The growing scale and negative impact of data breaches have changed how U.S. consumers view cybercrime, especially as it relates to brands. Traditionally, consumers turned a blind eye to companies that were affected by a data breach. However, the sheer volume of fraud hitting the headlines in recent years has changed all of that. According to a report by ACI Worldwide, 14 out of 17 countries reported an uptick in fraud, with almost half of all U.S. consumers having been victimized.
Recent breaches have shown us that criminals are often after sensitive data, including social security numbers, birthdates, addresses, tax information and driver’s license numbers. Equipped with this information, hackers have the ability to steal a person’s identity. To complicate matters further, victims ranging from children to the elderly often find out months or years after the crime has been committed.
Evidenced by new data privacy legislation such as GDPR, as well as the alarming rate of fraud, it’s clear that the value of consumer data has grown significantly. As a result, consumer sentiment around responsible data management has changed. Instead of blissfully ignoring when a company has been hacked, consumers now believe brands should face reputational and/or financial repercussions. Considering that in July the Identity Theft Resource Center reported 668 security breaches executed, this seems completely reasonable.
Consumers Demand Stricter Data Privacy Practices
In order to gauge consumer sentiment and behaviors around data security, we conducted a survey of 2,000 U.S. consumers with a household income of more than $25,000. Similar to ACI Worldwide’s report, our survey found that almost half of respondents had their data compromised. We also found that 89 percent no longer trust their data is safe with a brand, and only 3 percent feel data security practices in the U.S. are adequate.
Moreover, consumer spending decisions are increasingly influenced by a brand’s cybersecurity practices. Findings from our survey indicated that a majority of Americans decide where to shop and how much to spend based on how secure they perceive a brand to be. More specifically:
- more than 80 percent of U.S. consumers have changed their spending habits based on a brand’s security practices;
- 83 percent reported that they would avoid shopping at a business for several months following a breach;
- 21 percent reported that they would never return to a brand following a breach; and
- 45 percent reported that they would spend less with brands that have ineffective data security practices.
Given the potential negative impact on revenue and reputation, retailers should bear in mind that consumers will hold them accountable for the frivolous management of data.
Cybersecurity Considerations for Retailers
Consumers are spoiled for choice in today’s crowded online marketplace, so it’s in retailers’ best interest to accommodate the needs of shoppers in order to gain market share. And as cybersecurity becomes more of a competitive advantage for brands, it will be critical to address and resolve all issues around data privacy and security in order to be seen as a credible brand.
For the countless and ever-increasing number of businesses that have fallen victim to cyber crime (including Macy’s, Adidas, Sears, Saks Fifth Avenue and others just in the last year), all is not lost. Here are a few metrics to consider to appease consumer concerns and retain their business following a security breach:
- 41 percent believe a brand should admit responsibility and take concrete steps toward improving security efforts;
- 26 percent believe a third party should confirm the company is secure;
- 21 percent believe companies should announce PCI or GDPR compliance to earn back trust; and
- 88 percent believe businesses should make additional investments in security.
As online criminal activity continues to spike, consumer trust in brands will continue to fade if proper security measures aren’t put in place. Given consumers’ evolving sentiment on cybersecurity, retailers that lack awareness of the latest criminal tactics or fail to invest in solutions to protect consumer data from sophisticated hackers will pay a hefty price.
James Barham is CEO at PCI Pal, a secure cloud payment solution for contact centers.
Related story: Retail's Digital Revolution and the Challenges of Keeping Data Safe
James Barham is CEO at PCI Pal, a secure cloud payment solution for contact centers.