Identity Security for Retail
Passwordless Access across Every Retail Touchpoint
As a Gold Level Partner and authorised RSA Security reseller, DTE helps retail businesses modernise identity and access management – protecting customer data, securing in-store and online systems, and supporting flexible access across head office, warehouses, and shop floors.
Whether you are rolling out multi-factor or passwordless authentication, enabling secure access for staff, partners, and third-party vendors, or meeting compliance with PCI DSS and GDPR, we deliver RSA’s trusted technology with tailored support for retail operations.
Why Retailers Partner with DTE and RSA:
✔️ RSA expertise built for fast-paced, customer-facing environments
✔️ Scalable identity solutions across stores, warehouses, and HQ
✔️ Protection for POS, e-commerce, inventory, and mobile platforms
✔️ Support aligned with cyber resilience, compliance, and digital growth goals
Protecting Transactions, Customer Data, and Brand Loyalty
Retailers rely on digital systems to power sales, manage inventory, and deliver seamless customer experiences – both in-store and online. But this digital convenience also brings increasing cyber threats.
Recent cyber-attacks on retailers have exposed customer data, disrupted operations, and damaged brand reputations – leading to lost revenue and broken trust.
In a competitive market where every transaction counts, protecting your systems, data, and customers is essential. While no security can stop every threat, a strong cybersecurity posture helps reduce risk, prevent downtime, and keep your business running smoothly – across every channel.
The Alarming Figures
Cyber-attacks in UK retail surged by 75% in Q1 2025
Marks and Spencer’s wiped out £300 million in operating profit due to the recent cyber-attack they were hit with
41% of UK retail organisations reported breaches in 2025
Don’t be the Next High-Profile Attack
Marks & Spencer’s
In April 2025, M&S fell prey to a DragonForce/Scattered Spider ransomware breach that disrupted online sales, warehouse systems, and click-and-collect orders for nearly seven weeks – costing the company an estimated £300 million in lost profits. Attackers bypassed defenses through social-engineering phone calls to IT helpdesk staff, tricking them into resetting passwords and disabling MFA. This illustrates how attackers can exploit weak MFA setups via MFA fatigue/social engineering, enabling full system control. Deploying phishing-resistant MFA methods (like FIDO2 security keys) and strengthening helpdesk identity procedures (e.g., verifying callback numbers or shared tokens) could have prevented this breach.
Co-op
Almost concurrently, Co‑op was hit by a similar social-engineering campaign that led to unauthorized resets of privileged password and MFA controls. This attack disrupted logistics, payments, and store restocking, especially in remote locations. Again, passwordless MFA and strict multi-stage authentication for helpdesk resets (e.g. requiring pre-registered device auth or callback verification) would have significantly reduced the attackers’ ability to escalate privileges.
Harrods
Harrods confirmed that attackers attempted unauthorized penetration – likely using similar social‑engineering tactics targeting their online systems. In response, Harrods locked down parts of their IT infrastructure. While details are limited, an approach combining passwordless authentication, adaptive conditional access, and MFA via hardware verification across logins could thwart such unserious but damaging incursions.
Recent Insights
No MFA? You Could Face Fines, UK’s ICO Warns.
Coventry School Breached Three Times: Lack of MFA & Weak Passwords to Blame
Why Retailers Must Act on MFA: Lessons from Recent Cyber Attacks
How to Prevent Cloud Account Takeover
Understanding the Cost of Multi-Factor Authentication and its Impact
Credential Phishing is Evolving Fast – Here’s How to Shut it Down
Need Help Finding the Right Solution?
Submit your details and we’ll be in touch.