Should Consumers Be More Concerned About Cyber Breaches?

2014 will be remembered as the year that security breaches kept on turning up in the retail industry like a bad penny.

Large retailers like Home Depot, Target and Kmart are still licking their wounds after suffering crippling cyber-attacks. To prevent a recurrence of these attacks, retailers are directing significant resources to cyber security and are implementing various solutions to protect themselves.

I’d like to focus this post on the consumers, who seem to be much less concerned about the privacy issues and payment fraud risks that come with each of these breaches. On the one hand, a recent Associated Press poll revealed that 58% of people are deeply worried when spending money online.  However, a recent Consumer Reports survey of 3,110 online consumers indicated that 62% have not taken any steps to protect their privacy on the Internet.

In spite of heavy media coverage, a surprisingly large number of customers have continued shopping with Target and other victimized brands.  They also apparently have no qualms about continuing to provide their credit card information to online merchants both big and small. So despite their deep concerns, many online buyers are choosing convenience over prudence.

In a certain sense, this reaction is understandable. As a consumer, if you pay via credit card or an e-wallet like PayPal, your transaction is almost always guaranteed.  Even if somebody steals your card information and uses it to accumulate thousands of dollars of merchandise, you only have to contact your card company to have the charges reversed.  This is why credit cards are considered the safest payment option in the world.

However, fraudulent credit card charges are not the only threat you face when a retail security breach occurs. There are also the potential threats of identity theft and compromised passwords, either of which may enable fraudsters to access your personal and financial information – including accounts that may not have the same protection offered by the credit card companies. The sorry facts speak for themselves: 1 in 7 online consumers were notified that their personal data had been breached in 2013, a 56% increase over 2012. And these numbers are steadily rising.

The fact is that hackers are becoming increasingly daring by targeting consumers’ PCs, tablets and smart phones where they may not expect it — at coffee houses, doctor’s offices, grocery stores and railway stations, to name just a few locations. Credit card numbers can also be stolen when a card is used at a gas station or an ATM where a thief has replaced a store’s authentic card reader with a fake card reader or “skimmer.” Furthermore, many people don’t think twice about sharing personal information on Facebook, LinkedIn and other social media, despite the fact that they may be exposing themselves to malicious hackers.

The bottom line is that neither retailers nor consumers can afford to be complacent. They should all be very concerned about the problem of cyber security breaches.  Even though it’s the credit card providers that are ultimately held responsible for financial losses resulting from payment fraud (until the EMV liability shifts kick in, at any rate), no retailer wants to experience the media scrutiny, customer rage and loss of reputation that companies like Target and Home Depot have gone through over the past year.  They do care, and are doing everything in their power to protect both themselves and their customers from security breaches and payment fraud.  But consumers need to be concerned as well; they have a lot more at risk than they may think.

Contributed by Oren Levy, CEO of payment tech provider Zooz.