Shoppers remain lax about passwords

While two-thirds of U.S. consumers were predicted to shop online this holiday season, the majority of those shoppers (63%) are either unsure or not confident in the security of the personal and payment information that they use to complete a transaction, according to a KPMG survey.

In fact, the survey finds that consumers may be too passive. They are not taking the proper steps to ensure the security of their personal information.

Shoppers habitually expose data

According to the survey, 47% of online shoppers identified that they store some or all of their credit card information on retailer websites for quick and easy access to their accounts, and yet 40% of online shoppers stated that they have not changed their password in the past year.

“Passwords are an important line of protection in the fight against identity theft,” says Tony Buffomante, partner and retail cyber security leader for KPMG. “However, cyber security is a joint venture between the retailer and the consumer.”

Both parties need to fortify each end of the transaction, Buffomante continues, not assuming that one end is more secure than the other.

“From the consumer side, that means installing challenging passwords, changing them regularly, and monitoring their accounts,” Buffomante says. “For the retailers, they need to implement policies, procedures, and controls to mitigate cyber security threats and constantly monitor for potential breaches of customer information.”

Yet security very much matters to consumers

Security breaches have an immediate and potentially lasting impact on the retailer’s reputation, with more than a third of consumers (38%) stating that there is a negative impact on how they perceive a company once it has experienced a security breach.

Not only does a cyber-data breach impact a company’s reputation, it also affects the company’s sales figures. According to the survey, 27% of consumers will only shop at a store that previously experienced a cyber-attack if they cannot find the product elsewhere. And 8% refuse to shop at these stores, period.

Of the consumers who stated that they change their online passwords regularly, 41% said their decision was influenced by recent news of an information security breach at a retail company. Twelve percent of consumers who regularly change their passwords do it because they once were victims of identity theft and know the importance of maintaining proper password protection. Of those who do not change their online passwords regularly, 38% feel their passwords are secure enough and 36% state that changing their passwords is too much of an inconvenience.

However, with 22% of consumers reporting they would be shopping more online this holiday season than they were last year, online shopping has never been so popular. When asked why they prefer to shop online than in-store, consumers identified convenience, product availability, and cost as more important factors than security.

“The holiday shopping season continues to experience a bit of an evolution as more and more consumers turn to online shopping for the ease and convenience of not having to leave their house and fight with a hoard of other shoppers or get to a store and find out the product that they want may not be available,” says Mark Larson, KPMG’s U.S. and global retail leader. “Retailers are looking to adapt to this changing landscape and are therefore continuing to invest in days such as Cyber Monday and Green Monday as another way to increase their annual sales.”

When shopping online, an overwhelming majority of consumers (83%) prefer to use their personal computers rather than mobile devices (30%) or tablets (20%).