Wednesday, November 29, 2006

Lack of Consumer Confidence in On-Line Shopping

CRM Today provided a preview of the results of a Gartner Survey of 5,000 online U.S. adults in August 2006 reportingthat "Gartner Says Nearly $2 Billion Lost in E-Commerce Sales in 2006 Due to Security Concerns of U.S. Adults":

"Nearly half of online U.S. adults, or 46% of more than 155 million people, say that concerns about theft of information, data breaches or Internet-based attacks have affected their purchasing payment, online transaction or e-mail behavior. Of all the behaviors affected, online commerce (including online banking, online payments and online shopping) is suffering the highest toll."

The point that there is a significant number of people who have voiced concerns about identify theft, data breaches, and the like, illustrates that education is a major key to on-line safety. Certainly such knowledge is not a guarantee for protection. However, it is an indication that more U.S. consumers are at least aware of the dangers and that shoppers will use caution in selecting sites for on-line Holiday shopping.

Also included in the article is the Gartner recommendation that enterprises employ a two-prong strategy in order to increase consumer confidence and reduce fraud, thus keeping the crooks out.

Follow me on this, please . . .
  • In October, I wrote about two-factor authentication in Closing the Gates on Phishing with information on the problems of two-factor authentication, including the "man-in-the-middle attack", trojan attacks as well as phishing.
Now consider the following in conjunction with my three referenced posts:

'The two goals don’t necessarily call for the same technical solutions since the most-effective fraud prevention applications are often invisible to consumers and criminals,” Ms. Litan said. “A layered approach to solving security problems is the most effective. Companies should implement back-end fraud detection, stronger user authentication (beyond single factor passwords), transaction verification for high-risk transactions, and data masking/truncation of sensitive data that is shown on Web-based screens.'"

Although the layered approach Ms. Litan refers to will help allieviate fraud, in light of the browser vulnerabilities and inherent problems with two-factor authentication, there will still be too many consumers at risk. What is encouraging, however, it the increased awareness by consumers to the dangers in unsolicited email:
"Perhaps the biggest impact is a newfound and serious consumer distrust of e-mail. Nearly 70% of online consumers whose behavior has been affected by recent security incidents say that their concerns have affected their trust in e-mail from companies or individuals they don't know personally. Of these, more than 85% delete suspect mail without opening it."
Thus, once again the reminder -- if you do not know the sender, do not open the email and, by all means, do not open any attachments! Just as we tell our children to be aware of their surroundings and teach them about "stranger danger", so should we ourselves remember the same thing in connection with our on-line activities. If you are planning on doing on-line shopping for Holiday gifts, stick to the sites you know to be safe. See additional suggestions here.

No comments: