Reading the security stories this year you could be forgiven for feeling downbeat. 2014 has been another year for big data breaches. Banks and retailers have suffered from attacks that are increasing in scale and frequency. 4 of the top 10 data breaches of all time occurred this year.
Cybersecurity has carved itself an unwelcome place in the mainstream news agenda, which has affected consumer confidence.
The Heartbleed bug threatened to expose usernames, passwords, and customer data for thousands of websites around the world. One month later, eBay revealed a data breach that included personal and payment data, affecting 145 million users. Bitcoin and PayPal also had major security flaws exposed by hackers in separate incidents.
Despite the gravity of the stories this year, the things still most likely to affect a consumer’s financial security include email phishing scams, fake promotional deals on social media sites and targeted fraud scams that take place in high street stores or points of sale.
There were many predictions that shoppers would avoid affected retailers in the run up to Christmas, but if the Black Friday spending figures are an indication, there’s no evidence that these claims will be validated.
In fact, some reports suggest that many consumers are moving from fear to fatigue with some of the news stories, with a ‘come-what-may’ attitude or putting transactions on credit cards instead of debit, knowing that they are covered.
Retailers are definitely paying attention though. Security has always been important to them, but seeing how a breach can adversely impact share prices and reputation has challenged them to prioritise the issue, not just within the IT department, but with real accountability at board level.
For every bad story we hear, right behind it there’s a queue of good ones that you don’t see. Fraud prevention is rarely reported, quite often because businesses don’t want to set themselves up for a later fall. Showing off about security can also serve as a challenge to hackers. The succession of negative news stories does not suggest the industry has lost control.
There are other reasons to be positive. Authentication is changing for the better. Biometrics are advancing fast. The unveiling of Apple Pay is only the start, and we are about to enter a new era for electronic payments, with tokenisation, and intelligent decisioning.
Businesses should no longer suffer from the fear of vulnerability if they keep the user experience free of complicated passwords or security steps. We shouldn’t have to choose between simplicity and security in the future because we can have both.