Amazon Marketplace Program: What if Walmart steals the entire pie?

It has been a while since I posted a blog entry. A new job, a new place, a new home and several other activities has kept me away from blogging. In this article, I want to explore a nagging thought that has been in my mind for a long time. Is Amazon merely profiting from the marketplace/seller program they run or do the retailers selling on Amazon also benefit from it? What if Walmart really takes off with its very modest marketplace program and makes it "competitive" a la Walmart style?

I don't have the insider view (and won't use it here for Walmart) and hence can only speculate to a certain extent. I believe, Amazon is making a killing with the marketplace program at the expense of the 3P retail sellers who don't have any other viable option to access a large customer base for boosting their sales. In today's e-commerce world strictly limited to the US market, the bottom-line is that there is no healthy competition to Amazon on the marketplace program. While Ebay comes close with its version of a marketplace and there are a few other competitors, including Walmart, fighting in the ring, they do not come anywhere close to the size of Amazon's program.

In this article by Scott Wingo, CEO of Channel Advisor, a beautiful analysis is done to show the prominence of the marketplace program for Amazon ( It largely supports a view that I constantly keep sharing with office colleagues at the water cooler; Amazon is nothing once you take the marketplace program out of its business. Amazon is big today because it took several years for the competition to take note of it and initiate any serious action. Even Walmart with its deep pockets and huge resources never ventured into any serious efforts to drastically augment this business stream. Marketplace is a profit making venture. You only realize a percentage commission on the actual GMV or marketplace sale made. But, that percentage commission is pure profit after adjusting for other services you may provide at a cost to the company (for example, fulfillment). In Q3 of 2012, Amazon's GMV from global marketplace sales was more than the sales generated from their own channel. The difference may be small but  that is also explained by the fact that Amazon's own network sells more media than EGM. 40% of the units sold are marketplace items and the total 3P revenue (near profit) in Q312 was $2B. What is also interesting in the article is the steady gain that marketplace has had when compared with its own channel (1P) from a GMV standpoint. Amazon sells over 100 million skus largely because of its marketplace program when compared with say,, which sells a relatively modest number of skus.

One needs to note that the benefits accruing to a small retailer selling on Amazon vs selling on any other strong retail competitor site (say Walmart) is very minimal. Amazon provides some add-on-benefits to a retailer selling on when compared to selling on other networks. The biggest and only noteworthy benefit of all is the fulfillment-by-amazon (FBA) program. This helps a retailer publish their product on amazon and let Amazon fulfill customer orders, ship them out and also provide customer service capabilities. This is touted as a major benefit to sellers who want to outsource these capabilities to Amazon rather than take it up on their own. However, none of these services offered by Amazon come for free. In fact, there is a fee associated with every bit of service they provide on behalf of the retailer. Even customer service as an option is burdensome to the 3P marketplace seller as Amazon's friendly policy towards customers never takes a friendly view on behalf of the sellers towards product returns (check forums on Amazon seller central to read more on some of these pain points). All in all, while Amazon provides these "exceptional" benefits and has worked hard over the years to make their marketplace program superior (kudos to them for this), none of these benefits they provide to the sellers is a strategic core competence, the one that cannot be replicated by the competition, especially if the competitor is someone like Walmart.

While replicating a competitor's strategy doesn't necessarily make you the leader or replace the market leader overnight, the beauty of the marketplace program is that you can get to cause serious disruption in a relatively easy manner. 3P sellers are not tied by any means to Amazon's seller program if they can find an alternative and cheaper channel to sell their wares. Yes, they cannot exit the Amazon relationship completely as they have put their flesh and blood to make Amazon the giant that it is today. That in turn has made Amazon a necessary partner for them to access the huge consumer base that comes first to Amazon to find their favorite items. Similar to Google search that fed on the constant flow of advertisers and consumers reaching their site over the past several years to learn and grow its search engine, Amazon too has benefited from the fact that over the past ten years, every small retailer sold on the seller program to the point where consumers now blindly believe that Amazon has the product they want. The 3P retailer helped spin a huge consumption web for Amazon and now they are stuck to it like a fly.

All that a player like Walmart needs to do is disrupt the pay-by-service model that Amazon is making money on, offer the same items that are sold by the same marketplace partners that Amazon has and utilize the exceptional advantage of the 4000 strong Walmart store network to create a competitive advantage. Adding to that, if you take away the subscription fees of ~$40 that Amazon charges to be a premium marketplace partner, you now have a level playing field. The one thing missing still is the huge consumer base that Amazon has, again much greater than what can boast of. But, that game can be won over by slick marketing and a few "million" dollars spent in the right direction for a couple of years. Amazon, however, is racing towards global marketplace leadership. This is not just an investment of time or money but huge resources to move the needle and become a first mover in countries that Walmart is yet to set foot in.

If the behemoth of Bentonville can take a few longer strides against the scurrying technology rabbit (yeah, it is Amazon) that is racing fast, Walmart has a way to solve the one puzzle that has tripped it in the recent past  - how to become a leader in the e-commerce space and be ready for any other channel disruption in the future? The retail battle of the future can no longer be won alone. You have to take along willing partners and make money out of them, help them make a little on their owen, and overall make it a win-win situation.

Google Shopping: Bidding Your Way to the Customer’s Wallet

By now, everyone in the e-commerce world is aware of yet another disruptive force introduced by Google (or rather re-packaged and reintroduced). This one is called Google Shopping and Google wants to build a better shopping experience for consumers through this offer targeted at e-commerce merchants. In simple words, for the US market, Google product search is being converted into Google Shopping. This is based on creating product listing ads available as a service in Google Adwords. Google Shopping is a commercial offering, which means that there are no longer freebies available for merchants to list their products. It has to be paid for or bid for in a similar fashion to bidding keywords for running Adwords campaigns, except that in this case the bidding is for a “product target”. The details on how Google Shopping has been built can be read in the below blog by Sameer Samat, VP of Product Management at Google:

Now, Google Shopping has been panned by critics who call it as dangerous for small businesses who cannot outbid their rival large retailers and hence would lose out on the race to gain prominence in Google search. Given the cost of clicks can range from $1 and upwards, there is some truth to why this doesn’t work well for a small e-commerce player trying to gain some prominence in listing products through Google search. But, this program is very similar to the much familiar keywords bidding process used in Adwords. Several e-commerce players have used a combination of SEO and Adword campaigns to gain customers over the years. It is true that keyword bidding has become an expensive affair as more and more competition has started bidding for much sought after keywords. This would probably be the case with product targets too that drive Google shopping. But, one needs to realize that bidding and participating in Google Shopping is not the beginning and end of gaining access to a customer. It is a so-called “privileged” access to customers by merchants who can afford to spend a little to get a customer. This is no different from every practice that one can see outside in the business world.

When a customer searches for a product on Google, he is by and large still in the “discovery” or “research” mode. While providing additional information like price at this stage is definitely an “influencer”, it is by no means driving a purchase decision in favor of a particular retailer. A small retailer losing out on a bid to display their products in a prominent yet constrained real estate space once occupied by Adwords ads is in itself not going to displace the merchant and steal his business. An e-commerce retailer needs to focus on customer acquisition for sure but his core focus should be on building strong business fundamentals – better operational efficiency and better sourcing of products. What Google is doing here is merely allow potential customers have an additional look at products sold by a specific set of merchants. Why would Google want to do so? Because it is the gatekeeper of every potential customer that can be acquired by an e-retailer in this world. As a gatekeeper, Google does not want to just allow customers pass the gate, they want to streamline that crowd as much as possible so that they reach the right destination. It is just that in order to do, they are charging an entry fee. This entry fee is not being collected from the customers, but the merchants waiting to grab hold of those customers and do business with. While I would prefer everything to be free in this World, the reality is that this isn’t unfair either.

Would it lead to a loss for merchants who cannot afford to pay the fees required to get customers to their shop? Yes, it may. But, customers in a mature market like the US are self-trained to research through several combinations of steps. These steps may be reduced, but they are never going be to easily replaced even by Google. Some of them are-

  • Check Google to see which merchant is carrying a product
  • Research the product on (or another top e-commerce player) for understanding more about product features
  • Check Google for websites that offer additional information on product attributes, user feedback, social feedback etc.
  • Check price of the product (base price + shipping) in multiple websites including Google shopping
  • Check the website (if not familiar) to see if it is trustworthy or not. Check for ease of checkout without any annoying roadblocks (bad UI, unwanted questions, unwanted steps – no guest checkout!?) and then finally make the purchase.
  • This is then followed by yet another Google search over the next few days to see if the product was purchased at a good deal (mitigating buyer’s remorse) and there were no price changes or unknown aspects of the product (user feedback) that were not captured earlier before purchase.
While Google is simplifying this process so that the customer reaches an e-commerce store faster, it will not eliminate all the steps. This in turn can help merchants with less money to spend on customer acquisition depend on these additional channels to capture customers.

Alternately, doing the same search for a product directly in Google Shopping is however different. A customer intent while inside Google Shopping is different from just being on Google. Here the customer is more than just doing “research” and if need be, will go to a e-commerce player offering the same product for a competitive price and complete their purchase with them. This is where the Google Shopping page is more powerful as an influence on customer purchase decision than the regular search. This is also where Google hasn’t invested as much product knowledge in drastically improving the product discovery and purchase decision mechanisms so that customers don’t bounce from Google Shopping and go elsewhere other than an e-commerce merchant. Product images are sloppy, product description isn’t motivational enough and speed of delivery, a major factor along with free shipping for driving purchase decisions is not displayed. This is by far a problem inherent with Google’s dependency on quality data from merchants in order to fuel the Google Shopping experience. Having worked with a big e-commerce player like with regards to data feeds, I also know how tremendously challenging it is for even an established retailer to provide all the necessary data points required to make Google Shopping a great experience.

Now, if Google’s focus is on Google Shopping, what can small e-commerce players do to improve their business through product ad list bidding? Well, for starters, all that a small merchant needs to do is just bid at least at a bare minimum price for key product types (brand or category or ad group etc.) so that they are included in the Google Shopping program. What also needs to be done is to maintain a high level of product quality so that data is always fresh and matches with data on the merchant website so that Google doesn’t reject the product for listing. Bidding high to get a premium seat is best left to the big guys unless you are a niche player in the market with products that maybe a Walmart or an Amazon (highly unlikely) doesn’t sell. Customers will definitely make an additional click to navigate and view additional search results in Google Shopping to nail down their purchase options (this is a hypothesis and I hope will be tested right). At a bare minimum, they will filter the options presented based on total price or other attributes and hence get to view a competitive offering.

Not finding yourself in the regular Google search product display because of poor bidding will turn out to be a major downfall only after Google has mastered all the e-commerce retailers and their data. This is practically impossible and will take a couple of years for Google to get it right (it can eventually happen though!). Google Shopping will turn out to be a huge profit driver or enough of one so that the company is no longer dependent on Adwords as the only key source for its long-term growth.

Check this link to understand how product ad list works:

[polldaddy poll=6297477]


Digital Wallet Service by

As any serious Product Manager in Indian e-commerce may have noticed,, the best online player in India as of today, had introduced a feature called “digital wallet”. Now, the concept of a digital wallet is nothing new in itself. Paypal has one of its own. So does Google have one. Check this article to see what Paypal is up to with the concept of “money”- I am not particularly sure who pioneered digital wallet in the first place, but I don’t care much about that. What I do care for is that the team at Flipkart (hopefully a smart Product guy) figured out how valuable and important it is to have a digital wallet system in the Indian e-commerce scenario. The wallet that Flipkart offers is a bit different from the so-called wallet offering of others, but it has definitely been tweaked to benefit the Indian consumer. themselves have defined the benefits of a Wallet as the following:

  • Make one payment and shop multiple times
  • Simpler and faster check-out process
  • No more worries of failed payment transactions

While the first benefit is not something that Indian consumers will drool over, the third benefit is in my experience, a very big deal for both the consumer and the company. The first benefit is obvious to the consumer once they understand the basics of what a wallet is used for. The good thing going for is that it has a music download service called “flyte” that works really well with a wallet. Nobody would care to make repeated purchases of Rs. 6 each for purchasing a music title. A wallet stores funds that can then be released for making these one-off payments. If flyte didn’t exist, the first benefit would rather be an aggressive MBA-trained marketing guy’s sales pitch for corporate glory than anything meaningful from a customer standpoint. Indians take pride in making a profit out of every penny they hold, whether in a bank or through tax savings (or evasions) to avoid paying too much to the government. They wouldn’t be happy parting with their money even before they make a purchase with the satisfaction that flipkart has it with them. Yes, it is true that the above points will be refuted once Flipkart turns into a giant e-commerce player and becomes a household name like Amazon.

Another reason why consumers will not like the idea shared in the first benefit is that the amount that you store in your digital wallet cannot be refunded by in case you no longer want to purchase anything on the website or just plain want your funds back. is not a bank and RBI regulations does not allow it to function as one unless it applies to become one. It is possible that is currently working towards getting the needed RBI approvals to become one but it would only make sense if the digital wallet in its current sense is really taking off for them and this issue is constantly turning out to be a customer painpoint that needs to be addressed. A look at the digital wallet FAQ on indicates something very interesting. It has a question that says – What is the change in the refunds policy of the digital wallet?. The answer is “As of 2nd February 2012, the Refunds Policy for the Wallet has been slightly modified. As per the earlier policy, the entire balance in the wallet was fully refundable. Under the updated policy, the Topped-Up balance in the Wallet will not be refundable starting 2nd February 2012.” The top up balance is basically funds that a customer directly puts into the wallet to make future payments and it is not refundable due to the regulations mentioned earlier. The fact that it was changed effective 2nd February indicates that probably was not aware of the regulations that were meant to be followed and then had to correct their actions after the fact. This single issue with the functioning of a digital wallet turns against the overall benefits of offering one.

Now, coming to the third benefit, the challenge of facing failed payment transactions is very real in the Indian context due to the over-dependence of e-commerce retailers on a third-party gateway run by either an aggregator (CCavenue, EBS, PayU) or a bank supported entity (HDFC, ICICI pay seal). An e-commerce retailer can see about 30-40% of its customers lost at that point after having taken pains to carefully hold their hands and take them through the checkout stages. This is a very painful loss especially for Indian e-commerce retailers. It is not easy getting a customer that far only to see him drop. None of the payment gateways in India have a foolproof method of preventing such issues. The best success rates boasted by the best in the industry comes to about 78%-80%. Gateways like EBS and PayU offer a retry option for helping a customer try a payment again when things fail, but this doesn’t solve the issue 100%. In this context, having funds in a digital wallet ensures that a customer need not go back looking for his credit card, netbanking bank details or debit card and start entering all information in a 3rd party payment gateway only to see that things are slow due to the internet, the banks are not processing their payments or the payment gateway is down for maintenance. For an e-commerce site, on a per transaction basis, we no longer have to deal with bad payment gateways, good payment gateways who still can’t control issues and fickle minded or busy customers who may drop out at the last stage.

The digital wallet system should however evolve to provide more incentives and benefits to the customer to influence them to use the wallet and park funds there. These could be in the form of discounts at the checkout stage for using the wallet or as Paypal is doing, help the customer chose how the funds are used. The question of why build this service in-house when someone like a Paypal or Google may eventually do it better in India is however worth thinking about. Ideally the link with a 3rd party like Google or Paypal would turn out to be more reliable payment instruments in the mind of the consumer and also provide additional benefits that are not easy to replicate. As of now, given the aggressive pace with which Indian e-commerce retailers are racing against each other, waiting for something better to happen may not be a wise option. Getting things out the door and then re-adjusting (like the change in refund policy that Flipkart did) is the way the game needs to be played.


PCI DSS Certification for E-commerce Websites in India

I recently worked on the PCI DSS certification process and did some research, vendor analysis, contract negotiation and technology task integration for getting certified through an audit (it is still a WIP). It was a daunting task that highlighted some interesting lessons that I thought can be shared for the benefit of the community. As a Product Manager, my role was limited after a certain extent as pure technical tasks around software and hardware took over and I merely worked on coordinating things to successfully work towards certification. All this is being presented largely in the context of an Indian e-commerce setup.

The Payment Card Industry is an interesting game changer in a World of money-driven over-consumption. First, they introduced the addiction with credit through plastic cards and their heavy abuse. Then, they got all merchants (non-consumers) to play along with the high fees and cost structure required as a prerequisite to forcibly do business with them. Unhappy with all this, they then introduced the concept of a data security standard (DSS) and the subsequent audit that follows it. This last change was surprisingly done finally for the benefit of the consumer! That benefit is now being reaped by a host of boutique IT firms around the World selling their version of PCI rules and certification as a service to merchants who cannot get it done on their own.

So, what is PCI DSS certification and why am I angry with it?

Well, for starters, I am not angry with anything although I have a very cynical tone. It is just that there is a website called the PCI security standards council ( where a bunch of people employed to write wonderful content have baked up a set of rules and regulations around PCI DSS certification and why we need it. The problem is none of that is useful although everything written in it is very helpful. The website tries to address every question you may have in your mind about PCI certification to the point where you no longer understand what the certification is needed for.

Frustration apart, PCI certification was mandated by the payment card industry as a set of security rules required to keep customer data safe within the environment in which you as a merchant is doing business. It covers all aspects of an IT and company set up where customer credit card information is captured, stored or transmitted internally or externally within a networked environment- both physical and virtual. It has about 12 or so mandatory checks that need to be satisfied by a merchant so that they are considered as security compliant in the eyes of the PCI. The only problem is that it is the merchant’s headache to make sure that they are compliant in every manner possible and the PCI never signs up for any risk that the merchant is exposed to post getting certified. Getting the certification, maintaining the certification and protecting consumer data is all the merchant’s problem with PCI nowhere in the picture except for levying fines in case a “noticeable” security breach has occurred at the merchant’s end.

So, why is this important in the context of the e-commerce industry in India?

The answer is obvious. E-commerce as a business transacts on the internet and thanks to very smart hackers who love the internet, an e-commerce business is prone to severe security issues where customer data can be compromised. While several e-commerce players in the developed world have just taken this up as yet another target in a yearly roadmap of technical tasks, the upcoming players in the Indian e-commerce space have been slow in working towards PCI certification.

One big impediment is the cost associated with getting a full audit done and getting certified. The cost can run from anywhere between Rs. 8-12 lakhs depending on the level of technical expertise or consulting help you take from a PCI certification vendor. This is followed by quarterly scans and yearly audits that soon add up to the costs. Just so that money is not lost in this unique business model of conducting audits for PCI, scans are done by an approved scan vendor a.k.a ASV. The ASVs are approved by the PCI to conduct scans. Why? Who knows! Those scans can as well be done by a good engineer in a merchan’ts technology team too. Much more painful than the cost of getting the initial certification though is the investment that needs to be made in hardware, software and network infrastructure to get things right for the PCI audit. This can be a huge dent on resources and cost depending on how big an e-commerce player you are and what are your data needs around customer card information.

So, how do I know if I am not complying with PCI security standards?

If you are not certified, then you are largely in violation of some rule or the other around DSS and hence run the risk of being hacked and as a result penalized. A quick check as a merchant can be done by one-talking to your payment processor or two-checking the checkout stage on your website.

Talking to your payment processor or payment gateway (CCavenue, TPSL, EBS, ICICI Payseal, HDFC, PayU etc.) is needed in the case you have your checkout integrated with a payment gateway to process customers payments and finalize the transaction. This is needed as the payment gateway (which is always PCI DSS certified) shares the risk of non-compliance in case there is a security breach on the merchant’s side due to an improper security practice that led to a hack. Hence, the gateway usually mandates and ensures that the merchant is PCI DSS certified in order to process customer transactions. The rumor (!) is that gateways and banks are rewarded for enforcing PCI DSS certification mandates on merchants (Hmm…). However, the point to note is that the actual compliance need or mandate comes from the merchant acquiring bank rather than a payment gateway. However, the process works in tandem and hence talking to your payment gateway helps get an answer.

Looking at the checkout stage on your website by far is a quick and dirty check when it comes to realizing whether PCI DSS certification is necessary or not. Many Indian e-commerce websites do not collect any credit card information of the customer. If a customer chooses “credit card” as a payment option and proceeds to complete checkout, they are redirected to a payment gateway’s payment page (e.g. CCavenue) where a customer completes a transaction by entering all the card details. In this scenario, the e-commerce merchant is not really bearing any risk of being hacked nor running into any PCI risks. A basic PCI certification (will be explained later) is recommended but is not really necessary (the unofficial opinion!).

If the checkout stage has a provision for allowing customers to enter their credit card number following which you are directly integrating with a payment gateway to process the customer transaction, then you fall under the purview of a PCI audit. You are required to be PCI DSS certified in order to collect credit card information even if you are merely holding it in temporary memory and not storing it after the transaction is complete. Direct integration is the method by which a seamless checkout experience is created for the customer by not taking him away from the merchant e-commerce site to a payment gateway site to complete the payment. This can be achieved through a special custom integration with payment gateways/banks or through a proper API-based integration with them.

I am still confused?

Great, because if you weren’t then you understood nothing. Having a seamless checkout experience is usually the desired experience an e-commerce merchant likes to provide to a customer. Also, holding on to a reasonable amount of customer credit card information helps you with building a one-click checkout experience wherein a customer who comes back again to make a purchase on a website already has his basic credit card information stored and made available for quick selection. Drop out rates in checkout hurt an e-commerce business especially if the reason is due to a transaction completion process that a customer is not comfortable with. In order to do all these things for the customer, one has to be compliant with PCI DSS.

So, what should I do to get certified?

There are two different ways in which you can get PCI DSS certified depending on the annual number of transactions you generate on your website. The transaction limits are defined individually by the credit card companies into four levels of classification. Level 1 for VISA is considered as any merchant generating 6 million or more in annual transactions on the website using the VISA card. Check this link to get the scoop on how VISA looks at merchant levels –

As a merchant in the Indian e-commerce scene, you may have not crossed as many transactions to get to a level 1 classification just yet. This could mean that merchants are possibly under level 2, 3 or 4. This brings in an interesting twist to the audit process. The choice of going for a full onsite audit (expensive) or for an internal self audit (painful).

What is the difference and which audit option should I go for?

A vendor in the business of running PCI scans will always recommend an onsite audit. A merchant is better off doing an onsite audit as internal resources need not be pulled into tasks that are not necessary for the daily running of the website. An onsite audit needs to happen if the merchant is a level 1 business. They need to get an annual audit done along with quarterly scans and certifications. For all other levels (including level 4 where things are optional), you can go for filling something called a self assessment questionnaire a.k.a. SAQ. Going for an onsite audit is still recommended as the DSS checks that one needs to comply with is the same (except for a few exceptions) irrespective of whether you go for an onsite audit or a self-assessment. The onus is on the merchant to get all the compliance checks completed in both cases and based on a conversation with a technology expert I worked with, filling up the SAQ and being compliant with its needs isn’t pretty either. In fact, it amounts to getting the same things done that one would have completed with an onsite audit in place. The convenience factor is lost with the SAQ.

Now, the SAQ is still a viable and cost-effective option for a merchant. In fact, it is an option, which if executed well with a strong technology team, can get you on the road to PCI DSS certification much more faster than a regular onsite audit. In fact, there are tools in the market that do full-network scans (similar to what your onsite auditor will do) and let you know what is missing from a compliance standpoint and what needs to be fixed. However, the reality leans more towards leaving all the pain of compliance research  to a 3rd party vendor. Coming back to the SAQ, there are four different types of SAQs – A, B, C and D. Each one of them are tailored towards a certain business model or business practice that you adhere to as an e-commerce merchant. The problem is that the definition for the SAQ classifications could get confusing. It almost makes you nervous that you don’t choose the wrong option like in filling out a job application. I’ve had a payment gateway provider ask me to fill a SAQ A to a bank asking me to fill a SAQ D. End of day, the technology team said, “let’s go with the onsite stuff”.

Is this for sure the way PCI DSS audit and certification works?

A very good question. In fact, several people have asked me this question and I’ve even asked myself this question time and again. There is no straightforward answer. The Standards Council has given such a vague definition of the various compliance rules that there are people fighting out daily on the nuances of the pseudo-legal rules that PCI has come up with. See the comments section of this article for example:

Every vendor who has made a business out of PCI scans, audits and certifications have further tweaked the interpretation of rules to their business advantage and seldom give a satisfying picture to the merchants who hire them. In fact, even the banks and payment gateway providers who are ideally PCI DSS certified, don’t know why and how they got certified. They give answers, but they don’t give answers that make complete sense. A high profile Country Head of a leading payment gateway once proposed that we can get a level-4 PCI certification in lightning speed if we go with his product. When I said that levels are not a certification option that you can pick and choose from to go with, he put his high-paying top notch job on the line and swore this is how PCI certification works. When I pushed further, he eventually asked me to go talk to his PCI vendor team and strongly cautioned me as to how his job expertise lies in this specific area of work. His team eventually accepted that they used the “level” language to make things simple for clients. The last I heard of, he didn’t resign from his job yet. It is fine though, as, after all, I was only taunting him on the technical understanding of what levels meant. Eventually, if you are identified as a level 4 merchant, you get PCI certified for whatever is needed at that level.

What if I get penalized for violation of PCI DSS?

Well, there is no straightforward answer yet again. It depends on the level of security breach and what amount of customer data was lost. End of day, nobody closes your shop. You pay a fine (could be heavy) and you need to go through a full audit to resume business the same way as you were doing “before”.

For good or bad, PCI DSS certification helps all e-commerce merchants be on a level footing when it comes to security and protection of customer data. It also helps as a cool marketing tool to build TRUST with customers by tagging oneself as a PCI compliant business (similar to the Verisign trust seal that gives some nice fuzzy feeling supposedly to the shopper!). Getting certified also clears the way for an e-commerce merchant to build some useful features for its customers as Product Managers. Last but not the least, all these measures don’t necessarily prevent an e-commerce website from being hacked as hackers don’t look for PCI certification to not attack. A strong technology team with strong network security is needed to save a business and its customer’s private information.

[polldaddy poll=6288035]


Is copying the brightest idea for your business?

There are these interesting strategic meetings in companies where I’m pretty sure one of you may have heard this from some corner of the room – Why don’t we copy what Amazon is doing? Why re-invent the wheel? They set the standard anyways.

I’ve heard it before in team meetings or from people I’ve had casual conversations with. After all, there seems to be some truth in what they are saying. is by far the most successful e-commerce retailer in the World. What they did for the website became a standard that others were forced to adopt in the market. For example, until they did something amazing with product recommendations, it wasn’t considered even as a bad idea. A product recommendation engine was merely ignored. It has now become a standard for any e-commerce website. When Amazon prime was launched, the cacophony in the US market was remarkable. Everyone wanted to do a “prime”, but they just couldn’t figure out how to do it even reasonably well for a small loss.

Are’s highly talented bunch of Product Managers responsible for this constant innovation and out-of-the-box thinking that leads to these strong features on the website? It is a tough call to make without knowing the inner workings of the organization. If I had to take a guess, it is due to a coordinated top-down and left-right coordination across all teams in the organization in collectively delivering the desired outcome. The failure of one team is compensated for by the success of another team in getting things done. Product Managers are getting the execution details ironed out, while the business teams are working hard to make the structure work. In organizations where Product Management makes unilateral decisions or decisions are “handed out” to them, things start to fail.

When different stakeholders in a company come together to decide on a certain course of action, trying the tested is an easy remedy to follow. You are after all not introducing something new that a customer needs to learn, you are not surprising them, you can get it out into the market faster and you don’t have to bear the risk of any downfall. Logically speaking, if a website like Amazon is literally attracting more than half the number of internet consumers, it is nearly futile as a competitor to introduce something new as you are depending on a part or whole of those same consumers for your business.

Here is the catch though. Every consumer visits a website for a certain reason. By far, a customer visiting does so as they want to identify products as related to the “Walmart” brand offering. This can be translated from an aspiration standpoint as EDLP on products sold on the web. The reality could be a little dispersed, but the fact is that the Amazon customer is different from a Walmart customer. This customer may be fine seeing the same features or look and feel across both websites, but is looking for something more when they visit them separately. Multi-channel retailing became a very high strategic initiative when I worked at Walmart. It was for a reason very obvious but yet took long to implement. Playing to your strength is what keeps you going. We introduced a program called “Pick Up Today” primarily for that reason. Why wouldn’t you use a store network of 3000+ stores to your advantage, to’s disadvantage and the customer’s benefit. Walmart and for that matter any other retailer with a dual presence in the offline and online world have a strong message for Amazon. However, the challenges these companies are fighting are more to do with internal roadblocks that are not easy to clear. Departments that worked with clockwork precision to deliver results in stores cannot go online or mobile overnight.

So, if blindly copying features is a bad idea, then how about copying the look and feel of the website. is probably the most cluttered website one can ever find. Nothing in the website talks beautifully well about the user interface or design applied. It screams out loud the question, “do we really need a beautiful, well designed website to make money?”. However, it has worked beautifully well for its customers. Jeff Bezos never seems to be worried about how beautiful his web store looks. Very similar to the way Sam Walton never cared about the beauty of the Walmart store, but cared about what it sold within it. Both leaders seem to have a similar viewpoint on one shopping aspect of the customer- if you give the customer what she wants, she will forget about how she got it. This is similar to how passengers get very impatient and fidgety while waiting for their flights in beautiful, well serviced airports. They don’t care about how the airport is. They care about getting on to that delayed flight and going home early. It is not the airport that they care about. It is the flight that they are concerned about. They are paying  money for the flight, not for the stay in the airport. But yet, we see millions of dollars being spent on creating huge, luxurious airports for the comfort of the passenger. I have seen people look at Amazon’s checkout process and say, “let’s do this. It looks perfect”. Now, while there is nothing imperfect about Amazon’s checkout, it does bother you with a lot of information to digest. Things like detailed delivery timelines, benefits of using an Amazon credit card or benefits of using prime are all additional snippets of information generously sprayed everywhere. Only a seasoned shopper at Amazon can navigate that mess without being distracted and still make a purchase. Luckily for Amazon, they have plenty of such shoppers. You and I don’t have that luxury with our shoppers.

So, if the look and feel is also something that is not worth copying, then what else should we do? isn’t the shortest path to product management or business success centered around getting workable things out the door faster. If so, isn’t copying the best the easy way out? Yes, it is still true that copying (or let’s say being inspired by) the best player in the market helps your business in turn. The reason is not necessarily because we have copied it well, it is because we are looking at our competition, figuring out where the majority of our target customers shop, see what they are shopping, see how they are shopping and provide the same tools more or less to help them out. All this is being done ignorantly by us while we copy the market leader and its offerings.

If we indeed need to copy, or be inspired by it, we should look at the way they are looking at their shoppers. Understand if these shoppers intersect with our business. If they do, we look at what our internal strengths are and see if we can build something better (or at worst similar) to Doing that will help us realize where we truly stand in the market and how many customers are truly loyal to our brand. It also sets you apart as a Product Manager and as a person seriously in the business of making product work.


So, what is Product Management?

Tips for following the blog:

Question: A tormenting yet very insightful and purposeful question asked by a super-boss

Answer: A painful yet honest answer given by a product manager

Cloud: The imaginary bubble in one’s head that doesn’t have a voice in the physical world and hence goes unheard

Question: What is Product Management? So that you may know. I am your boss’s boss and I hired you. So, I need a straight answer. ha…ha…(cloud: Don’t give me rubbish. I have an MBA and I know how to ask great questions)

Answer: Well, it is a cross functional role that sits between the various business teams and IT technology. It acts as a gatekeeper of what business initiatives need to be developed, across what timeline (time-to-market decision) and how best to deliver (trade-off decisions) (cloud: and why the hell did you hire me for a role you don’t know about!?)

Question: Oh ok, so if I have technical requests to make on the website, I give it to you and you get it done for me!? Right? Umm….(cloud: I’m already starting to hate this guy. What happened to straigthforward answers in bits 1 and 0!)

Answer: No, I don’t take technical requests (cloud:….from you just for the heck of it). I understand two things – business opportunities and business problems. I try to solve for both through initiatives in different product areas. I then submit these initiatives for the technology team to deliver according to their release cycles.

Question: So, you probably belong to a business team then! Hmm…So what is the “product” you are working on!? I don’t think you sell any products on the site? My Merchandising Manager does that for me.

Answer: Mine is a cross-functional role. I don’t necessarily sell products. But, I make products sellable on the website. My product is the website itself and its inherent back-end operations. For simplicity, each core area within the website from a user standpoint can be considered as a product. E.g. checkout. I also look into the backend operations like say a world-class WMS.

Question: Oh yeah, I helped build a great WMS when I was a consultant. Once you get the basic right, things are simple for us to use after that. So, tell me, is it correct to say that your team is responsible for managing the look and feel of the website and everything that goes into building the right experience for the customer?

Answer: bingo! you got it. Yes, you can say so. Although the look and feel department is something I co-own with a user experience designer. (cloud: and what’s with that WMS stuff you just blurted. Do you even know what it means!?)

Question: Ah! my friend. You have brought one other character into the story. You know this dilutes the need for you in the company. I have business owners who take care of business opportunities, I have Operations Managers who solve business problems and I can have technology teams just do things for me. Why do I need you in the middle?

Answer: You are right. But, they all don’t coherently bring the voice of the customer together. They have a P&L to manage and a target to hit. What a customer likes to see, how they discover products on the site, what pain points they have with the overall purchase all need uniformity in execution of a solution. It is true that I help and work with all these business teams to deliver results. But, I do it from a customer centric viewpoint. I bring all the teams together on customer initiatives and eventually help technology solve the final puzzle by breaking down requirements into meaningful chunks for architects/programmers.

Question: All right, you sound more like a project manager to me. So, what “business” intelligence do you use to make decisions that my other business teams cannot do on their own? (cloud: Boy! am I running out of questions or am I getting confused!)

Answer: Well, I do act like a Project Manager at times to get things out the door in a timely manner. But, maintaining Gantt charts is better left to an expert who has done it as his job. Coming to business intelligence, I look at site metrics, I look at customer orders, I look at customer returns, I look at information that is hidden within them. While everyone can look at data and make decisions, I use it build what is called as a “Product Strategy”. I also look at the competition and understand consumer trends in the industry. All this also goes into what strategy I employ (cloud: Hmmm…I think I got him this time. But, this conversation is getting uncomfortable)

Question: My friend, if that is the case, where is your Product Strategy? I haven’t seen anything from you except for some features you seem to keep adding to the pipeline of work that technology needs to do? (cloud: If I only had a gun…)

Answer: Sorry, but I don’t build a Product Strategy without knowing what the overall business goals are and what we want to achieve as a business and where we want to go as a company…I’ve asked for it but we have never had closed door meetings to understand those goals.

Question: What do you mean there were no meetings? I said weeks before that we should increase our conversion rate. It should in fact be doubled. I know for sure that it can be achieved. Isn’t that enough information for you? (cloud: If I only had a gun that is loaded…)

Answer: Yes, but conversion rate can be increased by increasing our products, by increasing relevant flow of traffic or by providing incentives. What is our strategy to have our customers shop more or come back more to the website?

Question: Isn’t it your job to come up with answers on that?? (cloud: …the trigger should work…)

Answer: Yes, it is. But it has to be linked to an overall strategy that every business team in the company is aligned with. For example, Increase market share by X% in next two months by leveraging our ability to deliver products faster within a promised delivery timeline. If I had this in hand, my focus would purely be on what I should be doing to achieve this goal as part of my Product Roadmap.

Question: So now you have moved from a Product Strategy to a Product Roadmap! I guess your roadmap is a list of inititatives that the technology team can help deliver, thereby generating measurable results for the business?

Answer: Yes (cloud: I knew you were smart. People don’t get to do an MBA by just practicing brain teasers and vedic mathematics problems after all!)

Question: You are creating processes after processes, while I want to be nimble and just get things done. There is so much to fix on the website. I haven’t seen anything in your so called roadmap to address that. What is the high impact stuff that I can do sooner!? Last night, my grand mother was searching for a toothbrush and it took a while before she realized we don’t sell them. We should list out things we don’t sell on the website my friend.

Answer: Well, we only fix things that don’t work for our customers. For that, we need to know who our target customer segments are? Who transacts higher? Who can contribute more to the bottomline? Who buys the products we sell? If we know who they are, we can find what they don’t like and see if anything needs to be changed. I cannot change the website for a few customers or users who didn’t like what they saw. (cloud: ok grandma. You should have sent your grandson to the nearby store to get that brush…)

Question: So, if there is nothing to fix on a priority, you sit idle and don’t do anything then. Why can’t you fill a backlog of things that can still be done? (cloud: Is he arguing with me or providing mere answers? He should know that I always won noisy group discussions in business school)

Answer: No, we do build what is called as a Product Backlog. It can be thought of as a low-level roadmap. I need to get my backlog cleared, measure the outcome of the initiatives and see what else can be done to make things better based on the target that has been defined. Right now, my backlog is still pending halfway with the technology team. (cloud: why do people always look at the website as something that needs to be fixed!?)

Question: So, you measure the outcome of some targeted initiatives you are driving to achieve our common business goals. If they deliver then you go after your next strategy to gain strength in the marketplace. If you don’t deliver, then I can fire you, right? Ha…ha…(cloud: this is what I call as the death blow!)

Answer: Well, if the initiative is a success, then yes, I keep building my strategy, roadmap, backlog, requirements, project plan, UI assets, wireframes, process flowcharts, financial model and success metrics. If things fail, I learn what has failed and apply them to make things better for the customer. Of course, there is a cost involved in delivering results and this does affect my performance scores.

Question: Ok. you just blurted out a lot more stuff on what you do as a product manager with your team. But, I don’t think you are allowed to fail. (cloud: Failure is like missing out on those premimum tickets to fancy jobs at Goldman Sachs or McKinsey. Everything else is an unpardonable loss)

Answer: Well in e-commerce, our customers are fickle. While we do everything to make things work for them, a lot of times, it is the mistakes we make that help us understand the real opportunities we can pursue. After all, brands are not built overnight. (cloud: Did I just sound philosophical all of a sudden!!)

Question: Oh yeah. Except that in business, we can’t sit and watch someone make mistakes. We fire them and get someone else to do things. (cloud: Jeez, is this why I had to leave my earlier company!?)

Answer: agreed. Product Quality comes from collective evaluation of our strategy, roadmap and the individual initiatives we drive as a company. A Product Manager will of course own the success and failure of it. But, I’m glad that you now understand what Product Management is all about…

Question: Well, not quite yet. I have to take off for a very important strategic meeting to discuss the future course of our business. We will catch up again. (cloud: If I don’t know how to fire you, what’s the fun in keeping you!!)

Answer: Oh ok. Let’s catch up soon (cloud: How about calling me to that strategic meeting as a starter? I’ve just spent my time “usefully” with you talking about what Product Management does….)