Skip to content
Search
AI Powered
Latest Stories

Cyber security threat: C-Stores need to be more careful

Cyber security threat: C-Stores need to be more careful
iStock Image
Getty Images/iStockphoto

With the growing demand for the fast and seamless retail service, there has been a rapid increase in cybercrime. The recent incidents of cyber-attack at KP snacks and the SPAR hack that happened last December has set an alarm to look at cyber security threats more seriously. Nowadays, many c-stores are using delivery apps and some are also planning to come up with their own app, so we spoke to retailers to understand what measures they are taking to protect themselves from cyber-attacks.

Imtiyaz Mamode of Premier Wynch Lane says, “Nowadays, the world is a cyber world and we live in a digital world. So cyber crimes are ongoing like data hacking and hacking off an account. This is a big issue everywhere in the world. So that's the hardest to handle, someone’s data, today.”


“Knowing this we try to take care of this by doing small things like- when we do a transaction, we destroy customer’s receipt after three months.”

Mos Patel, who runs two stores in Greater Manchester, uses the same method to protect the customers' details.

“Hackers are anyways going to hack it if they want to, we can’t do anything about it. We are a small business. We don’t have that much money to build a secure infrastructure against it. So, what we do, whatever credit details we get while transaction we shred everything, we destroy it,” he says.

Mos Patel  1 Mos Patel

“We update our laptops regularly, and disconnect them physically, the system is managed by third parties, so obviously, it's not in our hands. Regarding the app, we use other platforms like UberEat, Deliveroo, and we expect them to manage their sections.”

Both Imitiyaz and Mos are working on developing their own app for their stores.

Mos says, “We are going to have our app and probably we are looking for some local business to manage [it] for us. I think a lot of retailers have realised that they have to rely on other people because we’ve not got a lot of knowledge on it.”

Imtiyaz, an IT engineer by training, used to work with Imperial College London before getting into the retail business. To maintain customers’ trust in his store, he is in the process of building his own app. He says the idea kicked in when he was approached by Deliveroo.

“I liked their concept of an extra service and there will be extra income for the store. But there was a problem, they wanted me to increase the price of the products. For example, the product, which I sold for £10, they wanted me to sell for £14 online.”

imtiyaz mamode Imtiyaz Mamode

He adds, “Most of the products in our stores are price-marked, and they wanted me to sell on extra price. And they said everyone does it, and all the store with an extra price, because you're trying to add extra service to your shop. I said I don't want to do it because it's like our customers trust us a lot. And if I'm trying to put in extra money, it will break their trust. And we are well-known store in our local area and everywhere. So, it will be a breach of trust for us and customers.”

Imtiyaz is working on the development of apps that will focus only on the local area or the rest of Hampshire. “We don’t want to go for the entire UK. I don't want to provide service on a bigger scale at the moment, because I don't have more manpower. So, I'm planning to an app that will cover only local area,” he says.

Speaking on the cyber security threat, he says, “Yes, cyber security is a challenge and we are planning to view the third party like Barclaycard, or others which are already been bigger company, which usually deals with this kind of trust. So, we will kind of merge or use third-party software, which will be merged with our application. So that all the money or card transactions are done will be done by third party only, which are more secure.”

Both Imtiyaz and Mos believe that building an entirely secure system in his app will cost him more money and it's better to tie-up with a third party.

Imtiyaz adds, “In spite of spending money on that, in the beginning, we thought of giving it to a third party. Because in the beginning, we don’t know how many difficulties we might have, in the app, there can be a glitch, can be the flow of hundreds of customers or thousands of customers or a lot of traffic on our app that can crash the app as well. So, in the beginning, we thought to give it to a third party, which already have better security, like a Barclaycard, they got really good security, as far I know. So hopefully we planning to do that, in spite of building our own cyber security.”

Jonathan Wood C2 Cyber scaled Jonathan Wood, C2 Cyber

Measures to prevent cyber-attacks

There have been rising trends in the convenience sector of introducing shoppers to delivery apps, self-checkout tills, and card payment machines to name but a few, while simultaneously gaining data and visibility of its customers' shopping habits. This insight, while useful for single and multi-site convenience stores, poses a very real risk when it comes to potential cyber threats. Asian Trader has also reached out to Jonathan Wood, founder and chief executive of C2 Cyber, a vendor risk management company, to understand what are the reasons behind cyber-attacks and what needs to be done if you have been a victim of it.

“If hacked, access can be gained to a world of sensitive data such as customers’ card details and a store's inventory,” he explains. “Convenience store owners must ensure there is a vendor risk management process in place to prevent the likes of a recent breach of the SPAR chain’s EPOS systems from repeating itself. Any loss of customer data can have long term consequences leading to mistrust of an organisation and, therefore, loss of customers and sales.”

He adds, “However, quite frequently cyber-attacks happen due to simple negligence such as the use of easy-to-crack passwords, no two-factor authentication, or accessing work emails and systems through a public WiFi. All these issues can be prevented by having clear work policies, password managers, and due diligence. All third parties should also have appropriate Privacy Policies that indicate how they handle partners and customer data. And, of course, always beware of phishing emails by checking the email addresses of the sender and the body copy for any inconsistency in a tone of voice or obvious spelling mistakes.”

If you have been a victim of a cyberattack, first thing to do is to identify the channel that was used to hack your business and take appropriate measures, Jonathan suggests.

“Change all passwords, or use a password manager that generates strong passwords for you. Use backups either in the cloud or on separate hard drives, making sure they are also password-protected, and preferably not using the same passwords for multiple accounts,” he adds.

If there was a breach of employee or client data, one must inform the national data regulator, ICO within 72 hours of the breach taking place. “If the hack poses a threat to the privacy and rights of individuals, you must inform all parties affected too to ensure they take appropriate steps to protect their data,” he explains.

“If the hack happened through the third party, make sure to enquire what steps have been taken to prevent these attacks from happening in the future. Customers are more likely to trust your business if they see you taking cyber security and data privacy seriously,” he concludes.

More for you

Sugro UK hosts highly successful 2024 Business Convention

Image by Sugro UK

Sugro UK hosts highly successful 2024 Business Convention

Sugro UK, the member-owned buying and marketing group, once again hosted its annual overseas Business Convention. This year it was held in numerous locations throughout India.

This highly successful event marked another milestone for the Group, delivering substantial incremental growth with almost 10 million cases purchased during a three-month incentive period, benefiting both Members and Supply Partners alike.

Keep ReadingShow less
National Lottery retailers ‘Share the Win’ with new rewards initiative

National Lottery retailers ‘Share the Win’ with new rewards initiative

An exciting new rewards initiative launched by Allwyn – called “Share the Win” – is transforming National Lottery retailers into winners, simply by them selling a high value winning ticket or Scratchcard.

The new ‘Share the Win’ initiative is putting a range of prizes up for grabs for National Lottery retailers who sell high tier (£50,000 or more) winning draw-based games tickets – such as EuroMillions, Lotto, and Thunderball – or National Lottery Scratchcards. The scheme is open to all retailers where the winning ticketholder is happy to share details of their win.

Keep ReadingShow less
Recycling waste collection
Photo: iStock

Businesses face March 2025 deadline to streamline recycling under new government policy

The government has on Friday published a policy update on recycling, introducing significant changes for businesses to streamline recycling practices and improve sustainability. Effective by 31 March 2025, these reforms set new standards for waste collection across England, aiming to create a consistent system that benefits the environment and reduces confusion.

Businesses and non-domestic premises, including schools and hospitals, must arrange for the collection of the following recyclable waste streams:

Keep ReadingShow less
Hopes pinned on festive period as footfall tumbles in November
(Photo by Hollie Adams/Getty Images)

Hopes pinned on festive period as footfall tumbles in November

Footfall took a "disappointing tumble" in November, shows recent industry data, as retailers remain hopeful that the Black Friday and Christmas sales will help to turn things around for good.

According to BRC-Sensormatic data, total UK footfall decreased by 4.5 per cent in November (YoY), down from -1.1per cent in October. High Street footfall decreased by 3.7 per cent in November (YoY), down from -3.6 per cent in October.

Keep ReadingShow less
Generational smoking ban will have 'serious impact on legitimate, visible traders', warns Fed
iStock image

Generational smoking ban will have 'serious impact on legitimate, visible traders', warns Fed

More than nine in 10 independent retailers have said that the government’s proposed generational smoking ban and a ban on disposable vapes will fuel demand for illicit products even further, a survey of members of the Federation of Independent Retailers (the Fed) has shown.

Seventy-eight per cent of respondents said more of their customers than ever were buying illicit tobacco and vapes from other sources and just over half (55 per cent) were aware of specific places near their shops where illegal products were on sale.

Keep ReadingShow less