The attitude of customers towards data protection remains ambivalent in the digital world, since they believe the buck stops primarily with the companies when thinking about the protection of their personal data.
For its "2016 Data Breaches and Customer Loyalty Report", Gemalto surveyed 9,000 customers worldwide, revealing that 70% see the responsibility with the companies and just 30% with the consumers. At the same time, however, only one quarter (25%) of the respondents believe that companies take the protection and security of their data very seriously.
The survey revealed furthermore that 31% of consumers have already been affected by data fraud in the past: Around four in ten state the most likely causes for being a victim of a breach are visiting a fraudulent website (42%), phishing attacks (40%) or clicking a fraudulent web link (37%).
Anyway, any breach has most likely a detrimental impact on a company’s’ relationships with their customers: For instance, almost all (94%) respondents would take, or would consider taking legal action against any of the parties involved in exposing their personal information in the future. Nearly two-thirds (64%) would be likely to end their relationship with the company if financial and sensitive information was stolen.
However, the onus does not, or should not, lie only with organizations. Consumers can also take measures to protect themselves against possible breaches.
Let’s take a look at social media or online banking as examples: 80% of respondents in the study use social networks, although nearly 60% assume that social media is a privacy risk, and 87% rely on digital banking, although more than a third feel threatened by cybercriminals.
This is perhaps not surprising as nearly half (47%) of consumers don't use multi-factor authentication when accessing their social media accounts. They are not taking all steps possible to protect their personal information.
Social media is used by the masses on a daily basis, and personal information such as date of birth, address or phone number etc. is usually easily accessible within these sites. Should fraudsters gain access to consumers’ social media data, they may find all the necessary personal information to aid them in stealing an identity and/or accessing further sensitive information, Gemalto states in its report. Additionally, just 25% of surveyed consumers that actively use online retail accounts say that all of the online retail apps/websites that they use require two-factor authentication to secure online transactions.
An actual data protection problem would not look good and would make companies lose 60% of their customers. Nearly as many customers would turn their backs on their banks in such a case and 56% would leave the affected social network.
Organizations need to take responsibility for securing customers’ personal data, as it is less likely that consumers will do so themselves. Once the right security solutions are in place, such as encryption and multi-factor authentication, companies should consider an education campaign to inform consumers about the measures. Equally important will be educating consumers about the measures that they can take to protect their own data, such as using different passwords for various accounts. In the long term, this will prove advantageous for companies and consumers, and leave out the fraudsters.