Security Review: Self-scanning Checkout

By devynp at 7:14 am on February 20, 2009 | 3 Comments

Self-scanning checkout, also called “self-checkout” is an automated process that enables shoppers to scan, bag, and pay for their purchases without human assistance. A typical self-scanning checkout lane looks like a traditional checkout lane except that the shopper interacts with a computer’s user interface (UI) instead of with a store employee. Instructions are given to guide shoppers to complete the checkout process. Typically, the customer scan each item or manually enter its identification code and bag it. The weight observed in the bagging area is verified against previously stored information to ensure that the correct item is bagged, allowing the customer to proceed only if the observed and expected weights match. After scanning and bagging, customer may choose method of payment: debit card, credit card, or cash. There is normally an attendant watching over several self checkout machines, to provide assistance, prevent theft through exploitation of the machines’ weaknesses, and to enforce payment. Attendant assistance is also required for the purchase of age-restricted items.


Goals

  • Accurate transactions. Checkout is the last point of contact that a typical shopper would have with the store before purchasing items and leaving the store. Allowing users to DYI, accuracy is extremely important to ensure that the customer is ringing up items correctly, pay the right amount, and that the store isn’t losing money and merchandise to shoplifters.
  • Efficiency of checkout. The benefit to the customer is in the reduced checkout time because stores are often able to efficiently run two to six self checkout units where it normally would have had one cashier. Also the time efficiency requires that the customers using the machine be reasonably competent. An inexperienced customer can cause the same sort of delays as an inexperienced cashier on a conventional register.

Adversaries

  • Shoplifters. Now that shopper doesn’t even need to be in contact with a cashier to purchase things, this opens up opportunities for shoplifters to hit the store.
  • Credit card thieves. Again, since the shopper doesn’t contact with a cashier, there is no physical credit card usage validation. Often times a signature is not even required.

Potential Weaknesses

  • Assistant to customer/checkout stand ratio. Each assistant is usually responsible for 4-6 self-checkout stations at a time. During peak hours, the lack of assistance would increase the number of shoplifting.
  • No credit card transaction validation. Once the customer swipes her card, no signature’s needed to verify that the card belongs to the user. With an actual cashier, at least the cashier could ask to see ID’s and even deny the card.

Defenses

  • Weight checking. This is already a feature of the self-checkout systems. After customer has scanned the item into the system, the self-checkout station requires the customer to place the item in the bag. This is to double check the weight of the item in bagging station with item that was actually scanned. If the weight does not match, then the system would ask the customer to rescan the item and would also alert the attendant.
  • Credit card purchase validation. Requiring shoppers to provide ID with card per use. One way to achieve this is to have the self-checkout attendant do a quit validation. Another way is to employ some sort of face recognition to cross check the shopper’s ID with image present or capture at the site of purchase. The second one might be a little far-fetched, but once available, but it will provide the merchants a way to validate/deny card user.

Risks
Self checkout systems provides the benefit of reduced checkout time because stores are often able to efficiently run two to six self checkout units where it normally would have had one cashier. To some degree customers appreciate the ability to not have to deal with anyone, giving an illusion of privacy and anonymity. However this significantly reduces number of jobs available to actual employees (think terminator). Even though there are self checkout attendants around that could be reached, tracking of transactions is now land on that employee to ensure all are processed correctly. This introduces new opportunities for shoplifters to hit a merchant.

Future
New interesting implementation of checkout solutions is a contactless payment using RFID system. Each items in the store will be labeled with RFID tags, and there will be RFID readers to detect the items that each shopper has in his/her cart. When shopping is done, he/she will not need to scan their items, but they can just walk out the store’s door, adding convenience and efficiency.

Conclusion
Self checkout systems are becoming more prevalent. Many grocery stores are having a mix of having both self checkout lanes and store associate lanes. Although these places need to be more cautious in deploying such technology, this system has a strong value and will likely to continue to evolve and add capabilities. The future for a self checkout systems is no doubt going to increase rapidly, and hopefully we’ll eventually see stores with 100 percent self checkout system.

Xia Cam & Devy Pranowo

Filed under: Security Reviews3 Comments »

3 Comments

  • 1
    Get your own gravatar for comments by visiting gravatar.com

    Comment by jonfung

    February 20, 2009 @ 4:06 pm

    I’m pretty sure the tradeoff is worth the risk. Groceries are not high-margin products so the labor savings probably would help substantially. I also find that using self-checkout is usually gets me out the door quicker. However, self checkout does make it easier for people to steal things. The attendants really don’t do much security enforcement and just help people having issues with the system, and having them assume roles to provide more security somewhat defeats the purpose of self-checkout. They essentially become almost like normal cashiers. I don’t think that credit card weaknesses mentioned are anything new. Some stores don’t make you sign or do any sort of validation at all. Even traditional checkout with cashiers usually doesn’t have any sort of identity verification. Granted, adding an easy identity verification would be great, but that may actually make the system more secure than checkout with a cashier. It would be ubiquitous and always there. Clerk verification is not consistent whatsoever.

  • 2
    Get your own gravatar for comments by visiting gravatar.com

    Comment by elenau

    February 20, 2009 @ 5:23 pm

    It seems that adding an attendant to verify an ID, creates much overhead. Also, since only one such attendant would be required to per multiple check-out systems, it could be confusing to the customers. The idea of face recognition seems interesting, but at this point probably not very reliable and expensive.

    Maybe another solution could be some sort of cross validation. For example, the system could ask of the purchaser to enter a driver license number, and make sure that the owner of the license number corresponds to the owner of the credit card. Of course, it is not a solution for the cases when a thief has both credit card and driver license number. But the idea is to have a sort of authentication of that the person using the card is its owner.

    Similar to that, another thing that can be done is a one-time registration for the customers to used self-checkout system. Users could register their credit card number, with some sort of password. Then they could use it similarly to debit card, where the user would have to enter a password, to get authenticated. Of course, it creates new problems – how to store this sensitive information in the system, but it makes it more difficult for somebody to use a stolen credit card.

  • 3
    Get your own gravatar for comments by visiting gravatar.com

    Comment by jap24

    February 20, 2009 @ 7:46 pm

    The weight checking doesn’t seem like much of a security measure. Someone could get a low-value item and a high-value item that weigh the same, then scan the low-value item twice and place them both in the bag. The weight checking would seem to be more useful to prevent accidental mistakes (like if an item didn’t scan and you place it in the bag, the weight checker could notice that the total weight is off), but it wouldn’t stop someone clever from underpaying.

    Using RFID tags to inventory the items each person takes is an interesting idea, but it also has problems. The range of the tags on products has to be high enough for the reader to reliably read all of them that an individual is taking, but it needs to be low enough so that the RFID readers don’t start reading the tags of products in someone else’s cart or sitting on a shelf. Depending on how things are set up, a malicious shopper with his own RFID reader might be able to instruct some of the tags of his intended purchases to not respond to the store’s RFID reader, and get out without paying for everything. There is also a privacy concern for the customers, who might not want random strangers with RFID readers to be able to find out how much junk food they eat.

RSS feed for comments on this post