80% of shoppers demand transparency from online retailers after data breach incident

Online shoppers want retailers to be transparent and honest if they’ve suffered a security breach. That’s according to a new UK consumer survey commissioned by NTT Security, the global information security and risk management company. The research results, announced just ahead of one of the busiest online shopping periods in the lead-up to Black Friday and Cyber Monday as well as Christmas, also reveal that customers want to know if a site has been hacked or personal data compromised.

Asked what they would like retailers to do in order to help build consumer trust when shopping online, 80% of survey respondents say they expect more transparency following a breach, as well as more secure payment systems on sites, with retailers insisting that customers must use stronger passwords and change them regularly.

However, in a year when a number of major retailers suffered high profile and embarrassing data breaches, potentially exposing customers’ confidential information, a third of buyers still admit they would carry on using an online store that suffered a breach, but would take the initiative to upgrade their security or otherwise do so if advised by the retailer on such a course of action. Surprisingly, just 18% would stop using a site permanently.

Concerns about shopping online are evident, with the majority of respondents worried about the privacy of personal information (63%), a site being fake (63%) and the risk of being sent phishing e-mails that link to malware (60%). Shoppers are also concerned about the risk of identity theft and paying online.

At the same time, people are becoming more aware of security Best Practice when they shop online. More than 40% of respondents to the survey believe that retailers should publish their privacy policies to allow customers to see how data is being handled and stored, while a third (32%) want stores to listen and respond to customer concerns on social media by way of helping to build consumer trust.

Diligent on data security

Stuart Reed, director at NTT Security, commented: “The retail sector is among one of the most targeted industries for attacks and, with one of the busiest trading periods of the year now upon us, it makes sense that both consumers and retailers are diligent in terms of data security. While some shoppers are happy to continue using sites even when they’ve been breached, they’re also anxious for retailers to let them know when they’ve been hacked.”

Reed continued: “Consumers certainly seem to be growing in security awareness when online. They’re more ‘savvy’ and willing to take responsibility for their own security to some extent, but they’re also more demanding of retailers and expect to see privacy and security polices displayed clearly on websites.”

Reed warned retailers: “While seasonal trading might result in a spike of targeted attacks, it’s important to remember that, in a connected and global economy, cyber threats are present 24 hours a day, every day of the year. On that basis, it’s crucial that online retailers have the basics right combined with a balanced and well-communicated approach towards cyber security at all times.”

Most customers trust their bank/insurance company to keep their personal data safe online, while online dating sites and social media are least trusted. This echoes the findings from a 2015 NTT Security survey. In fact, the ‘Trust List’ (in order from most trusted to least trusted) is as follows:

*Banks/insurance companies

*Healthcare providers/NHS

*HMRC/other Government sites

*Online-only retailers (eg Amazon)

*High Street retailers with an online presence

*Utility companies

*Music, book, app or film sites (eg iTunes, Netflix)

*Travel sites

*Social media portals

*Online dating sites

The NTT Security ‘Online Shopper Survey’ was conducted this month by SurveyMonkey among 500-plus UK respondents. Respondents were split evenly across different age groups and between males and females

About the Author
Brian Sims BA (Hons) Hon FSyI, Editor, Risk UK (Pro-Activ Publications) Beginning his career in professional journalism at The Builder Group in March 1992, Brian was appointed Editor of Security Management Today in November 2000 having spent eight years in engineering journalism across two titles: Building Services Journal and Light & Lighting. In 2005, Brian received the BSIA Chairman’s Award for Promoting The Security Industry and, a year later, the Skills for Security Special Award for an Outstanding Contribution to the Security Business Sector. In 2008, Brian was The Security Institute’s nomination for the Association of Security Consultants’ highly prestigious Imbert Prize and, in 2013, was a nominated finalist for the Institute's George van Schalkwyk Award. An Honorary Fellow of The Security Institute, Brian serves as a Judge for the BSIA’s Security Personnel of the Year Awards and the Securitas Good Customer Award. Between 2008 and 2014, Brian pioneered the use of digital media across the security sector, including webinars and Audio Shows. Brian’s actively involved in 50-plus security groups on LinkedIn and hosts the popular Risk UK Twitter site. Brian is a frequent speaker on the conference circuit. He has organised and chaired conference programmes for both IFSEC International and ASIS International and has been published in the national media. Brian was appointed Editor of Risk UK at Pro-Activ Publications in July 2014 and as Editor of The Paper (Pro-Activ Publications' dedicated business newspaper for security professionals) in September 2015. Brian was appointed Editor of Risk Xtra at Pro-Activ Publications in May 2018.

Related Posts