NRA Special Report: Cybersecurity 101 — How Consumers are Transitioning to Mobile Payment and the Next Step for Restaurateurs

The digital landscape goes beyond social media keeping us interconnected. We are exchanging more than words across cyberspace — we're exchanging money, our society moving from cash to mobile payment. While on one hand it brings simplicity, convenience, and efficient record keeping, on the other, there is a major concern that stops consumers from taking the final jump into a more mobile-digital payment system: cybersecurity.

But consumers aren’t the only ones who need to stay on top of this issue. How can restaurateurs do their part to keep paying customers’ information safe, and what security measures, tools, and resources are available?  

In this NRA Special Report, as a part of "On Foodable Weekly,” joining our Foodable Media Stage — straight from the floor at the NRA Show 2016 — are the National Restaurant Association’s Director of Commerce & Entrepreneurship, Laura Knapp Chadwick, and EVP and General Counsel, David Matthews, who specialize in mobile commerce security, patent reform, breach and standard protocols, and more.

“Breaches of late have demonstrated that it’s no longer just payment card information that hackers are interested in. They’re interested in so much more, so restaurants need to be proactive in protecting their entire enterprise, not just the payment channel,” Chadwick said.

With the restaurant industry touching so many consumers on a daily basis, cybersecurity breaches are far from something to take lightly. Even through loyalty programs alone, a hacker can take advantage of vital information, whether it be addresses, email addresses, or birthdays.

“So our concern is, just as a restaurateur needs to be concerned about how they can maintain and serve their meals and food, they need to be concerned about that information, as well, because a catastrophic event like a breach could be just as devastating as an incident in the foodborne illness industry,” Matthews said.

There are state laws in the book that say if a business does not have customers’ contact information, the company must alert the the statewide media. It’s what Chadwick called putting a knife in an open wound in terms of brand damage.

When it comes to system adoption, the transition is admittedly clunky. The extra 10 to 20 seconds for each EMV transaction can add up in a restaurant that sees hundreds of customers each day. While the industry cannot drive mobile payment adoption, operators must be prepared for customers when they are ready to make the switch. In fact, a liability shift in October 2015 stated that merchants who weren’t EMV-enabled (the chip encrypts the data at the point of sale, making it so that information cannot be accessed after the fact) are now responsible for the charges from misused customer information.

“This is a costly process that restaurateurs are taking on a result of the regulatory environment,” Matthews said.

Still, integration is key to encourage customer transition. Like how Starbucks has combined their mobile program with their loyalty program, the more a brand can integrate the transition with a customer’s experience, the more success brands will find as they moves over to the mobile-digital system.

Watch the episode to learn more, or read Cybersecurity guide prepared by the NRA.