Retail security – video surveillance tackles the insider threat
Tim Compston, Features Editor at Security News Desk, checks out the ‘insider’ threat that is giving retailers food for thought.
Sadly for retailers, whatever their size, it is not just people coming into store intent on shoplifting or trying to sneak items through at the checkout that are causing costly shrinkage. In fact, some estimates suggest that nearly 40 per cent of retail crime, by value, can be attributed to the workers themselves as they employ their insider knowledge to steal ever more lucrative items and even, in some cases, to collude with outside elements.
Facing the facts
Of course this issue is not confined to the UK, more and more we are seeing the insider threat, and the loss prevention measures to mitigate these risks, high on the agenda for retailers worldwide. The growing scale of the problem was certainly brought into sharp relief by The Global Retail Theft Barometer, a research effort supported by Checkpoint Systems, with figures gathered for 2014 – 2015 showing that the share of dishonest employee theft as a source of shrinkage had increased by 11 percentage points in just a year, up from 28 per cent to 39 per cent, overtaking shoplifting as the leading cause of such losses.
Beyond these headline grabbing figures, the authors of the research were also able to draw out some key regional variations, a case in point being the fact that while shoplifting is still the key vector for shrinkage in Europe, Asia Pacific, and Latin America, according to the study, employee theft leads the way in North America.
So where does the underhand activity by the ‘criminals within’ tend to be concentrated? Well according to the US retailers questioned for The Global Retail Theft Barometer study they were seeing most instances of employee theft occurring at the point of sale (POS), with other cases of stolen inventory happening in locations such as warehouses.
Higher value
Returning to this side of the Atlantic, the BRC British Retail Crime Survey (2015) has helped to shed light on the value of what employees are actually stealing with Helen Dickinson, Chief Executive of the BRC (British Retail Consortium), pointing out in the foreword to the survey that: “Thefts by employees cost on average £788 more than each customer theft.” Dickinson goes on to say that ‘insider’ threats are often overlooked, however the impact of malicious activity by an employee such as theft of stock, or a complex fraud, can be significant: “This is why the BRC recently published some new guidelines to help retailers of all sizes minimise these threats from within.”
Fighting back
Given this reality what weapons do retailers have at their disposal on the POS frontline to keep the activities of dishonest staff in check – who may be colluding with outsiders – and to stop their profit margins being squeezed?
One potential solution which is gaining traction is to refine video analytics even further to the point where it can flag up specific behaviours around scan avoidance at manned and self-checkout areas with a high degree of accuracy.
A smarter vision
Interestingly, Malay Kundu, the Founder and CEO of StopLift Checkout Vision Systems – the leading player in this field – says that the solutions StopLift has rolled out have benefitted from his background in intelligent video content analysis. In fact Kundu cut his teeth in facial recognition systems in airports and says that Stoplift itself actually grew out of a Harvard Business School research study ‘Project Stoplift’ on ‘Retail Loss Prevention’. This was an effort which he believes stood him in good stead for the challenges found in today’s retail environment: “We are applying a lot of really hard-core high tech here. That is how we are able to detect ‘sweet-hearting’ [where there is collusion between employees and customers] and generally scan avoidance. We are doing a ton of this kind of stuff for manned checkouts as well as self-checkouts.”
Kundu says that the threat stores face today goes way beyond the classic view of retail theft equalling external shoplifting where the culprit simply walks down the aisle and puts something inside their jacket: “The reality is that it is far easier to leave the store with stolen merchandise just by going through the POS with it in your bag and that is why checkouts are such a big area where theft can occur.”
Demonstrating just how far the potential to detect criminal actions, and errors, around the retail point of sale area has moved on, is the software-based checkout vision system pioneered by StopLift. Kundu says that, once implemented, the state-of-the-art ScanItAll solution automatically analyses video surveillance footage to interpret the behaviour of the cashier and customer, and, crucially, the handling of individual items moving through the checkout area. By mathematically analysing the pixels of digitised video it can be determined if an item has been properly scanned. Apparently this approach is capable of ‘understanding’ a full set of fraudulent behaviours including, for example, when a cashier covers up a barcode by hand or purposely misaligns the scanner and an item. ScanItAll is also claimed to be very effective at detecting refund fraud, basket-based loss, issues at self-checkouts and operational errors.
Discussing the prevalence of internal theft at the point of sale, Kundu tells me that, although the numbers vary a bit depending on which side of the Atlantic you are on, there is general agreement that internal or employee theft is actually of the same order of magnitude as external theft: “One of the reasons is that obviously the person who is inside the system has greater access to be able to do things. It is often thought that while for external theft there may be more instances of it, each incidence is of lower value, whereas when an employee is stealing from you they can create substantially more loss. That is why it adds up,” explains Kundu.
Kundu points out that, by the nature of their work, the cashier has tremendous control over what happens at a manned checkout and that this is why knowledgeable retailers are focusing their resources here: “The cashier can choose what items they are scanning and what they are not scanning so an accomplice – a friend, family member, or fellow employee – can take that item and walk out without having to conceal it.” Added to this, Kundu explains that even where an item has a security tag it is the cashier’s job to deactivate the tag: “The electronic article security tag can’t protect the retailer when the cashier is involved.”
Up until now, Kundu reckons, the real Achilles’ heel of loss prevention has been detecting scan avoidance at the checkout: “Retailers can look at the POS data for anomalies, the person who has a higher refund to sales ratio to everyone else, a cashier who has a higher number of voids, but the problem is that these are only useful if someone really sticks out above the noise.” He adds that to stay under the radar dishonest individuals just do little bits here and there so they do not leave an obvious data trail: “Employees are very quick to figure out that if they don’t scan something there is no record and no one checks and it can just walk straight out the door.”
Breaking the cycle
Pressed to give some figures on the impact that ScanItAll is having on employee-related shrinkage in stores where cashiers are actually present at checkouts, Kundu responds that for the ‘highest opportunity’ stores, where they have the most shrinkage and the most theft going on, they are able to reduce their inventory shrinkage by as much as 40 per cent: “When they go chain-wide it averages out that probably they can reduce their inventory shrinkage by the order of 15 – 20 per cent,” concludes Kundu. He also points out that it is very easy for a culture of dishonesty to spread.
For his part, Brian Laurienzo, Key Account Manager for Retail in the US at Milestone, the VMS (Video Management Software) specialist agrees that, when left unchecked, things can get out of hand: “The efforts and energy they (staff) are spending on ripping off their place of work continues to grow and they become more confident. They aren’t really afraid of the consequences because the company won’t notice it.”
On reflection Laurienzo feels that in the past not enough attention was paid to shrinkage related to employees who were finding ways to ‘sweet-heart’ deals with friends, for example. Thankfully times have changed and this criminality is, Laurienzo says, very much at the forefront of retailers’ minds. In fact he explains that Milestone has had numerous conversations with retailers over the past 12 months about what preventative measures to put in place. Sometimes, he explains, it is as simple as making staff aware that there is actually a camera set-up to record them: “Some retailers have noticed that just by having a conversation with their employees and having a sign, or a visible camera, employee shrinkage is cut down.”
Data detective
Expanding on this theme of stemming the tide of insider theft, Laurienzo singles out other approaches that are paying dividends, specifically through gathering data to build up a more informed picture of what has transpired: “Having a really good POS integration, so that the transactions that are taking place are matched-up to a video stream, helps to prevent ‘sweet-hearting’. Sadly, there are so many ways that employees can ‘sweet-heart’ their friends, for example by having a fake barcode on their wrist so when pretending to scan an item they scan their wrist to ring in something but with a much lower value,” notes Laurienzo.
According to Laurienzo, Milestone’s XProtect video management software and its retail offering – XProtect Retail or XProtect Transact – is helping to tip the balance in the retailer’s favour by unlocking the potential to implement POS integration: “We integrate with 90 per cent of POS systems and the other 10 per cent we just have a custom API to make sure they talk to each other. The nice thing about that is there is a central dashboard so if they – the retailer – suspect someone at a register they can watch them in real time from the corporate offices or the backroom of the store and record the video to document the criminal activity.”
Connecting crime
Peter Ma, a Technical Engineer with Hikvision, is also enthusiastic about the value of rolling out video surveillance solutions in the POS area that can be tied-in with associated retail systems: “We have a wide range of products which fully support point of sale technology. This includes all of Hikvision’s mid to high level back-end DVRs and NVRs. Once connected to the analogue or IP camera the NVR or DVR can then communicate via TCP/IP or a physical RS-232 cable.” Ma explains that specific alerts can then be created for high value items, no sales and cash transactions: “These are easily found through keyword searches.”
In terms of a recent scenario, where a solution has helped to identify staff trying to ‘cheat the system’, Ma recalls one particular retailer who decided to created alerts when cash was used to clamp down on potential criminal behaviour. The rationale for this, Ma explains, was that dishonest staff were finding it easier to undervalue items in this way rather than on a credit or debit card, which can be traced to card holders: “These alerts highlighted any reduced stock items to ensure that they had been written off correctly,” says Ma.
In addition, Ma underlines the value of having the right cameras in place: “Insider knowledge can prove [to be] an issue which is why having high quality cameras strategically positioned over the POS area is of the utmost importance. Retailers can record in a higher frame rate to catch what was, previously, difficult to notice. Users can also implement line crossing and intrusion detection to see any suspicious activity by workers.”
Organised criminality
Speaking to Andy Martin, Business Development Manager (Retail) – Northern Europe – for Axis Communications – when it comes to internal retail theft, worryingly, he flags up the fact that retailers are telling him about a marked growth in the involvement of organised crime here: “We are actually holding a retail crime roundtable at the Gherkin in London this week to talk about what they [the retailers] feel the collusive risk and pressure is on staff.”
Martin (pictured left) admits that picking up on such offending and collusion at the point of sale, where there is a customer transaction – allowing refunds or creating sales in the till that didn’t exist – can be quite difficult. Martin says that, in terms of uncovering this subterfuge, there is good work being done at the moment by retailers around exception based reporting: “We are trying to work with data mining and exception based reporting companies to marry up video so where retailers have an ‘odd’ transaction there is a video case file. Part of the reason that we want to do this is not just around the detection of those offences, and the subsequent forensic analysis that might lead to a conviction, but it also gives a really powerful deterrent message.”
Caught on Camera
Catching up with Jeff Whitney, VP Marketing at Arecont Vision, for a video surveillance camera vendor’s perspective, he reiterates the view expressed by other security experts that stock slippage, especially ‘sweet-hearting’ where an employee works in conjunction with one or more others to instigate a theft, remains a real headache for retailers: “One common example is for a cashier to fail to enter all of the expensive items passed to them by their partner, or to enter false barcodes or prices to identify expensive items as cheap ones.”
In terms of where the latest camera technology fits into the retail crime fighting picture, Whitney stresses that a high quality megapixel camera, when positioned over the point of sale terminal, is well placed to capture incriminating details: “When combined with a VMS and an analytics package this could, potentially, highlight suspicious activity without operator intervention.” Whitney believes that in some cases dishonest insiders do not reckon with the detail ability of a 8MP quality, 30 frames per second 4K camera, such as Arecont Vision’s MegaDome series, to pick-up on their slight of hand: “With high speed capture of extremely detailed images, faces, name tags, product labels, and more, not even rapid handling is able to hide from the camera.” Where employees are aware of the continued vigilance of a surveillance system, Whitney reckons that this can also reduce the incidence of insider actions.
Whitney adds that the type of camera deployed in a retail environment depends very much on whether an overt or covert path is adopted: “Typically high end retailers don’t wish to portray their environment as one under strict surveillance and damage their customers’ and employees’ trust. In this case the cameras are often as low profile as possible.”
Whitney says that Arecont Vision’s SurroundVideo Omni G2 is a good example of a covert camera: “This camera has four sensors that can be positioned to look in four different directions, or to cover the range of 180– 270–360 degrees, and in between, and yet is so small it can be confused at first glance with a light or perhaps a smoke detector.”
Where the requirement is for only the camera lens and a small bubble to be visible then Whitney believes that Arecont Vision’s new MegaVideo Flex camera series fits the bill: “The sensor and main unit can be separated by up to 12 metres using a standard USB cable for extra flexibility. With a range of HD quality megapixel sensor and lens options, a camera like the Flex enables the retailer to put surveillance easily into areas where overt cameras would be detrimental to the environment,” Whitney states.
Retail response
So to conclude there is no ignoring the fact that whilst the majority of retail staff may be honest and trustworthy there is a minority out there who, for whatever reason, are all too happy to steal from their employers. Thankfully with the ability to integrate video surveillance images and POS data and also to apply ever more sophisticated video analytical techniques the days of the criminals within pulling the wool over a retailer’s eyes are definitely numbered.
[su_button url=”https://www.securitynewsdesk.com/newspaper/” target=”blank” style=”flat” background=”#df2027″ color=”#ffffff” size=”10″ radius=”0″ icon=”icon: arrow-circle-right”]For more stories like this click here for the Security News Desk Newspaper[/su_button]