Over the weekend, I was shopping in a popular high street store when I was asked for my email address to receive a receipt. Slightly taken aback, I declined and asked for a paper receipt instead. My decision was based largely on my desire to save time — if I gave out my email address, I would have had to spend time unsubscribing from emails later on. However, this decision also reflected something else: My personal information is valuable to me, and the fact that I like your jeans doesn’t necessarily mean I trust you with my data.

A day later, I was shopping again, this time on a handbag retailer’s online store. When I reached the checkout, I glanced up and noticed a warning in my browser’s web address bar. There was no lock symbol, meaning that my connection was not secure. I was in no particular hurry, so I went back to my search engine, found the store website again and finished my transaction when I was satisfied the connection was safe. However, if I had been busier, this could have meant a lost sale for the retailer.

Rising Consumer Expectations Around Data Security

My recent shopping experiences demonstrate a growing trend: Consumers are becoming more security-savvy and realizing that their data is valuable and needs protection, particularly due to recent news headlines detailing high-profile data breaches and emerging cybercrime trends. This means that retailers, in particular, need to up their data security game, especially given the perception that these companies are less secure than organizations in other sectors. According to IBM Security’s “Future of Identity Study,” only 19 percent of U.S. consumers, 23 percent of consumers in the European Union (EU) and 28 percent of consumers in Asia-Pacific (APAC) would trust a retail organization to protect their biometric data. A much larger portion of respondents — 42 percent, 44 percent and 57 percent in the U.S., EU and APAC, respectively — said they would trust financial institutions to properly house this data.

It’s possible that working in the security industry has made me particularly security-conscious and general consumers are less concerned with their online security, but the evidence suggests otherwise. The “Future of Identity” study noted that, of the respondents who said they had heard about a data breach, millennials were more likely than other generations to delete an account held by a breached service provider. In addition, 25 percent of millennials, as opposed to 21 percent of the general population, said they would stop using an app or service that had been compromised. This suggests that younger buyers are more concerned about data security — and more willing to take their business elsewhere if security expectations are not met.

The Risk of Reusing Passwords

Apart from age and the industry I work in, there is another factor that makes me more security-conscious than before: I have personally experienced the frustration of having an account compromised. A few months ago, I was getting on a train when I tried to open a music streaming service for which I pay monthly and discovered that I was unable to log in. After a couple of minutes of investigation, I opened my email inbox and found a message from the provider thanking me for changing my email address and password. Someone had taken over my account.

Though this provider hadn’t suffered a known data breach, it’s easy to see how my email address and password combination, which I unwisely used on multiple sites, could have been leaked elsewhere — a quick online search revealed that my email address had potentially been exposed in at least four data breaches. I was able to retrieve my account within a couple of hours thanks to the customer service team, but this experience made me even warier of giving out my personal data.

My experience is far from unique, and it is becoming more common. The “Future of Identity Study” revealed that 41 percent of millennials reuse passwords to access numerous accounts, meaning that one compromised password could give malicious actors access to multiple accounts. Consumers who have experienced this type of fraud are more likely to think carefully about the security of their personal data.

Data Security Is Key to the Customer Experience

Retailers can use data to create a simpler, more personalized customer experience, but they also need to protect this data to earn the trust of consumers. If they don’t, they risk missing out on would-be customers who wonder whether this enhanced user experience is really worth downloading a potentially insecure app, signing up for a new account or allowing the company to track everything they buy.

Read the complete IBM Study on The Future of Identity

More from Data Protection

The Importance of Modern-Day Data Security Platforms

Data is the backbone of businesses and companies everywhere. Data can range from intellectual property to critical business plans to personal health information or even money itself. At the end of the day, businesses are looking to grow revenue, innovate, and operationalize but to do that, they must ensure that they leverage their data first because of how important and valuable it is to their organization. No matter the industry, the need to protect sensitive and personal data should be…

Meeting Today’s Complex Data Privacy Challenges

Pop quiz: Who is responsible for compliance and data privacy in an organization? Is it a) the security department, b) the IT department, c) the legal department, d) the compliance group or e) all of the above? If you answered "all of the above," you are well-versed in the complex world of compliance and data privacy! While compliance is a complex topic, the patchwork of regulations imposed by countries, regions, states and industries further compounds it. This complexity has turned…

The Digital World is Changing Fast: Data Discovery Can Help

The rise in digital technology is creating opportunities for individuals and organizations to achieve unprecedented success. It’s also creating new challenges, particularly in protecting sensitive personal and financial information. Personally identifiable information (PII) is trivial to manage. It’s often spread across multiple locations and formats and can be challenging to find and classify. Organizations need a modern data discovery and classification solution to identify sensitive data across physical, virtual and public clouds. The Current State of Sensitive Data Discovery and…

Backdoor Deployment and Ransomware: Top Threats Identified in X-Force Threat Intelligence Index 2023

Deployment of backdoors was the number one action on objective taken by threat actors last year, according to the 2023 IBM Security X-Force Threat Intelligence Index — a comprehensive analysis of our research data collected throughout the year. Backdoor access is now among the hottest commodities on the dark web and can sell for thousands of dollars, compared to credit card data — which can go for as low as $10. On the dark web — a veritable eBay for…