Don’t Lock the Toothpaste: Smarter Loss Prevention with AI
In today's issue:
How Walmart scales “loss prevention” AI without ruining the customer experience
How Hershey uses AR and AI-generated prototypes to become a store’s “P&L partner”
How Sam's Club migrated to a resilient microservices architecture without downtime
1. How Walmart scales “loss prevention” AI without ruining the customer experience
Conversations on Retail podcast with Brand Elverston, Episode: Asset Protection’s New Frontier with Cassie Brown and Christyn Keef (Nov. 21, 2025)
Background: Walmart manages risk across 50,000 Asset Protection associates, but they aren't solving shrink by putting more cops at the door or locking up every tube of toothpaste. Instead, they deploy a "multi-signal" AI strategy that triangulates Computer Vision, RFID, and transaction data to create security that is invisible to honest shoppers but impenetrable to bad actors.
TLDR:
Stop relying on single-point tech: Computer Vision alone is insufficient; you must triangulate it with RFID, Bluetooth, and transaction logs to get the truth.
Design "Invisible Friction": The goal is security layers that the honest customer never sees (no locked cases), but that specifically target the 10% of bad actors.
Redefine the P&L role: Asset Protection should no longer be a cost center managing theft, but a profit protector managing total loss (waste, safety, accidents, and fraud).
Here's the framework:
Move from Single-Point Solutions to "Multi-Signal Identification." Most retailers look for a silver bullet. They buy Computer Vision (CV) to watch the checkout, or they implement RFID for inventory. This is a mistake. "Computer vision can do that, but that's relying upon the fact that everything is laid out perfectly for a computer to capture." CV struggles to tell the difference between a 24-count and a 48-count bottle of Advil.
Walmart’s framework relies on signal triangulation. They layer "lower fidelity" signals (RFID, Bluetooth emitters) underneath high-fidelity signals (Computer Vision, Point of Sale data). When you combine these, you solve the "identification" problem – knowing exactly what left the store versus what was scanned. This allows Walmart to remove friction for the 90% of honest customers while flagging the specific transaction that has a signal mismatch.
Operationalize "Total Retail Loss" over "Cops and Robbers." The industry has evolved from "tasing shoplifters" to managing a complex P&L line. Walmart’s strategy focuses on the "Total Retail Loss" concept. This means the AP team isn't just looking at theft; they are using their data to reduce fresh food waste, prevent accidents, and manage supply chain errors.
By positioning AP as the "safety net" for the bottom half of the P&L, they gain the political capital to demand better technology. If you only catch thieves, you are an expense. If you improve on-shelf availability and reduce waste through better data, you are a growth driver.
The "Invisible Shield" Principle. The industry trend is to lock everything up (the "Pharma during COVID" look). Walmart is actively pushing against this. The strategic goal is to build protections that are "invisible to the honest customer."
If a security measure slows down a soccer mom buying milk, it’s a failure. The technology must discriminate intent – using data to audit the bad actor 5 times and the good customer 0 times, rather than peanut-butter spreading friction across everyone.
What to do about this:
→ Audit your "Signal Stack." Do not sign a contract for Computer Vision unless you have a plan to integrate it with inventory data (RFID) and POS logs. Standalone video analytics are largely post-mortem tools; integrated signals are preventative.
→ Implement the "Good Customer" Friction Test. Measure your security initiatives by how much time they add to an honest transaction. If your solution adds more than 5 seconds to a legitimate purchase (e.g., waiting for an associate to unlock a case), scrap it and look for upstream digital identifiers.
→ Hire "Non-Security" Talent for AP Roles. Walmart actively hires from Internal Audit, Real Estate, and Merchandising for AP leadership. Stop hiring only ex-law enforcement for strategy roles; hire data-literate operators who understand the P&L.
2. How Hershey uses AR and AI-generated prototypes to become a store’s “P&L partner”
The Modern Customer podcast with CX futurist Blake Morgan, Episode: CX and AI Transformation at The Hershey Company with Tiffany Menyhart, Chief Customer Officer (Nov. 25, 2025)
Background: 130-year-old Hershey Company isn't just selling chocolate; it’s selling display compliance and category lift using 600 field reps armed with Augmented Reality (AR) tools. Hershey is moving beyond "Category Management" to become a "P&L Partner" by helping store managers visualize profit impact before a single physical display is built.
TLDR:
AR is a B2B closing tool: 600+ merchandisers use AR to show store managers exactly how displays fit and the specific dollar lift they will generate, solving the "will it fit?" objection instantly.
Virtualize innovation to cut lead times: Hershey now uses AI-generated imagery and virtual concepts to test pack sizes and innovation, shaving months off the traditional physical prototyping cycle.
Shift from "Category Captain" to "P&L Partner": In a world of shrinking margins, Hershey wins by modeling how shelf changes impact the retailer's entire profit mix, not just the confectionary aisle.
Here's the framework:
Solve the "Store Manager Veto" with AR Visualization. Most retail technology focuses on the end consumer (virtual try-on). Hershey flipped this to focus on the gatekeeper: the Store Manager. They deployed AR tools to 600 merchandisers.
By overlaying the digital display in the physical aisle, they answer two questions instantly:
"Will it block the cart path?" (Operational feasibility) and
"What is the historical unit lift?" (Financial incentive).
This turns a subjective negotiation into an objective, data-backed implementation.
Move from Reactive Supply to "On-Demand" Anticipation. "On-demand" channels (UberEats, DoorDash, Instacart) are up 30-60%. The framework here is treating "Impulse" as a digital metric, not just a physical one. In physical stores, impulse is the checkout line. In digital, impulse is the "add-on" recommendation at cart close.
Hershey is re-engineering their digital shelf architecture to replicate that "checkout line" psychology in the sub-2-hour delivery ecosystem, where 75% of the US population will soon be reachable.
The "Total P&L" Sales Pitch. Traditional category management asks: "How do we sell more chocolate?" Modern DX strategy asks: "How does this adjacency change the store's labor and margin?"
Because retailers are testing checkout-free formats and experiential zones, the brand must model how their products impact the retailer's total profitability. If you aren't modeling the labor cost of restocking your display vs. the margin it generates, you aren't a partner; you're just a vendor.
What to do about this:
→ Equip field teams with "Visual Proof" tools. Stop sending reps in with PDF planograms. Pilot an AR tool on tablets that allows reps to overlay displays in the actual store environment to increase sell-in rates.
→ Audit your "Virtual Innovation" pipeline. If you are still physically prototyping every packaging variant for consumer testing, you are moving too slow. Implement AI-driven virtual shelf testing to validate concepts in days, not months.
→ Redefine "Impulse" for the algorithm. Map your customer's digital journey on quick-commerce apps (Instacart/DoorDash). Ensure your high-margin impulse items appear at the "Digital Checkout" phase, not just in the category search.
3. How Sam's Club migrated to a resilient microservices architecture without downtime
Microsoft Ignite 2025, Session: Sam’s Club transforms retail mission-critical apps with Gautam Chandra at Sam’s Club / Walmart and Justine Cocchi at Microsoft (Nov. 24, 2025)
Background: Sam’s Club used to have a "blast radius" that encompassed their entire website – if one component failed during Thanksgiving, the whole site went down. By migrating to a microservices architecture using the "Strangler Fig" pattern, they can now lose an entire US region's compute and database layer and still process transactions with zero service disruption.
TLDR:
Eliminate the "Sorry Page": Sam's Club moved from a "spaghetti monolith" to domain-driven microservices to stop single points of failure from taking down the whole e-commerce platform.
Design for Failure: They implement specific resilience patterns (Circuit Breakers, Bulkheads) to isolate issues so a failure in the "promotions engine" doesn't kill the "checkout".
Automate the Panic: Instead of "war rooms" and manual throttling, they use automated alerts and self-healing systems (Kubernetes HPA) to handle 10x traffic spikes.
Here's the framework:
The "Strangler Fig" Migration Strategy. Most retailers try a "lift and shift" or a massive "cutover" for their legacy systems.
The Strangler Fig pattern is a migration strategy where a legacy monolithic system is gradually replaced by building new microservices alongside it, rather than attempting a risky "big bang" rewrite.
For Sam's Club, this involved running new cloud-native APIs in parallel with their existing system – akin to changing a plane's engine mid-flight – which allowed them to maintain 100% backward compatibility while slowly shifting traffic to the new services.
This approach enabled them to cut over individual services one by one, effectively "strangling" the old functions without ever taking the site down or disrupting the customer experience.
“Active-Active” Resilience Architecture. They don't just hope the cloud stays up; they architect for it to fail. They use an "Active-Active" setup, where traffic is split between East and West US regions. If the compute layer in South Central goes dark, traffic shifts seamlessly to West US. And they use "Bulkheads" (like a ship) to isolate resources – so a heavy data job on membership analysis doesn't starve the resources needed for a customer adding items to a cart.
What to do about this:
→ Audit your "Blast Radius." Ask your architects: "If the ratings and reviews service fails, does the checkout page crash?" If the answer is yes, you need to implement the Bulkhead pattern immediately.
→ Adopt the "Strangler Fig" for legacy migration. Stop planning multi-year "big bang" replatforming projects. Identify one domain (e.g., Inventory Lookup), build a parallel microservice, and route 1% of traffic to it. Scale up as confidence grows.
→ Implement "Circuit Breakers" for 3rd party APIs. If your payment processor or tax calculation API gets flaky, your site shouldn't hang. Use a circuit breaker to "open" the circuit and fail fast (or offer a fallback) rather than letting requests pile up and crash your servers.
Disclaimer
This newsletter is for informational purposes only and summarizes public sources and podcast discussions at a high level. It is not legal, financial, tax, security, or implementation advice, and it does not endorse any product, vendor, or approach. Retail environments, laws, and technologies change quickly; details may be incomplete or out of date. Always validate requirements, security, data protection, labor, and accessibility implications for your organization, and consult qualified advisors before making decisions or changes. All trademarks and brands are the property of their respective owners.
