Consumers aware of security risks, but name businesses for data breaches: Gemalto
World leader in digital security Gemalto has released the findings of its 2016 Data Breaches and Customer Loyalty report, revealing that consumers put responsibility for protecting their personal data firmly at the hands of the organizations holding their data, and not themselves.
As per the report, 9,000 consumers surveyed in Australia, Benelux, France, Germany, Russia, UAE, Saudi Arabia, India, Japan, United Kingdom, and United States, 70 per cent of the responsibility for protecting and securing customer data lies with companies and only 30 per cent of the responsibility with themselves.
However, less than a third (29 per cent) consumers believe companies are taking protection of their personal data very seriously. This comes as consumers are becoming increasingly fearful of their data being stolen, with 58 per cent believing it will happen to them in the future.
More than 4.8 billion data records have been exposed since 2013 with identity theft being the leading type of data breach accounting for 64 per cent of all data breaches. Where consumers see most risk- despite becoming more aware of the threats posed to them online, only one in ten (11 per cent) believe there are no apps or websites out there that pose the greatest risk to them and consumers are not changing behaviour as a result.
Consumers are also more likely to shop online during busy commercial periods such as Black Friday and Christmas (two per cent increase online versus two percent decrease in store), despite 21 per cent admitting the threat of cybercrime increases a lot during these periods
Consumers attitudes on data breaches- nearly six in ten (58 per cent) consumers believe they will be a victim of a breach at some point, and organizations need to be prepared for the loss of business such incidents may cause. The majority of consumers who currently use the following, say they would stop using a retailer (60 per cent), bank (58 per cent) or social media site (56 per cent) if it suffered a breach, while 66 per cent say they would be unlikely to do business with an organization that experienced a breach where their financial and sensitive information was stolen.
How data breaches affect consumers- the study found that fraudulent use of financial information has affected 21 per cent of consumers, with others experiencing fraudulent use of their personal details (15 per cent) and identity theft (14 per cent). More than a third (36 per cent) of those who have been a victim of a breach attribute this to a fraudulent website. Clicking a bad link (34 per cent) and phishing (33 per cent) were the next highest methods consumers were caught by. In keeping with the theme of putting the blame at the organization's hands, over a quarter (27 per cent) attributed the breach to a failure of the company's data security solutions.
Lack of security measures influence consumer confidence- the lack of consumer confidence could be due to the lack of strong security measures being implemented by businesses. Within online banking, passwords are still the most common authentication methods used by 84 per cent for online and 82 per cent for mobile banking, and more advanced transaction security the next highest for both (50 per cent and 48 per cent respectively). Solutions like two-factor authentication (43 per cent online and 42 per cent mobile) and data encryption (31 per cent online and 27 per cent mobile) trail behind.
Similar results can be seen in both the retail space, with only 25 per cent of respondents that use online retail accounts claiming two-factor authentication is used on all their apps and websites, and in social media, with only 21 per cent using the authentication for all platforms. Only 16 per cent of all respondents admitted to having a complete understanding of what data encryption is and does.
"Consumers have clearly made the decision that they are prepared to take risks when it comes to their security, but should anything go wrong they put the blame with the business," said CTO Data Protection at Gemalto, Jason Hart.
"The modern-day consumer is all about convenience and they expect businesses to provide this, while also keeping their data safe. With the impending threats of consumers taking legal action against companies, an education process is clearly needed to show consumers the steps they are taking to protect their data. Implementing and educating about advanced protocols like two-factor authentication and encryption solutions, should show consumers that the protection of their personal data is being taken very seriously," added Jason Hart.