based on the shopper’s assessed value to the business, such as whether the person was a consistent customer yielding good margins for the store, a bargain hunter, or someone in between.
Given the seemingly insurmountable edge enjoyed by online retailers—beyond their extraordinary and ever-growing data-base of information on individual shoppers, they also enjoyed virtually unlimited shelf space—some wondered whether physical retail real estate was dead weight, a hindrance to merchants attempting to compete with seemingly ever-flexible digital companies. But Heller noted that the zeitgeist was beginning to change. The attendees at the internet retailer conference, she said, were recognizing the physical store as “increasingly a critical part of an online or omnichannel strategy” (omnichannel is an industry buzzword that refers to the multi-faceted means by which a physical retailer can profitably meld its online and mobile phone capabilities with its physical resources).
The largest department stores, supermarkets, and discounters were well aware that online-only stores were continuing to move in on their turf. The success of Amazon was probably the biggest factor behind physical merchants’ new focus on beating internet rivals at their own game. Succeeding at this gambit was not going to be easy, however. At the end of 2014, Amazon announced that more than ten times as many items were ordered with same-day delivery for Christmas than in the previous year. Moreover, the company reported that nearly 60 percent of its customers had purchased from Amazon using a mobile device and that the percentage of people using mobile shopping increased as Christmas drew closer. Total U.S. holiday sales from the Amazon app doubled in 2014.2
Major physical retailers understood that developing winning websites and apps was necessary to countering this challenge, but they saw it as just one part of a larger overall strategy. Believing that a material store in one form or another would always be a key to success, retailing executives wanted to encourage shoppers to buy items from their websites or apps and then pick them up from their brick-and-mortar stores. More important, they decided to copy what internet retailers had been doing: tracking shoppers to discern their lifestyles and the goods that appeal to them; distinguishing individual shopper value based on that information and the shopper’s prior purchases; and (depending on a shopper’s assessed value) offering targeted enticements, which could include altered pricing, to encourage both a relationship and a sale.
As late as 2013, many brick-and-mortar chains continued to back away from direct confrontation with internet-only companies. Executives, especially those overseeing major department-store and discount operations, instead tried to work around online sellers by offering merchandise that their shoppers would not be able to find anywhere else. For example, they increased their stock of exclusive brands or had their suppliers tweak the products they produced for them just enough so the items would be assigned new barcodes.
After 2013, these companies shifted their focus and began to build parts of the business they felt could beat or at least match online-only merchants. For one thing, they designated part of the physical store as a warehouse. The idea was not new; during the 1990s and early 2000s Walmart, Sears, and Macy’s were among retailers that had instituted systems enabling shoppers to buy online and pick up at a nearby chain location. They called the practice “shop online and ship to store,” or “click and collect.” But many other merchants demurred. The chief executive of supermarket giant Kroger told investors as late as October 2013 that people went online for recipes and coupons and to check their loyalty reward points, but “not for e-commerce.” The international retailer Ahold, whose U.S. chains include Stop & Shop and Giant-Landover, had a different view: it had already instituted its Peapod service, which enabled customers in select areas to order online and pick up the goods at one of its nearby supermarkets.3 Nevertheless, as far as Kroger was concerned, “E-commerce makes up a tiny, tiny percentage of the food business.”4
By 2015, though, the online purchasing and in-store pickup system was becoming commonplace for most sellers with a national footprint. Even Kroger was now moving in that direction with an experiment in Houston.5 Department stores and large discount chains were also touting their ability to accept returns from internet purchases at the physical store. Astonishingly, in 2013 customers returned an estimated third of all purchases they made on the internet,6 and this proved to be an opportunity for physical stores to shine: surveys indicated that customers liked the choice of returning goods to any branch, regardless of where they had made the purchase.7
With these new developments physical retailers started going head to head against their biggest internet-only competitors, who wanted to make brick-and-mortar stores look anachronistic. Amazon, eBay, and Google Express delivery service instituted a new arrangement by which they contracted space in shopping centers, stores, and bus stations for pickups and returns, but the program did not initially catch on with shoppers.8 Instead, a number of online-only businesses—grocery delivery service Instacart, Google Express, and eBay, among others—focused on beating brick-and-mortar’s alleged location advantage by targeting delivery to home or office.9 They aimed to make their services so convenient that shoppers would not even have to go to a physical store to purchase the most basic goods.
Amazon was at the forefront of such efforts. In 2013 the company announced a plan to use drone aircraft to deliver packages to customers’ porches, lawns, or roofs within thirty minutes of an order being placed. Although the U.S. Federal Aviation Administration initially balked at the notion of drones flying around with parcels, it eventually allowed these and other unmanned initiatives in airspace below four hundred feet.10 In a more conventional move, the company began offering free two-day shipping in 2005 on over twenty million items via its Amazon Prime program (memberships cost $99 a year in 2015). In 2009 it began offering same-day delivery in Manhattan, Philadelphia, San Francisco, and a few other heavily populated areas. And for the 2014 Christmas holiday season the company offered free two-hour and $7.99 one-hour delivery service in Manhattan for one day between the hours of 6 a.m. and midnight. Twenty-five thousand products were eligible for this service, including paper towels, shampoo, books, toys, batteries, USB cables, and Kindle Fire tablets. Bike messengers made many of the deliveries. Amazon planned to expand the offering to other large metropolitan areas.11 By offering same-day delivery the company was hoping its customers would decide to “skip the trip to a retail store,” an executive at a mobile apps production firm told Mobile Commerce Daily.12 Dave Clark, Amazon’s senior vice president of worldwide operations, confirmed this goal: “There are times when you can’t make it to the store and other times when you simply don’t want to go. There are so many reasons to skip the trip and now Prime members in Manhattan can get the items they need delivered in an hour or less.”13
The brick-and-mortar side fought back. Walmart,14 Macy’s, hhgregg, and others moved to match the quick-delivery programs offered by Amazon (and others). Mall operators such as Simon and Westfield also stepped in to help their smaller tenants compete.15 The move to quick delivery involved the implementation of new processes and technologies on a local level, and it also meant that part of the store had to be turned into a kind of mini-warehouse. By 2015 stores were still mostly testing their programs in small patches of the country, but the two sides seemed to achieve a rough parity in the ability to, literally, deliver the goods. Analysts noted that while these efforts were expensive and might not even distinguish any one retailer over another, same-day delivery by physical retailers was probably necessary. “Like other traditional brick-and-mortar retailers, Macy’s is adapting to a digital age in which people are growing accustomed to getting what they want when they want it,” reported CBS’s “MoneyWatch.” “The chain probably has little choice but to face this new reality and take a risk on same-day delivery.”16 An executive at the grocery consultancy Willard Bishop noted the same situation with supermarkets. “It’s messy, but it’s inevitable,” he said in 2016. “Stores that do it well are reporting incremental gains of up to 30 percent when shoppers use them for both physical and online shopping. But it’s still not profitable.”17
As the battle continued to rage, both sides ignored a crucial terrain: the selling floor. It was there, amid store aisles, that about 90 percent of all retail goods continued to be bought and sold as of May 2015, according to the U.S. Census Bureau.18 And just as some brick-and-mortar retailers nervously turned part of their stores into warehouses for the internet world, they viewed their aisles equally apprehensively as domains that, they felt, would also have to function somehow like the internet. Although the notion that a store aisle could serve in such a capacity might seem odd, merchants had concluded that this would be the new role of the physical store in the digital shopping era. “Savvy retailers are using multimedia content to make the shopping experience more engaging,” wrote Justin Honaman, a partner in a company that provides customer analysis technologies, in January 2014. “They will offer in-store only events and services . . . aimed at bringing customers to stores and keeping them there.”19 He also predicted that personalization “lies at the center of omnichannel marketing strategies in 2014,” pointing out that retailers now had the means to “reach shoppers with what they want, when they want it and via the channel they prefer to shop. Retailers will also work to curate the right product information at the right time in the shopping process.”20
To achieve these goals, he wrote, retailers will need to “connect the dots . . . and [create] a comprehensive customer profile.” According to Honaman, retailers with physical stores actually had a unique advantage over their internet-only competitors. While each group could compile mountains of data and build individual profiles by tracking shopper behaviors and purchases online, and then target personalized ads and discounts, only physical retailers could exploit this gold mine of customer knowledge and engagement when customers went from the virtual to the material world, as they so often do. He argued that brick-and-mortar emporia had to be seen as an integral part of a new retailing mandate to “reach shoppers with what they want, when they want it, and via the channel they prefer to shop.” For example, a physical retailer could offer an individual the most effective prices “both in-store and online,” and in a real-time, personalized manner.21
In Honaman’s view the key to success was the cellular phone. “Consumers are increasingly using mobile phones and tablets for product research and online purchase,” he wrote. “The combination of portability, connectivity and relative affordability gives the smartphone a privileged place in driving always-on commerce.”22 Indeed, the smartphone was already becoming part of retailing strategy. “Mobile is the new first screen,” noted a MediaPost article at the end of 2014. “On average, people check their phones 150 times per day. More than one third of customers are ‘mobile only.’ With stats like this coming out daily, we (should all) get it.” That meant, the writer said, developing mobile strategies for engaging with the shopper for “loyalty and revenue.”23
Retail establishments have long audited shopper movements in their stores. The turnstile was perhaps the most common mechanism used to measure the activity at a store’s periphery during the twentieth century. The first use of turnstiles in contemporary shopping has been traced to Clarence Saunders, who installed one at the entrance to his first Piggly Wiggly store in Memphis, Tennessee, in 1916.24 Turnstiles ultimately fell out of favor in retail venues, and by the end of the century some merchants were using electronic beams to tally the number of people who entered their establishments. In addition some stores, especially supermarkets, worked with product manufacturers to use a light source to count the number of people passing through particular aisles, or areas within aisles. (In retailing the familiar term “foot traffic” has now morphed into the rather scientific-sounding “shopper analytics.”)
Retailers accepted that this form of tracking wouldn’t include identification of individual customers. In addition, the ten largest companies that engaged in this form of tracking agreed in 2013 to a “Mobile Tracking Code of Conduct” that required stores to post conspicuous signs when using tracking technology, and to offer a website from which customers could opt out of being tracked. Plus, data collected could not be personal or “be used to adversely affect a shopper’s employment, healthcare or insurance.”25 But with ever-evolving tracking technologies and intense competition among these companies, the veil of anonymity began to fall away.
Consider the experiences of two such companies, ShopperTrak and Euclid. ShopperTrak, founded in Chicago in 1991, devised systems that solved two major problems: the inability to distinguish both things (such as baby carriages and shopping carts) from people, and individual shoppers entering a store side by side or en masse.26 By 2013 the company had developed a small video camera with microprocessors that not only could detect individuals entering side by side or in groups, but could also distinguish between children and adults. In interviews for this book ShopperTrak executives said they were careful to build anonymity into the technology—the system did not capture faces—because they believed their clients were wary about intruding on shoppers’ privacy.
Euclid Analytics, a 2009 Silicon Valley startup, came up with an entirely different approach. An early force in accessing shoppers’ smartphones, Euclid could follow individuals’ movements throughout a store using Wi-Fi, which at the time was in use by more than 90 percent of smartphones. (Wi-Fi allows a mobile device to connect to the internet via a wireless network access point—a “hot spot.”) Smartphone owners typically keep their phone’s Wi-Fi access turned on, often so they can use the free Wi-Fi available at many retail establishments. And indeed, retailers have offered this service at least partly because they know it makes the phones identifiable. Smartphones constantly ping in search of Wi-Fi network access nodes, and these pings contain the smartphone’s MAC (media access control) address—a unique string of letters and numbers that identify the device. Euclid developed a system that could be installed in its clients’ stores to follow pings, enabling the company to note the presence as well as the location of every smartphone in the store. (The smartphone owner remained anonymous, however, because Euclid scrambled the MAC number.) The tracking also extended to exterior display windows so that retailers could attempt to monitor the effectiveness of displays in attracting customers into the store. Euclid could also provide the total amount of time a customer spent inside the store—helpful information, as studies have found a direct correlation between the amount of time shoppers spend in a store and the amount they spend. In addition, Euclid contended that its data could help floor managers allocate personnel based on where and when the number of customers would be greatest.27
Bill Martin, one of ShopperTrak’s founders, didn’t believe that tracking the location of individuals as they moved through a store would result in greater profits for the merchant, given the cost of the technology. However, many of his clients nevertheless wanted ShopperTrak to extend its tracking beyond the store perimeter.28 In 2014 the company responded by buying RapidBlue Solutions, a Helsinki firm whose technology was similar to Euclid’s. By combining their systems and adding new features, ShopperTrak hoped to generate a larger sample of individuals than Euclid was getting by Wi-Fi alone.
The company’s new approach involved identifying and following mobile devices via any of three signals smartphone owners might have activated on their handset—Wi-Fi, Bluetooth, or cell tower connections. Like Wi-Fi, Bluetooth is a wireless technology with a consistent ping, though it has a less powerful signal and so is typically used for exchanging data over shorter distances (say, between a cell phone and a nearby music speaker). Still, the company believed that Bluetooth could be useful for tracking devices near or in a store when Wi-Fi is not turned on. If neither signal was active, the company could still track shoppers using the phone signal, which bounces off the nearest cell tower, and which is also broadcast with the unique MAC number. At best a phone signal can establish location within 150 feet, while Wi-Fi offers accuracy as precise as 10 feet, and Bluetooth within 10 feet. A ShopperTrak executive said the company could narrow down a cell signal enough to detect a phone in front of or near a specific retail location.29 He acknowledged, though, that cell-signal tracking would not work well inside a store.30
The company’s technologies faced various barriers set up by phone manufacturers. In the case of following phones via Bluetooth, the manufacturers often assign random and rotating false MAC addresses to disguise the device’s identity so it can’t be identified by a Bluetooth transmitter. Only when the phone’s owner, or an app the owner has loaded on the phone, reaches out to the transmitter does special software allow the devices to convert the random MAC addresses into the real one that allows the two devices to communicate.31 Tracking people via Wi-Fi also raised issues. Apple voiced concern that some marketers were violating iPhone owners’ privacy by pinging Wi-Fi signals of iPhones to get MAC addresses even though they had no apps to link up with those phones. Instead, Apple alleged, the marketers wanted to collect MAC addresses of phones and then find ways to link the phone IDs with personally identifiable information—names, email addresses, postal addresses, and the like—and use the data for directly targeting individuals.
Also around this time, many citizens were taking notice of—and objecting to—this form of tracking. In 2013 customers and privacy advocates complained after Nordstrom posted signs at seventeen of its stores regarding tracking that Euclid was conducting at those locations. The retailer tried to reassure the public that the data gathering was benign, stating that “anonymous information” giving Nordstrom “a better sense of customer foot traffic” would ultimately lead to an enhanced shopping experience. Ultimately Nordstrom declared that it was ending its “test.”32 Euclid stated on its website that public concerns about its activities were unfounded. “Our sensors collect only basic device information that is broadcast by Wi-Fi enabled phones. This does not include any sensitive data such as who you are, whom you call, or the websites you visit.”33
Not everyone agreed. One critic noted that, even if those firms were not intercepting individuals’ data, leaving a phone’s Wi-Fi turned on “can let your phone leak all sorts of useful things for malicious actors to intercept and act upon.”34 U.K. technology writer Julian Bhardwaj previously wrote that “it’s very likely that your [Wi-Fi enabled] smartphone is broadcasting the names (SSIDs) of your favourite networks for anyone to see. This alone might be enough for someone to glean information about you: where you work, where you live or your favourite coffee shop for instance.”35 Even worse, an attacker might use software to kick you off a legitimate Wi-Fi connection and then, when you try to reconnect, force your device onto a rogue network that, on the surface, seems very much like the legitimate one. The goal is a “man-in-the-middle” attack: intercepting data sent between you and a friend, or your bank, and “giving the impression you’re talking to each other over a private connection, when in fact the entire conversation is controlled by the attacker.” That situation could cause major damage, such as stealing your personal data (for example, bank account or credit card information) or installing malware on your cellphone. “Whilst we have all embraced the technological age none of us are really experts in the field and therefore we are extremely vulnerable to attack,” noted an expert on issues related to mobile environments linked to Wi-Fi networks.36 Bhardwaj noted that “there doesn’t appear to be an easy way to disable active wireless scanning on smartphones like Androids and iPhones.”37
Apple attempted to address this situation in September 2014 as part of an update to iPhone’s operating system (iOS 8). The system now transmitted two MAC addresses during Wi-Fi pings—of which just one was correct. Apps on the phone searching for the Wi-Fi link would latch onto the correct code, but a company simply trying to exploit the phone for other purposes would be fooled.38 Critics complained that the presentation of false and true codes was too patterned, and that with some phone settings the “spoofing” didn’t even work. Nevertheless, the update threatened to derail ShopperTrak and, especially, Euclid. A Euclid representative downplayed the development, which she said involved just a subset of the iPhone universe. She also pointed out that Google’s popular Android smartphone operating system did not have that Wi-Fi restriction. Consequently, she said, Euclid had thus far not lost much valuable data about shoppers’ movements.39 A ShopperTrak executive similarly played down phone manufacturers’ attempts to stop firms from tracking phones through Bluetooth. Not all phones had Bluetooth software that used rotating MAC addresses, he said, so ShopperTrak could still follow that subset through the store.
Nevertheless, Apple’s potential destruction of marketing-tracking vehicles was a sober reminder to both Euclid and ShopperTrak that technologies in the digital space are fluid and dependent on the whims of those outside the trackers’ control. Some believed that Apple had made the change because it was irked that marketers were finding ways to use its operating system without passing some of the revenue along to Apple.40 Others believed that Apple wanted to move away from Wi-Fi and original Bluetooth and toward a different version of Bluetooth technology, Bluetooth Low Energy (BLE). BLE uses considerably less power and cost than original Bluetooth, while maintaining a similar range. Companies can buy inexpensive BLE boxes, which act as beacons, transmitting a signal with a device ID. If a phone app within that range is compatible with that ID, the signal alerts the app to send a message via cellular or Wi-Fi that the phone has made a connection with the BLE beacon in a particular location. With an array of its BLE beacons tuned to its app in a retail location, the app owner can therefore figure out the movement of the phone’s holder as she or he moves through the store.
BLE can function with many operating systems. Apple engineered a version for apps that were available from its iPhone stores as well as one for the iPhone’s built-in Wallet app (originally called Passbook). The Wallet could hold discount coupons and other messages related to trade and travel from retailers and manufacturers. The marketer could attach a location tag to the message so that a reminder about the message would appear on the phone’s lock screen (that is, the screen that users first encounter each time they want to access their phone; they first have to swipe a finger across the screen or engage in some other action in order to unlock it) when the phone entered into the range of the BLE installed in the store. Marketers especially liked the lock screen feature because Apple allowed the message to be displayed so long as the tagged message was in the Wallet—the device didn’t need to actually carry their app. They therefore saw their challenge as encouraging people to load coupons and other messages into Apple Wallet.
Both ShopperTrak and Euclid began to consider BLE as the best option for tracking foot traffic in and around stores, as neither Apple nor Google were likely to derail it. There was an obvious challenge, however: Apple had built the technology so that only the firm controlling both the BLE transmitter and the app could identify the phone, and neither ShopperTrak nor Euclid would likely be able to persuade smartphone owners to install the app of a foot-traffic auditing firm on their phones. To get around this issue, a high-level ShopperTrak executive said in 2015 his company was considering a plan to install its own Bluetooth beacons in stores while arranging to incorporate its location software tool into the apps of unrelated companies’ phone apps. As the foot-traffic auditor of 55,000 retail establishments around the United States, the executive seemed confident that both stores and app companies would be agreeable: when its app is pinged by a ShopperTrak beacon, the app owner will learn the exact location of one of its shoppers, and the company can then deliver an ad on the spot to the smartphone as well as add new information about the phone owner’s shopping habits to its data files. Privacy, the executive argued, was not an issue. People who download apps and turn on the Bluetooth function should assume they might broadcast their presence via apps on their phones, he reasoned. He emphasized that ShopperTrak itself would still not be collecting identifying data or retaining any of the data in ways that would link back to the device. Foot-traffic monitoring, he said, had to be above suspicion to people moving through stores.
The actual situation was not so straightforward. As with Wi-Fi, some experts worried Bluetooth technology could likewise make smartphones vulnerable to anonymous third parties with man-in-the-middle intentions. The fear was that a malicious app on a person’s phone could sniff out the unique ID of a retailer’s beacon and then act as if it was the correct app to connect the phone with the beacon. “The user will never know that there was an app that was looking at where they were, capturing analytics and pushing them very targeted advertisements based on what they’ve seen,” worried the CEO of a company that has installed beacons in many retail establishments, airports, and hospitals.41 A number of Bluetooth providers say they have since solved this problem.42 Yet ShopperTrak’s plan included a different means for identifying and tracking an individual without the person’s knowledge—making this information available if not to ShopperTrak, then to the company whose app ShopperTrak was using. If, for example, ShopperTrak made a deal to incorporate its beacon software into the app of a social media firm, that social network would then possess unprecedented real-time knowledge of members’ precise locations.
Not surprisingly, traffic-analytics firms quickly recognized that tracking people for auditing could also mean tracking them for marketers. Raul Verano, chief technology officer for the analytics firm Shopperception, said that his company had installed cameras with 3D sensors in stores to track shopper activity in proximity to goods made by the company’s clients. In deference to U.S. and European privacy concerns he said that the company did not analyze the images for age and gender. (The policy was different in Asia, where privacy concerns were low, he said.) He also emphasized that the company discarded the U.S. and European images at the end of each day. “You’re so anonymous with our system,” he said, “that when you go away from the detection area to another camera area, you can’t tell it’s the same person.”43 He said that the firm had been experimenting with BLE, sending ads to shoppers on their phones based on data picked up by the camera sensors, and the company was planning to piggyback onto other companies’ apps to attract increasing numbers of clients. Like the ShopperTrak executive, he likewise contended that because shoppers had their Bluetooth function activated and were using their apps while out shopping, privacy was not an issue. Although the company could follow people and send ads to them without having particular data about them, he said that the trend was leading toward personalized messages. He predicted that business-as-usual for companies like his would ultimately include both an analytic component as well as personalized advertising.
While ShopperTrak, Euclid, and even Shopperception worried about capturing personal data via foot traffic, another company, shopkick, had no such qualms. It was one of a new group of technology-inspired firms that dived zestfully into the new playground of mobile customer profiles. The tale of Cyriac Roeding’s founding of shopkick in 2008 underscores how quickly retailers embraced him for his new take on loyalty. A German-born student of engineering and business who had been impressed by mobile phones as “the next big thing” while in Japan during the mid-1990s, Roeding decided to look for “an idea that has the potential to become a really large company in mobile.” He ran CBS Mobile (CBS Corporation’s wireless business for its entertainment, sports, and news concerns) for a while in the 2000s, but shifted to the position of entrepreneur-in-residence in 2008 with Silicon Valley venture capital firm Kleiner Perkins Caufield & Byers. It was there, Roeding says, that he saw a gold mine in mobile tracking as the solution to the central problem of retailing. “The number-one challenge facing every retailer in America is getting people through the door,” he told Entrepreneur magazine in 2011, half a year after shopkick launched. The next critical step, he realized, is “conversion,” the industry term for a shopper turning into a buyer while in the selling space. “Conversion rates in the physical world are so much better than online—between 0.5 percent to 3 percent in the virtual world and between 20 percent and 95 percent in the real world. So if foot traffic is so important, then why hasn’t anyone rewarded people for visiting stores? The answer is simple: It’s because nobody knows you came through the door.”44
Roeding’s comments gave no indication that he was aware of foot-traffic auditing—or perhaps he simply didn’t want to acknowledge the earlier model and its adherence to anonymity. He represented himself as part of a new business and approached retailers, brand manufacturers, and investors with a four-pronged plan:
• Award points (“kickbucks”) to smartphone owners with a shopkick app for going into a store, for handling products in the store, and for buying those items;
• Use the shopkick app to notify the company every time a specific smartphone crosses the threshold of the store;
• Reward a shopper with kickbucks for scanning products in the store and for purchasing products. Charge the store a small fee for each kickbuck a shopper earns from scanning. If the shopper makes a purchase after using the app (eventually, the shopper could make purchases through the app), charge the store a small percentage of that transaction;
• Gather as much data about app users as possible, sharing some of it with the retailers as an added incentive, but use the information mainly as a data pool to help shopkick present highly refined profiles of individuals to brands and retailers wanting to advertise to them in applicable shopping locations via the app.
The shopkick app that Roeding’s company created prompted users to register the items they handled in stores by scanning the items’ barcodes. The notification signal to be sent to shopkick by smartphones entering the store posed a technical challenge, because at the time Wi-Fi signals could invariably leak outside a store and be picked up by passersby. shopkick engineers solved the problem by developing a device that was mounted near the store entrance and emitted a signal undetectable to the human ear but was picked up by a smartphone’s internal microphone—and recorded by the shopkick app. Because the signal was limited to the store’s perimeter, the store could be sure that the kickbucks earned for entering were legitimate. The third part of the plan—the fee shopkick charged the stores—brought the Green Stamps loyalty playbook into the twenty-first century: now merchants could trace these electronic stickers directly to an individual customer’s buying record. Retailing executives were drawn to shopkick because it both collected data about individual shoppers and distributed targeted advertising close to the product—proximity marketing, as it became known.45
shopkick launched in 2010, with Macy’s, Best Buy, American Eagle Outfitters, and the large Simon mall company trying out the service in some of their locations. The actual dollar amount in terms of rewards that shoppers could receive was typically quite low—reports suggested that people on average gained $3 for their assiduous work over many store visits—yet the app’s popularity quickly grew, surpassing eight million users by 2014.46 During this time shopkick expanded its business model by adding BLE boxes to its tracking system so that it could present shoppers with offers that would be delivered via their smartphones as they approached targeted products. In a test on shopper behavior at American Eagle Outfitters, some shopkick users were notified upon entering the store that the merchant was offering “a small incentive” for visiting the fitting rooms. The company reported that more than twice as many shopkick users who received the message visited the fitting room area as those who didn’t.47
Merchants were especially drawn to shopkick because, unlike other apps relying on BLE, users didn’t have to open the app for it to operate. Newer features on iPhones and some Android devices enabled shopkick’s engineers to make their app “wake up” automatically when in the range of a BLE and get right to work sending personalized messages to the user.48 shopkick also encouraged its users to indicate their interest in specific products while browsing all the items that can be viewed on the shopkick app, which would then remind them when they entered a store that sold one of those products.49 A surprise discount on the app could then catalyze a purchase.
Competitors that were determined to follow shopkick’s model and convince millions of people to download a marketing app found the challenge difficult. inMarket succeeded by instituting an aggressive but very different strategy. Unlike shopkick, it didn’t expect to reach shoppers just by building loyalty into its own app. Instead, it made deals with many retailers to place BLE boxes with the inMarket code throughout their stores. The deals also included the right to put inMarket code in those retailers’ apps so when shoppers placed the apps on their phones they could be pinged by the inMarket boxes as they moved through the stores. Extending its reach, inMarket also arranged for the owners of other popular apps—for example, the magazine publisher Conde Nast and the newspaper publisher Gannett—to include inMarket code in their apps. Their incentive for doing that was to share shopper data and money. Having BLE boxes with inMarket code in thousands of places that could connect to millions of phones with its code meant that inMarket could trace millions of people’s movements through stores and send advertising messages to them as they walked around the stores. Coca-Cola and Hillshire Brands were clients.50 The retailers would get a slice of the advertising revenues if an ad appeared on a smartphone via their app or while a shopper was in their store. inMarket divvied up payments from advertisers to the firm that owned the opened app with the ad, the company that sold the ad (typically, inMarket or the retailer on the retailer’s app), the retailer where the app opened, and inMarket. Retailers would be able to set the order of inMarket-linked apps to be woken by the beacon. So, for example, a person walking into Marsh supermarkets with Bluetooth on would trigger the Marsh app. If the phone did not have a Marsh app, the WebMD app might wake up, if it was Marsh’s second choice and it was installed on the phone. If Marsh’s retail advertising sales force had sold a Nyquil cold medicine ad for the beacon near the pharmacy, inMarket would send that ad to the phone via the shopper’s WebMD app.
Apart from advertising revenues, inMarket’s website promised to deliver to retailers “rich insights into shopper behavior”—for example, age, gender, visits by hour and day of week, “and more.”51 There was a lot more, as the company collected a lode of data from shoppers in different ways.52 For example, if a Nyquil ad were served in one of inMarket’s own apps (FreeCoupons and ListEase, among others) inMarket would get full personal information about the individual. It would also get the ability to add to the shopper’s data file information such as when the person entered the store and the nature of the ad viewed. If, however, the person used the WebMD app, only WebMD could collect the personal information, as stated in its privacy policy. Although that person would be anonymous to inMarket and Marsh, the companies would still get potentially useful data. They would learn the app ID related to the device, which would allow them to record the presence of the device wherever the person was situated in store (in the case of Marsh) or (in inMarket’s case) wherever the firm placed beacons. They would also know the person’s location in the store, and the ad the person saw. They could store that material, and create a profile based on the history of the person’s anonymous movement in the store. And if the person with the phone happened to fill out a sweepstakes form on the phone’s WebMD, Conde Nast, or Gannet apps—which would, of course, include the individual’s name and address—that person’s anonymity would dissolve, thereby enabling inMarket to purchase personal information about the shopper from third parties.
By late 2014 inMarket claimed to have 31.5 million monthly users. In comparison, Walmart was reaching twenty million phones a month with its app, and Target, Walgreens, and Kroger each had approximately four million users of their respective apps.53 Substantially fewer people were loading other retailers’ apps, with the result that those stores could not take full advantage of the tracking and personalization technology. Lord & Taylor was one chain that decided to contract with a number of cross-retailer apps deemed fitting for the store’s image, rather than create a stand-alone app. Indeed, inMarket, SnipSnap, Swirl, and other beacon-oriented marketing firms saw fertile terrain in small- and medium-sized businesses lacking the scale to go it on their own.54
Giant retailers had an advantage, as they already had widely circulated apps before installing BLE beacons. They also had the means to compile an arsenal of data to profile their customers’ shopping habits, so much so that sometimes they could even infer how shoppers moved through the aisles. These retailers typically collected personal information based on loyalty card (or app) registration or via credit (or debit) card identification customers provided at checkout. They captured a record of the items an individual purchased by linking the UPC codes of the purchased items to the purchaser. They then linked the online and mobile activities of every shopper—their purchases as well as what they viewed and/or commented on at the retailer’s website and possibly elsewhere—to purchases they made in the physical store. Walgreens’ privacy policy acknowledged outright that the company was collecting personally identifiable information by connecting purchases to app and loyalty-program registrations (including information obtained via customers’ Walgreens-purchased health devices that linked to the company’s app).55 Walmart implemented cutting-edge customer analytics to understand how online behavior influenced in-store behavior, and vice versa.56 Target also used sophisticated analytics, collecting and purchasing personal information about individual shoppers from just about any available source—“including information you submit in a public forum (e.g., a blog, chat room or social network).” It also reserved the right to share the information “with other companies . . . to provide special offers and opportunities to you,” if a person didn’t opt out.57 A New York Times article suggested that data Target had gathered on a young unattached woman based on her recent purchases enabled the retailer to infer correctly that she was pregnant, and proceeded to send her coupons related to her condition—which her father intercepted.58
The supermarket industry was moving forward with a range of apps and vigorous data collection even before beacons exploded in popularity. Retail executives widely praised Kroger, the nation’s second largest grocery company (behind Walmart), for its ability to compile information about its customers. To accomplish this it enlisted dunnhumbyUSA, a highly regarded analytics firm it co-owned with the British company Tesco. (Kroger ultimately bought out the U.S. branch in 2015 and renamed it 84.51 Degrees to reflect both the quantitative nature of its business and the coordinates of Kroger’s headquarters.) The subsidiary conducted sophisticated explorations of checkout data and other information the retailer had linked to shoppers’ loyalty cards, which were involved in nearly every transaction. The company likely also obtained personal information from outside firms. Kroger’s 2015 privacy policy stated only that it would not sell or trade its customers’ information; it did not mention gathering data from elsewhere.59 Personalization was of course the goal. “Working with Dunnhumby,” noted Forbes in 2013, “Kroger tracks each customer as an individual.” A dunnhumby executive said the company strives to isolate each individual’s behavior. “Do they have kids, do they skew toward healthy or fun, do they like organic or convenience, and where are they price sensitive—across all products or only on some.” The firm uses this information and other research to understand its customers’ movements through the store, and to tailor postal and internet mailings to individual shoppers.60
A number of grocery businesses, including Stop & Shop61 and ShopRite, instituted a self-scanning-and-bagging program that enabled customers with the stores’ app to monitor their purchase total as they shopped and then proceed quickly through checkout.62 Supermarket and drugstore coupon dispenser Catalina Marketing built customized apps for this type of program to help its clients gather data on individual customers and offer personalized discounts. Now, instead of providing the coupons only through its checkout printers, Catalina could send customers messages as they scanned products while moving through the aisles. A brochure boasted that “Catalina Mobile targets more than 4.6 million personalized offers each month. Every offer is based on each customer’s individual historical purchases, brand preferences and loyalty, location in store/aisle, and what’s in their shopping cart. Catalina Mobile gives you the ability to target customers at the most critical step in the path to purchase.”63
The program represented a major change. For decades barcode scanning and its link to rewards cards had taken place at the cash register at checkout, and now companies were hard at work to come up with ever-easier ways for customers to scan goods as they strolled past them. The Sapient Nitro agency developed a prototype involving a computer chip in the customer’s shopping bag that would automatically identify the barcode of an item placed into it. The chip would then communicate with an app the shopper had downloaded to keep a running total of the transaction. Critics worried that customers might be less inclined to return to the store if they had virtually no direct interaction with a store representative—that is, the cash register clerk. They also worried that customers bagging their items in the aisle would encourage theft (the industry calls this “shrinkage”). Although Catalina flatly stated that this was a “misconception,” the company (along with others) nevertheless investigated approaches that would “mitigate the risks of bad behavior of a few customers, without alienating the majority of trustworthy, loyal customers.”64 One such tactic was a computer review of shopper scanning activity to look for an unusual number of voided transactions—an indication someone might have scanned an item and then pretended to return it to the shelf. Other potential red flags could be an extended period between scans (the implication being that an individual could be adding items to his or her shopping cart without scanning them), spot-checking whether someone has a history of being caught leaving a store with “accidentally” unscanned items, and what Catalina called “shopper status”—likely a reference to whether a customer’s purchase history and loyalty status coincide with the items in his or her shopping bag.65
Beacon advocates asserted that their new technology would bring selling in the aisles to an even higher level of success. They said that BLE was superior to self-scanning-and-bagging programs because the shopper didn’t have to handle a product to get a message about it or its competitor. Beacons were also quite inexpensive (by 2015 the price was down to $5 per box) and easily installed. When chain retailers such as Walgreens, Walmart, and Target saw how beacons could help them collect new behavior-centered data and send messages to identified shoppers based on extensive profiling, they pounced on the technology. The Business Insider Intelligence research group listed beacons as one of the most important new mobile developments helping merchants win back revenue “thanks to their ability to target consumers with sales and loyalty offers.”66 Critics, however, noted that beacon boxes covered rather small store areas and could not reliably follow an individual’s complete movements through the store unless a large (and expensive) number of beacons were used. They also pointed out that smartphone users don’t necessarily keep their Bluetooth phone signal turned on. A Kroger executive suggested that the firm didn’t consider them cost-efficient; indeed, the company wasn’t using beacons as of late 2015 and said it had no plans to do so.67
This chink in the Bluetooth box opened the door for alternative tracking solutions. IndoorAtlas, a Finnish company, uses a smartphone’s magnetometer along with other built-in sensors to locate its position based on the Earth’s “natural variations of geomagnetic field.”68 A retailer can then follow a phone that has its app fluidly through the store—with no need to invest in any boxes or lights.69 General Electric is producing a system that incorporates beacon technology into a store’s lighting system, so its range encompasses virtually the entire store. The GE system emits a unique light pattern to a phone if the user clicks OK to location awareness when asked by the store’s app. The phone detects the Bluetooth signal specific to that location, and the phone’s camera detects the light patterns from the fixture even if the Bluetooth in the phone is off. Noting one or the other signal (or both) allows the store to learn of the shopper’s position and direction with an accuracy of less than three feet. The location information allows the retailer to send the phone a personalized message based on that location. And because interaction with the app allows the retailer to learn the phone’s ID, the personalized message can be based on lots of other information about the individual in addition to location.70
Walmart was reported to have made a major purchase of GE’s system.71 Whether it or IndoorAtlas’ approach gains wide acceptance, they reflect merchants’ insistence on finding efficient ways to identify and follow shoppers in the aisles, sending them personalized messages in the process. Matthew Kulig, co-founder of the store mapping company Aisle411, believes that retailers ultimately will exploit a combination of solutions toward this goal. His company has been working with retailers to address both tracking and simply helping shoppers find their way around a store. Founded in 2008, the company began with a toll-free number providing computer-generated answers to questions about the location of items in stores. It has since evolved to using other technologies, including cellular, Wi-Fi, and Bluetooth, depending on the client. Perhaps the most advanced version of its products to date is a three-dimensional map created in cooperation with Google. Tested in some Walgreens locations in 2015, the system is accessed using Google’s Tango augmented-reality tablet and provides product location information as well as customer tracking for presenting messages and coupons relevant to the shopper’s profile.
Given the exhaustive efforts to target people’s mobile devices inside brick-and-mortar establishments, it is not surprising that this technology began to extend outside the physical store. Facilitating this development was a GPS (global positioning system) chip that, by the 2010s, manufacturers were installing in every smartphone. The chip picks up the beaconlike signal of three geostationary satellites; software in the phone triangulates the data into map coordinates. The highest-quality commercial GPS receivers can pinpoint someone’s position to better than 11.5 feet, and when combined with the location of Wi-Fi pings from stores and other places, the location can be even more precise.72 Consequently, if a smartphone owner allowed an email provider, an app, or a website to access the phone’s location, that information could be used to sell ads to merchants near that phone. The firms monitoring a phone’s location could also—without additional permission—peddle the data to other apps or mobile websites, and they could sell the ads.
Predictably, advertising giants such as Google, Facebook, and Yahoo! became deeply immersed in GPS tracking, but so did inMarket and other smaller companies. inMarket, which provides location-based ads outdoors in addition to inside stores, offers merchants and brand manufacturers the ability to know where individuals carrying apps with its code are located on a proprietary latitude and longitude (“lat-long”) grid containing a large number of retail locations. The ad-serving process works this way: If a person allows location detection on a smartphone, the phone’s operating system continually pings the phone to check its latitude and longitude. The device then sends these coordinates to apps for which the device owner has allowed location. The phone essentially tells the app, “This is where I am. What should I now do with this information?” In the case of inMarket’s apps or apps on which it has code, the answer is to plot the phone (and so the individual linked to it) on the company’s grid. inMarket therefore knows where these people go from moment to moment. The company can also determine whether the phone holder is in an area where an advertiser wants to reach shoppers with a message. That space is called a “geofence”—that is, a defined geographic area. A retail establishment might pay inMarket to surround it with a geofence of a certain size so that when inMarket sees a mobile device enter, it will trigger a message about the store to be displayed through one of the apps with inMarket code. A geofenced area can be as large as a several-mile radius or as small as a single shop within a strip mall. In addition to targeting by location, inMarket can choose from among people in those geographically specific areas based on the demographic and behavioral information it gathered when people signed up for the apps, when it tracked their phone’s movements in the outside world, and when it followed them in stores with inMarket beacons.
Another “geolocation” company, xAd, exploits this location technology somewhat differently. The company attempts to combine a smartphone’s position with its user’s actual reason for being at that location. xAd has access to both sorts of data because it provides a digital-advertising network for a raft of restaurant, tourism, and directory apps.73 The advantage for xAd of working with such apps is that they logically require their users to accept giving out their GPS location to learn about establishments and their directions. Through these relationships, xAd claims the ability to know what the people in particular locations were intending to do. Based on close mapping of retailers’ location coordinates, xAd could then serve ads within the apps that targeted “consumers as they are visiting key locations in real-time and showing their intent to browse and purchase in the physical world.”74
xAd also uses the IDs of the smartphones it accesses to record physical locations along with analysis of buying intent. Simply knowing the past twenty retailers where a particular anonymous person shopped can provide useful information for target advertising. BIA/Kelsey senior analyst Michael Boland noted that “location always is thought of as geographic,” yet it is most valuable “as a means toward building user profiles.”75 He said that many of the advertisers using these sorts of location targeting in 2014 were “the suppliers of consumer packaged goods products, including the Procter & Gambles of the world but also their retail affiliates like Walgreens.” He noted that “they’re kind of working together in ways that engage users to find the closest store.”76 At the same time, Boland said, xAd and other mobile targeters were applying their real-time capabilities to persuade shoppers to choose a client store over a competitor. Under such “geo-conquesting,” as it is known, shoppers who are tracked near a competitor store are sent ads to persuade them to buy from the company’s client instead. “For instance,” wrote one mobile-marketing blogger, “a local coffee shop . . . might target users who are at big coffee chains like Starbucks and Dunkin’ Donuts with timely messages emphasizing local deals, short lines or unique menu items . . . like ‘Tired of waiting in line? Try our organic original roast today with no waiting!’”77
Thinknear is a company that also exploits location to target individuals, but in contrast with xAd it uses what’s known as mobile advertising exchanges to reach individuals rather than specific sites or apps. A mobile advertising exchange is an electronic marketplace in which companies bid for the right to send advertisements to people from any of hundreds or thousands of sites or apps in near real time. Thinknear bids to serve ads for retailers and other clients based on what it learns through the exchanges about the mobile devices’ locations as well as the demographics of their owner. The company uses GPS as well as Wi-Fi, cell triangulation, internet protocol (IP) address, and user registration to determine the location of the devices.
The retailing and marketing industries are also examining other avenues for exchanging information between a location targeting company and merchants. One possibility is to send individualized messages about a store to entice people when they are in proximity. If the person then enters the store, the targeting company would inform the merchant and share behavioral data. This activity could occur through such companies as LinkNYC, which began installing unrestricted Wi-Fi kiosks in public spaces throughout New York City in 2016. LinkNYC could collect data on the patterns of individuals who use the service as they pass the kiosks. The firm could then sell advertisers the right to send messages to the pedestrians based on what the kiosks had learned about their locations and behaviors. Scott Varlard, a technology expert at IPG Media Lab think tank, noted that the tracking of individuals could continue into the store if LinkNYC and the retailer collaborated on ways to match people’s identities.78
As the capabilities to track and target individuals continue to extend their reach, it seems only a matter of time before the physical retailer can enter private homes. Of course, some versions of this type of interactivity already exist as people use their PC and laptop computers, tablets, and phones at home to make purchases or to gather coupons and compare prices in anticipation of physical shopping. Not too long from now, insisted David Skaff of the Science Project marketing agency, there will exist what he calls “omnichannel nirvana”: interactions of common appliances, including thermostats, lights, and refrigerators, with each other.79 The connected home, part of a larger development technologists call “the internet of things,” has been leading retailers and brand manufacturers to revel in the possibilities of getting in on the stream of habits, lifestyles, and even personalities that the collection of household-use data would reveal. Leigh Christie, a technologist at the Isobar agency, predicts that people will “shop on” their family members and friends, meaning they’ll be able to use a device to scan their clothes to obtain information such as where the items were purchased. He says that food containers will be able to remind their owners verbally of their expiration dates, and where they can replenish them. He also believes that everyday products such as cosmetics will reach out to individuals with advice relevant to the season and the weather.
Such communications are feasible today for cosmetics, Christie notes (though with Android phones only; iPhones don’t as yet allow this sort of interconnection). A cosmetics manufacturer or retailer can place an inexpensive chip (known as a near-field-communication, or NFC, chip) on an item—for example, on a cosmetics container. The chip will send its unique ID code to a smartphone’s NFC transmitter/receiver when the two are in very close proximity. Phones on which the cosmetic firm’s or the retailer’s app has been installed will receive the ID code, which identifies the product. Alerted to the specific cosmetic, the app can then instruct the phone to carry out a variety of tasks, such as looking up the weather and the time of year, and checking previously collected information about the phone’s owner in the cosmetic company’s computers. The app can then send a personalized message to the phone based on the information it has compiled—for example, “It’s a good day to wear blue,” “Your red lipstick would go great with this makeup this time of year,” or “Here’s a coupon for a new look!”80
* * *
Strong tensions shoot through this evolving world, as competition among companies continues to intensify and executives, consultants, investors, vendors, and advertisers try to assess what the role of mobile-tracking technology should be. A number of executives suggest that many of the so-called crucial developments in tracking technology are in fact anything but. Some even consider BLE beacons, the shopper-hunting stars of the mid-decade, to be merely an intermediate stage that will ultimately be cast aside for something different and, hopefully, better. At the same time nearly all agreed that the basic imperatives of identifying and following shoppers to and through the physical store, collecting enormous amounts of information about them without their awareness, and personalizing messages to them along the way is, whether through one technology or another, a new requirement of retailing.
More pressing than the technology itself is the key coin of the realm: data. Who owns customer data when so many parties, often in collaboration, ping and poke at shoppers at home and outdoors, and in stores? inMarket executives voiced specific concern over the lack of control their retailing clients feel they have over who should be allowed to reach shoppers within their walls, and by what means. inMarket contends some brand marketers have begun putting their own detection devices into store displays as a way to audit the number of passing shoppers and identify their app holders, and even to serve coupons to these shoppers. Marketers assert that these activities are always undertaken with the permission of the retailers, but inMarket officials dispute this and note that they have undertaken measures to thwart unauthorized activity.81
Ivan Frank, the digital-marketing head of the upscale Taubman mall company, agreed that people shopping in one of the company’s malls should not be receiving advertising from outside firms, potentially encouraging them to buy items online instead of at the mall. Although shoppers can’t be prohibited from accessing Amazon-like apps or getting text messages from retailers as they browse, he said he was working to at least maintain control of beacon companies hired to install units in the malls—but this was proving difficult. For example, some of the beacon companies that Taubman was planning to hire to set up and run units in a new mall the firm was opening in Sarasota, Florida, wanted to own the data their beacons collected on customers moving through the mall. “Why,” Frank asked rhetorically, “would we want a third party to own our data?” He objected that this information could be sold to retailers competing with Taubman’s tenants and mentioned Amazon in particular—“a company we’re at war with.” He lamented the lack of clear industry norms concerning beacon companies’ practices.
Frank’s concerns are shared by others in the industry. inMarket’s carefully spelled-out hierarchy of data-sharing among its retail and app partners is being accepted by many. shopkick and Catalina typically send the names, addresses, and email addresses of all their shoppers to each of their “partners,” but they do not release other individual shopper information—for example, the items bought or returned, the amount spent—except to the retailer that made the sale. Of course, firms such as shopkick and Catalina themselves have access to a range of data about individual shoppers from many different merchants, and the merchants try to negotiate limits on the amount of information those firms can store and on how they can use it.
As retailers, technology companies, and brand manufacturers negotiate new ways to glean information about people and implement marketing efforts based on that data, the one party who has no say in the matter is the shopper. Although privacy policies do allude to the often voluminous amounts of data retailers can ingest about people, studies repeatedly show that relatively few consumers read them. Those who do likely find the policies’ legal and industry language nearly impenetrable. And if they do manage to wade through the policies and object, the only option is not to use the website or the app—the rules typically constitute a “tough luck” contract, not open to negotiation. Shoppers who are determined not to give up their data can find ways to stop Web trackers and block ads, and although an increasing number of Americans are doing so, most remain readily identifiable and trackable via various cookie-like tags and data-matching procedures on the Web and on mobile apps. Physical retailers, though, have particular reason to worry whether shoppers will accept in-store tracking because, unlike digital retailing, crucial aspects of it cannot as yet be made as invisible. Their approach instead is to get shoppers to accept, and then take for granted, the omnichannel world of tracking and targeting, from their home to the brick-and-mortar store. To do so the merchants must seduce shoppers to switch on their Wi-Fi and/or Bluetooth, download the retailers’ app, and set up their loyalty program, thereby inviting the discounts and other blandishments offered up by the newly outfitted physical store. This evolving strategy is ushering in a new battlefield for shopper loyalty.