Monday, December 12, 2005
Surveys last month predicted that online shopping would enjoy a jump in popularity this holiday season, now well underway. Research, reported early this week, indicated that the increase over last year’s numbers could be significant. The news of this data underscores a need for consumer vigilance, according to a security industry expert; identity thieves certainly are scrambling for the possible bonanza awaiting them.
Whenever a consumer reveals her credit card or banking account number during a shopping transaction, she leaves herself vulnerable to identity thieves. It is critical for consumers to shop wisely by treating their personal information as they would anything else they consider valuable.
The Dallas Morning News and others have reported research from comScore Networks, a “global information provider and consultancy.” The findings show that sales online this holiday shopping season will see a 24 percent increase over last year’s numbers. Although the online medium remains a niche for holiday sales, the percentage rise translates to more than $15 billion.
A survey by Harris Interactive (commissioned by Sun Microsystems), as reported by PC World on Nov. 29, forecast similar jumps in online shopping for the 2005 holiday season. Of the 2000 survey respondents, 67 percent said they would cease shopping at an online retailer if they were to learn their personal data had been compromised. A survey from Forrester Research, also cited in the PC World article, produced comparable findings.
When research suggests that consumers are wising up to identity theft, it is good news, especially during the holiday season. But other news suggests that companies are still not doing enough to safeguard the identities of those who shop online. Companies needs to catch up, or those selling in an important market niche, the Web, will go out of business.
On Nov. 26, The Wall Street Journal looked at Congressional effort to combat identity theft. The report suggested that elected officials are fighting resistance from various industries, and in-fighting within certain industries is slowing progress. For instance, according to the article, small banks are fighting large banks over reissuing costs associated with credit card and debit card replacement—often one of the first activities to follow identity theft once a victim finds out about the crime.
If industry wants to have petty arguments and play chicken with consumers’ personal financial information even as elected officials try to fix the situation, then companies that mishandle this sensitive data deserve to go out of business.
Industry has been negligent for quite some time. And yet their marketers simultaneously -- and heavily -- promote the notion of shopping online for the holiday season. The threat they have all created, to the economy and national security, is severe.
Studies are finding consumers increasingly apprehensive about identity theft to the point that fears may threaten the profitability of e-commerce. The threat of falling prey to this crime may be precipitating a drop in the numbers of those who shop and bank over the Internet. It is a situation that jeopardizes earnings for the holiday season and over the long term, and the push for multifactor authentication, which goes beyond the familiar username–password system to verify identities online, is underway.
Little overhead is needed for companies to implement multifactor authentication systems right away. Any company that conducts business online should implement multifactor authentication immediately to combat consumer unrest, which threatens long-term profitability.
On Nov. 8, Reuters reported on an October 2005 survey by Entrust, Inc., which found security concerns among consumers. Eighteen percent of Americans surveyed who had banked online are doing so less often, or not at all, as a reaction to the current climate, which shines a spotlight on identity theft. A full 94 percent of respondents expressed openness to additional security online to counter the problem.
Trends suggested by Entrust’s survey are not new. Over the past year, Gartner Research; TNS, a marketing information company; TRUSTe, a nonprofit dealing in online privacy; and others have conducted studies indicating a fall in online consumers’ numbers and/or a rising fear over identity theft and other online threats.
Industry is running out of time to salvage public opinion. To combat identity theft—and, in turn, a snowballing loss of business—online banks and others must implement weighty, tangible measures that consumers will perceive as adequate.
The same Reuters article reported that the Federal Financial Institution Examination Council has “ordered banks to tighten online access by late 2006.”
Simple multifactor authentication measures might require consumers to reveal their favorite colors and pets’ names along with passwords. The cost doesn’t have to be huge, and any investment in multifactor authentication is preferable to the permanent loss of revenue should consumers flee the Internet for good.
What’s great about multifactor authentication is its ability to evolve. It’s a long-term answer to the problem of identity theft. Fingerprint readers and other advanced technologies will enhance multifactor authentication’s effectiveness. Once these kinds of devices become more widely available for home computers, the identity thief’s task will evolve, too—into something much more difficult to undertake.