European E-Commerce Feeling Pinch from ID Theft

European consumers are being driven away from online banking and commerce by fears that their identities will be stolen and their financial resources raided by information highwaymen.

Survey results released yesterday by Entrust, a publicly traded digital identity security firm located in Addison, Texas, showed 13 percent of consumers in the United Kingdom and Germany have decreased or stopped online banking activities in the past 12 months because of concerns over identity theft.

The poll of 1,486 European consumers conducted in March also found that 12 percent of the respondents decreased or stopped conducting any form of e-commerce online for the same reason.

Voting with Keyboards

Entrust conducted a similar survey for North America last fall and, taken together, the polls show a heightened concern by consumers over identity theft tied to online activity, Vice President for Technology Chris Voice said.

"What's disturbing is that people are voting with their keyboards," he told the E-Commerce Times. "In many cases, they are decreasing or stopping their online activity. So identity theft is having quite an impact on online behavior."

Jonathan Penn, an analyst with Forrester Research in Cambridge, Mass., agreed that reports of data theft, like the recent pinching of 40 million credit card numbers from CardSystems Solutions, is frightening consumers.

"We've been doing surveys on this for about a year now and we definitely see people saying that they're leaving online bill-pay or online banking or not even opening their e-mails from their providers because they're worried it might be a phishing attack."

Competitive Advantage

Voice, of Entrust, maintained that the surveys should be a clear sign to businesses providing online services that they have to provide demonstrable improvements in how they manage the security of the identity and information of their customers.

"As long as phishing and pharming attacks continue, as long as data breaches continue to happen, consumer confidence is going to wane," he said. "So we need to see some proactive, visible steps by organizations."

"I think it's going to increasingly become a competitive advantage to have a brand associated with protecting consumers' identities and information," he added.

Incentive To Spend

Voice asserted that there's a clear incentive for businesses to spend money on protecting information about their customers.

"If customers aren't going online, they're going to a branch bank or call center to do their business," he said. "All those are extremely expensive and significantly impact the cost of organizations delivering services.

Penn, of Forrester, added that people will research a potential buy on the Web, but shy away from finishing a transaction there.

"They'll wind up calling a customer center to enroll in a service because they're worried about giving out their personal information on the Internet," he noted. "That means businesses continue to spend a lot of money on phone-based service rather than effectively moving people to more efficient channels."

Security May Attract New Business

According to the Entrust survey, respondents said security was an important factor in choosing a financial institution. Some 52 percent of UK consumers and 51 percent of those in Germany told surveyors that security of online identities would influence their decision in selecting a bank with which to do business. That compares to 65 percent in the North American survey.

The poll also revealed that among the respondents not active in online banking, 66 percent in the UK and 72 percent in Germany said they would be more active if security were improved. That compares to 72 percent in North America.

Among consumers who use online banking at least once a month, 80 percent in the UK and 90 percent in Germany said they'd take advantage of additional, higher value services if their identities were better protected. That compares to 90 percent in North America.

Misplaced Onus

While consumers might want better security, they appear reluctant to pay for it, according to the survey. When asked if they'd be willing to pay extra for a "two-factor" security system that would better protect their online identity, 85 percent of UK respondents said no, while 73 percent of German consumers replied nein.

Two-factor security requires an additional means of verification -- other than a user name and password or PIN -- to enter an account. Oftentimes that second form of ID takes the form of a hardware device like a computer fob or dongle.

"I'm a little disappointed with the two-factor approach because it puts the onus on the consumer," Eric Ogren, vice president for marketing for Tizor Systems, a Boston-based maker of data server monitoring software, told the E-Commerce Times. "It should be the bank's problem of protecting consumer data once the bank has it."