The Internet of Things, or IoT, promises to dramatically reshape the retail shopping experience in the coming years. Connected devices will leverage customer data seamlessly to help retailers deliver higher-level interactions, improve service and enhance sales.

The business community recognizes the opportunity here. According to Business Insider, a BI Intelligence report predicts there will be 34 billion connected devices worldwide by 2020, generating a $6 trillion industry. Businesses will drive adoption as they turn to IoT to lower operating costs, increase productivity and develop new product offerings.

As with any new technology, the rise of IoT in retail comes with a caveat. Retailers need to be aware of security concerns, and must take steps to ensure that any IoT implementation safeguards enterprise security and customer privacy.

IoT Security Issues

Media reports in recent years have highlighted a number of potential security hazards in the evolving IoT landscape. In a report on software vulnerabilities in IoT, Forbes described how hackers use baby monitors, security cameras and other connected devices to harass people in their homes. Similarly, WIRED showed how cybersecurity researchers remotely controlled a Jeep, using the cellular network to hijack the vehicle’s entertainment system.

Just as with more conventional computing arrangements, IoT networks can also be subject to malware attacks, and security analysts have suggested infected IoT devices could be used to launch denial-of-service attacks. Additionally, IoT may be susceptible to data breaches, with bad actors leveraging these devices as a means to spy on communications within the network. A lack of standardization may present a particular challenge, just as user behaviors may open a gateway for compromise: Failure to reset security defaults or to change passwords, for example, may create a possible avenue of exploitation.

Protecting Customer Data

Some risks inherent in IoT can be offset by thoughtful administration. It’s important to make basic security procedures, such as upgrading firmware and changing privacy settings and detail passwords, a part of your routine. Training matters too: Staff need to understand the risks inherent in IoT and should take pains to ensure no one steals their credentials.

Developers also have a role to play, through incorporation of best practices like Public Key Infrastructure (PKI) solutions to allow for secure communications, along with encryption to reduce the likelihood of hacking.

Other ways to ensure a secure shopping experience in the IoT ecosystem include:

  • Segmenting IoT devices on separate networks to keep them removed from the internet and from other devices.
  • Keeping current on vendor security updates and applying patches for identified vulnerabilities.

One example of a secure IoT ecosystem can be found in ARTIK, Samsung’s IoT platform that includes hardware modules, a cloud offering and a partner ecosystem. End-to-end security covers code execution and data management on the hardware, a secure channel to the cloud, and secure authentication and authorization.

In the rush to adopt IoT in retail, it’s important that enthusiasm for an improved shopping experience not be allowed to overshadow concerns about security. Retailers, understandably eager to put the power of IoT into action, may be tempted to treat security as a secondary concern.

IoT devices are just as vulnerable as any other components on the network and need to be implemented with equal care. As is so often true in matters of IT security, forethought is key. When implementing an IoT solution, it’s much easier and cost-effective to address security and privacy issues up front than bolting on security after the fact.

That small initial effort can yield big rewards when sharing and managing customer data through networked devices. IoT will dramatically enhance the retail experience in the coming years, and those who approach it with an eye to security will come out the winners.

Discover our smart, interactive, personalized retail solutions, from digital signage to mobile POS.