New research from BehavioSec, the top provider of behavioral biometric solutions for multi-layered authentication and verification, reveals that our need for ease and convenience is putting our digital identities and security at risk. The report finds that 37% of us have shared our online log in details with a friend or partner. Convenience is the key driver, as well as a lack of understanding of the potential value of this data – 16% report that it was more convenient than inputting the data themselves at the time, with 12% reporting that they don’t think the information would be of interest to anyone else. A further 6% have deliberately shared the details in fear they will forget them.
We have clear barriers when it comes to our physical belongings – 94% of us say we wouldn’t look through a friend’s personal items such as a handbag or wallet without their permission, with reasons including ‘I wouldn’t wish to violate their privacy’ and ‘I wouldn’t want them to look through my things without permission. However, this hesitance and sense of privacy is not nearly so strong in the digital world – over one in ten of us admit to taking a peek at a friends or family member’s ‘logged-in’ online accounts, including email, Facebook and WhatsApp – without their permission.
Security boundaries are blurring for Millennials
This is particularly true of the 18-24 age group. Just 9% of this group say they always log out of online accounts, compared to the average of 29%. Within this group, 26% have posted content (a photo, status, or tweet) on someone else’s behalf, 18% have changed personal details, and 13% have sent a message to a contact – all without their permission.
This behaviour is not malicious – 75% explain their actions as “thinking it would be funny”, or in simple retaliation, with 43% reporting that it was payback for a friend that had done it to them in the past. Interestingly, 22% report that they thought their friend would not mind, highlighting how embedded this culture of digital sharing is for today’s internet users.
Consumers overlook the value of their personal data
The details we are most likely to share are email passwords (23%), mobile phone passcodes (21%), social media logins (13%) and digital media account log-in details (e.g. Netflix, Spotify). 10% even admit to sharing their online banking details.
In today’s evolving threat landscape, with fraudsters able to build up detailed pictures of their victims based on everyday interactions and seemingly innocuous personal details, worryingly 12% report that they do not consider these log in details to be of value to anyone else.
Neil Costigan, CEO of BehavioSec comments: “Our research points to a clear issue with the nature of traditional online authentication and security processes. The ‘password problem’ isn’t that the security mechanism is broken, it’s the fact that we as consumers are expected to follow strict guidelines to keep them secure. This simply doesn’t fit with the way we choose to operate online. If digital service providers are selling convenience and always-on availability, they need to take on the bulk of the security burden themselves behind the scenes. Rather than forcing us to go through multiple frustrating security barriers that encourage us to take risky shortcuts, behavioural biometric technology simply analyses the behaviour we are already displaying as a natural consequence of the session.”
“Our lax attitude to online security will be increasingly significant as services like Facebook and other social media sites become ID providers. With the rise of social media buy buttons and ‘Log-in with X’, access to these platforms can offer a passport to our personal identity.”
Nathalie Nahai, web psychologist, and author of the best-selling book, Webs of Influence: The Psychology of Online Persuasion explains: “Ultimately, as a society we are starting to realise just how much our data can reveal about the most intimate aspects of our lives and behaviours. We may be heavily invested in our online identities from an emotional and psychological perspective, yet until our data becomes easier to protect (or until we get hacked ourselves), we’ll keep making the same trade-offs between privacy and convenience. Every action we take requires cognitive effort, and those that are more complex (such as remembering site-specific passwords) are also more mentally taxing. This is why we often take shortcuts.”
“When companies design their services, it’s in their interests to make them as frictionless as possible – not only so that they’re easier for people to adopt, but also because an experience which is psychologically pleasing will encourage customers to keep coming back for more.”