Worried Retail Shoppers Bury Heads in Sand
Shoppers are rattled over recent highly publicized retail store data breaches, but it doesn't appear they're taking much action to improve their own security. Some may feel powerless, some may be lazy, and some may simply think that if they do become victims, they won't be held personally liable, so why not roll the dice? It's the retailers and banks that should be scrambling to improve security.
Consumers are getting increasingly nervous over retailers' ability to protect their personal data -- yet they are not changing their shopping habits, according to findings from an AP-GfK poll.
In the wake of the Target breach, nearly half of those surveyed expressed extreme concern about their personal data while shopping in stores, and 58 percent had deep worries about online spending, the poll found. That number grew to 62 percent when it came to mobile shopping.
Yet when asked if they had taken specific, basic security precautions as a result of the massive Target breach, the majority said "no."
For instance, 57 percent of people responded in the negative when asked if they had checked their credit reports. Only 37 percent reported increasing their purchases with cash as a result of the breach. An astounding 66 percent said they didn't change their passwords for online retailers' websites, and 80 percent decided not to sign up for a credit monitoring service.
Do You Accept PayPal?
Of course, it may be that consumers are taking evasive maneuvers not covered in the poll.
During the past holiday season, DailySteals.com polled customers concerning credit card fraud and confidence in online shopping, noted Deeon Brown, the site's branding manager.
"We found that aside from looking for Trusted Site Seals when determining where to shop online, our customers often cited a site's use of Paypal as a form of payment as a credit card fraud prevention tool," he told the E-Commerce Times.
In fact, about 40 percent of customers polled by DailySteals.com reported using Paypal as a form of credit card fraud prevention at some point in their online experience.
Customers have become smarter and more savvy when it comes to credit card security, Brown thus argued.
Not My Problem
However the most compelling reason it appears consumers are not changing their behavior, despite their fears, is that they feel they shouldn't have to.
Retailers who collect data are responsible for protecting it, said 88 percent of respondents to the AP-GfK poll. Six in 10 said responsibility should fall to the banks that provide the credit or debit cards, or to the credit bureaus.
Consumers don't see themselves as the problem, Dwayne Melancon, chief technology officer for Tripwire, told the E-Commerce Times.
Many of the breaches are happening "on somebody else's watch," he said.
"Once you swipe your card, it's up to the merchant to protect the information," Melancon continued. "This makes it difficult for the average consumer to tell the difference between safe and unsafe purchases when dealing with established merchants. We simply aren't giving consumers the right information or tools to tell whether they can trust a merchant with their card information, so they shrug and move on with their lives."
That is doubly so in the case of high-profile breaches like Target's, he pointed out.
"The high-profile card breaches are different from phishing emails or other attacks that target individuals; consumers often don't feel like any action they can take will make much of a difference," Melancon said.
There is a more fundamental reason at play, though, that could explain why consumers are not rushing out to take security precautions, Melancon suggested. With credit cards -- and to a lesser extent, debit cards -- protections are in place that shelter consumers from losses due to fraud.
"Having your card compromised may be inconvenient, but it isn't going to cause long-term problems," he noted. "Since it's human nature to move away from pain and toward pleasure, I don't think there is enough pain to cause a shift in shopping habits."