Online shoppers want retailers to be transparent and honest if they have suffered a security breach, according to a new UK consumer survey commissioned byNTT Security, the global information security and risk management company. The research, ahead of one of the busiest online shopping periods in the lead up to Black Friday and Cyber Monday and Christmas, also reveals that customers want to know if a site has been hacked or personal data compromised.
Asked what they would like retailers to do to help build consumer trust when shopping online, 80% of survey respondents say they expect more transparency following a breach, as well as more secure payment systems on sites, and retailers insisting that customers use stronger passwords and to change them regularly.
However, in a year when a number of major retailers suffered high profile and embarrassing data breaches, potentially exposing customers’ confidential information, a third still admit they would carry on using an online store that suffered a breach, but would take the initiative to upgrade their security or if advised to by the retailer. Surprisingly, just 18% would stop using a site permanently.
Concerns about shopping online are evident, with the majority worried about the privacy of personal information (63%), a site being fake (63%) and the risk of being sent phishing emails that link to malware (60%). Shoppers also worry about the risk of identity theft, and paying online.
At the same time, people are becoming more aware of security best practices when they shop online. More than 40% of people believe that retailers should publish their privacy policies to allow customers to see how data is being handled and stored, while a third (32%) want stores to listen and respond to customer concerns on social media to help build consumer trust.
Stuart Reed, Director at NTT Security, comments: “The retail sector is among one of the most targeted industries for attacks and, with one of the busiest trading periods of the year now upon us, it makes sense that both consumers and retailers are diligent in terms of data security.
“While some shoppers are happy to continue using sites, even when they have been breached, they are also anxious for retailers to let customers know when they have been hacked. Consumers certainly seem to be growing in security awareness when online; more savvy, they are willing to take responsibility for their own security to some extent, but they are also more demanding of retailers and expect to see privacy and security polices displayed clearly on websites.”
Reed warns retailers: “Whilst seasonal trading might result in a spike of targeted attacks, it’s important to remember that in a connected, global economy, cyber threats are present 24 hours a day, every day of the year, so it’s crucial that online retailers get the basics right combined with a balanced and well communicated approach to cybersecurity at all times.”
Most trust their bank/insurance company to keep their personal data safe online, while online dating sites and social media are least trusted – echoing findings from a 2015 NTT Security survey.
The Trust List (in order from most trusted to least trusted – source: NTT Security)
- Bank/insurance company
- Healthcare provider/NHS
- HMRC/other government site
- Online-only retailer (eg Amazon)
- High street retailer with online presence
- Utility company
- Music, book, app, film site (eg iTunes, Netflix)
- Travel site
- Social media
- Online dating site
