ShopTalk | Reach beyond the breach
Data breaches and payment card fraud are only gaining momentum as the world becomes increasingly digital. It’s estimated that global losses related to payment card fraud reached $24.71 billion in 2016 and are projected to reach $31.67 billion in 2020. And the United States is a chief contributor to this problem. Research suggests that 47% of credit card fraud occurs in the United States even though it only accounts for 24% of total worldwide card volume. While the widespread adoption of EMV (chip card) technology in 2015 helped slow the pace of fraud in face-to-face payment transactions, some of this fraud has found a new home in eCommerce and digital payment transactions.
Personal data (including payment card information) is often exposed during data breaches, which have also been on the rise over recent years. A report from the Identify Theft Resource Center indicates that the number of data breaches in the United States reached an all-time high in 2016 with a total of 1,093. Compare this to the 780 cases reported in 2015 and that’s a 40% hike in data breach activity in just one year.
So how are these surges in data breaches and payment card fraud affecting real-life people? What actions will consumers most likely take when they know their card information has been stolen? Which types of merchants do they observe as being the most common victims of these attacks? And what do they want merchants to offer them when a data breach occurs? This edition of ShopTalk is dedicated to learning more about how consumers are reacting to these threats and what they’re coming to expect from merchants that have been breached.
1. Consumers have accepted that fraud is an ever present threat in today's world. There's a significant jump in the number of consumers who are regularly checking their credit reports (63%) compared to two years ago (37%). They are taking more responsibility with protecting their own information but also rely on businesses to put safeguards in place.
2. Consumers are forgiving of businesses that have had breaches. Businesses who are proactive in informing customers of the data breach and provide next steps such as credit monitoring are fulfilling the expectations of today's consumers.
3. There's a significant shift toward the merchant as being the most responsible party for protecting them. While consumers will not necessarily shy away from businesses who have been breached, fraud is still costly to those businesses.
Vantiv and Socratic Technologies conducted a survey of 500 consumers to learn more. Here are the results. Find more statistics here.
About one in four consumers (24%) have been impacted by a data breach that compromised their payment card information
Across generations, Gen Xers are the group with the highest incidence rate at 26%. Retirees have the lowest incidence rate at 20%.
When a data breach strikes, consumers are most likely to contact their card issuer
The majority of survey participants (69%) would react to a data breach by reporting it to their card issuer. Changing passwords for websites where card information is stored is the second most common behavior (60%), followed by checking credit reports (50%). Only 7% indicate that they would do nothing or take no action.
Nearly half of consumers are aware of a data breach that’s occurred within the past 6 months
Retirees are the generation that’s most aware of a recent data breach, with 48% of respondents hearing or reading about a data breach at retailers and restaurants over the past 6 months.
Consumers believe that mass merchants are the chief victims of recent data breaches
Survey respondents are most aware of data breaches reported by large mass merchants at 51%. This is followed by department stores at 23%.
Among restaurants, respondents most often hear about data breaches in the quick service sector
Consumers are most aware of data breaches at fast casual/quick service restaurants (20%), followed by family dining (10%) and coffee shops/cafes (6%).
After a data breach, consumers recall retailers and restaurants notifying them by mail and offering credit and identity theft monitoring
Mailed letters are the most common action reported by survey respondents at 39%. Credit and identity theft monitoring are the second most popular action with 37% of participants reporting. Email notifications are a close third at 31%.
When a data breach affects their personal information, consumers expect to be notified and offered credit and identity theft monitoring
Survey participants expect an email notification with 75% of respondents reporting. This is followed by credit and identify theft monitoring (60%) and mailed letters (60%).
Millennials have the highest expectations when it comes to email notifications and credit and identify theft monitoring
The youngest generation has the highest expectations for these services to be offered, with 83% of Millennials expecting email notifications and 68% looking for credit and identity theft monitoring.
Most consumers are satisfied with the steps taken by retailers and restaurants following data breaches
In the survey, 86% of total participants express their satisfaction with the responses they received from merchants following data breaches.
The majority of data breach victims continue to patronize retailers and restaurants that have come under attack
Among the victims of data breaches that participated in the survey, 61% indicate that they “probably” or “definitely” would continue patronizing a retailer or restaurant that was attacked. For survey participants that have NOT yet been victims of a data breach, only 50% report that they “probably” or “definitely” would continue patronizing a retailer or restaurant that exposed their data.
Nearly one-third of total consumers think it is likely their card information will be stolen through a data breach in the next two to three years
When comparing victims to non-victims, one half of victims (50%) believe it will happen as opposed to 22% of non-victims. Younger consumers (Millennials and Gen Xers) are more likely to think a data breach is likely to affect them in the next two to three years.
Consumers protect themselves by regularly monitoring their payment card transactions online
This is the most common measure that survey participants take, with 63% of respondents reporting. This is followed by shredding all mail that contains personal information (51%) and never submitting card information online over a website without SSL protection (50%).
Consumers believe that credit card issuers have the greatest responsibility to protect against fraudulent charges
Credit card issuers are most commonly cited at 75%, followed by individual cardholders (67%) and merchants (64%).
To put this infographic on your site, use this code.