Store dealing with dishonest employees uses internal theft prevention software

A London-based sushi chain expects to save almost £1 million this year with the help of new fraud-detection software.

Almost £1 million: That’s how much a London-based fast food chain said it could save per year, thanks to new security software designed to detect suspicious activity by staff.

The retail industry is rife with till fraud.

Alex Young, Commercial Director,  itsu ltd.

The itsu chain, which sells sushi to office workers from 29 outlets in central London, has successfully piloted VigilancePro software from UK company Overtis Ltd and plans to roll the system out to all its shops over the next two months.

The software works by analysing the actions of checkout staff, and flags any suspicious activity. It then sends an immediate alert to a nominated manager, along with screenshots and CCTV footage of the transaction. The manager can then view the transaction and decide whether it is fraudulent.

“The retail industry is rife with till fraud,” said Alex Young, commercial director of itsu. “We pay our staff well and treat them well, but we are based in central London, one of the most expensive places to live in the world. We will take £35 million this year, 50% of which will be cash transactions. And the reality is that some of that cash won’t make it to the tills.”

Employees have various ways of stealing money. For instance, Young said a common trick is under-ringing, where the store worker keys in a low-value item, such as a bottle of water, when the customer is actually buying a full meal. The customer pays for the meal, and the till operator pockets the difference.

Young said he started looking last year at how to cut losses associated with dealing with dishonest employees. “We do a weekly stock-take, and even after we took into account wastage because of unsold food, there was still a significant gap in each store that we couldn’t explain,” he said.

He initially looked at a fraud detection product offered by IntelliQ Ltd, which is used by well-known retailers such as John Lewis, Phones4U and New Look. “It’s very good, and a lot of people use it, but it was all very time consuming and involved a lot of work with Torex, our till provider,” Young said.

Then in November, he chanced upon an advertisement from Overtis, and was attracted by the promise of real-time alerts, rather than having to plough through historical data to detect anomalies. VigilancePro was originally launched in April last year in order to create a link between digital and physical security.

The agent-based software sits on a client device, and sends out a message when any of a set of pre-defined events occurs, such as goods leaving a factory by the back door, or someone entering a restricted part of a building. With interfaces to CCTV cameras and other physical security devices, it can package up a complete picture of the event and send it to a manager.  The product links to a central server running a Microsoft SQL Server database, and a BusinessObjects Universe dashboard.

Since it is the first live retail user of the internal threat prevention product, Young said itsu has to work with Overtis to develop the product to suit its needs. For instance, itsu insisted the system work with its existing tills and analogue CCTV cameras, so Overtis had to build the necessary interfaces to integrate data coming from those different sources.

Adapting the software to the retail environment meant creating a set of rules to determine what constituted normal and abnormal business activity. “In the case of itsu, they knew what they wanted to look for,” said Richard Walters, CTO for Overtis. “For example, they knew that low-value transactions would be unusual, especially at lunchtime where people might have to queue for a long time. Single item transactions would be suspicious as well.”

Walters said Overtis has created a collection of more than 100 templates for different retail types, so future users should be able to select ready-made rules that apply to their business.

As the itsu installation goes from proof-of-concept to a full rollout, Young said the new system has already had a huge impact, as employees realise they are being monitored. “Last week we were just £21 off the record sales we reached shortly after our opening week 16 months ago. We had been running well below that for some time, but now we’ve seen a dramatic improvement in food revenues, which is what we’d expected. It will be amazing if that is not mirrored across all stores.”

The biggest benefit for him is that, when a suspicious event occurs, he is immediately alerted and is able to see what actually happened in the store and on the screen of the till. “At the moment, I get the alerts on my phone, and at 4 pm each day, I go into the VigilancePro server and am then able to see all the transactions and watch the ones that are of interest to me,” Young said. “When we go live, we’ll even be able to view them on our iPhones or BlackBerrys. The beauty of the product is that it’s instant. The times of sitting down to watch hours of CCTV footage are gone. It needs to be real time.”

Young is unwilling to disclose what the project has cost so far. “We got a good deal from them, and I hope that what we’ve brought to the product will provide Overtis with a springboard to go to far bigger companies than us,” he said.

As for itsu, he expects the tighter controls to yield immediate benefits. “My feeling is that it will be worth between £500,000 and a million pounds to us,” he said.

Read more on Hackers and cybercrime prevention

Data Center
Data Management