The growing pervasiveness of data breaches combined with revelations that some companies are not properly protecting or outright misusing personal information has left a growing a number of consumers on edge about the security of their identities. In fact, according to a new study conducted by identity verification solutions provider IDology, 57 percent of Americans indicated that they are more concerned now that their personal information will be exposed in a data breach than they were just a year ago and 47 percent reported that they had received at least one breach notification in the past 12 months.
These concerns are also validated by the fact that the number of breaches and records compromised in the U.S. has skyrocketed in recent years. According to the Identity Theft Resource Center, the annual number of data breaches reported in the U.S. jumped from just over 400 in 2011 to more than 1,500 last year. In addition, nearly 180 million records were exposed as a result of the breaches reported in 2017.
“On a macro level, breaches and cyber-attacks have propelled consumers and companies to a turning point in trust,” says John Dancu, CEO of IDology and co-author of the company’s 2018 Consumer Digital Identity Study. “Consumers have an elevated sense of concern around their digital identities, even though it hasn’t converted into action, and they trust organizations less with their information.”
For example, the study found that 20 percent of consumers have no confidence that businesses can protect their data and an even greater amount, 23 percent, have no confidence that government agencies can. Despite these low confidence levels, 67 percent of those surveyed said they believed that it is a company’s responsibility to protect their personal information.
Security Now a Primary Consideration
With this growing awareness that their data is increasingly at risk, it should come as little surprise that Americans are also beginning to make identity security a bigger part of the decision-making process when it comes to doing business with various organizations. The IDology study, which polled more than 1,000 U.S. adult consumers in March, found that 56 percent of respondents would be more likely to choose a financial institution if they knew it offered advanced identity verification methods.
“Identity verification has always been a back-office function, but it’s becoming more of a front-end, customer facing consideration,” Dancu says.
Some of the identify verification solutions that consumers considered to be among the most secure methods of authentication included biometrics (fingerprints, facial or voice recognition – 54 percent), knowledge-based questions (45 percent) and one-time passcodes (44 percent).
Convenience Still Matters
When opening an account online, 88 percent of consumers polled said they placed a premium on security while 72 percent also indicated that they wanted the process to be easy. Another 31 percent of respondents said that they have abandoned signing up for an account because it was too difficult or took too long.
“The data shows consumers demand both security and ease of use,” Dancu says. “We are closer and closer to the point whereby the tradeoffs don’t need to be disruptive between safety and frictionless.”
According to Dancu, the results of the study demonstrate that those businesses that can both increase security while also reducing friction for users will be the ones that come out ahead moving forward.
“For successful companies, it’s all about removing the friction from the consumer experience,” he adds. “Using an identity verification platform that is powerful and smart that works in the background to locate and pass legitimate consumers without friction is crucial.”
Personal Responsibility Lacking
Although consumers say they are concerned about the potential of their information falling into the wrong hands, many still practice poor cybersecurity hygiene or even fail to take the necessary steps to mitigate the damage of a breach on their data after a business or government network intrusion has been reported.
For instance, while 83 percent of study respondents said they had extreme to moderate concerns about their identities being used to fraudulently open accounts, 44 percent of those surveyed reported that they still write passwords down and 73 percent rarely change them.
Among those who received notification that their personal data had been breached, 20 percent said they took no action, only 13 percent put a freeze on their credit and a mere 19 percent enabled two-factor authentication on their accounts. Additionally, only 40 percent of consumers indicated that they changed their passwords after being notified of a breach. Just fewer than 60 percent of those surveyed strongly agreed that it was their responsibility to protect their personal information.
“Given there is a high level of concern among consumers about the security of their personal data and digital identity there is a surprising low level of action to strengthen their own vulnerabilities,” Dancu says. “It’s a paradox, as even though there is elevated concern there is gap in action.”
Moving forward, Dancu says that both consumers and businesses need to understand that they both play an important role in protecting sensitive data and learn how to leverage various forms of identity verification to their full advantage.
“Identity is now a core component of how we conduct commerce and interactions on the Internet,” he concludes. “It is a necessary component of establishing trust in a consumer-not-present environment.”
About the Author:
Joel Griffin is the Editor-in-Chief of SecurityInfoWatch.com and a veteran security journalist. You can reach him at [email protected].
