BEDFORD, MA - November 04, 2014 -
Today, RSA, The Security Division of EMC (NYSE: EMC), released the results of a new survey in conjunction with the Ponemon Institute highlighting consumer attitudes toward online security. Surveying more than 1,000 consumers in the United States, the survey found that nearly half of respondents had fallen victim to at least one data breach and 45% say they are not confident they know all instances of when their personal information has been leaked. As such, many of the respondents have showcased a boosted concern around security driven by the increase in mobile and the prevalence of data breaches. However, despite growing concerns, in many cases behaviors toward security have not changed.
Despite a year of major retail breaches, there is an inclination to increase online behaviors that have proven risky, like online shopping, and an overwhelming unwillingness to change risky behavior. Forty-eight percent admit to online shopping on a weekly basis, and while respondents rated security expectations high for activities like online banking and mobile transactions, security expectations for online shopping were shockingly low. Even with expectations being low, so many being personally affected by data breaches, and the wave of retail data breaches involving payment card information, 45% of the respondents say that it has no effect on their use of credit or debit cards.
According to RSA’s Anti-Fraud Command Center, during the first six months of 2014, 33% of banking transactions originated in the mobile channel, which marks an increase of 20% from 2013 and a 67% increase from 2012. One out of four fraud transactions originated in the mobile channel – showing a significant increase in mobile fraud. Of all of the online activities measured in the Ponemon survey, making mobile payments ranked highest on the list in terms of expectations of security, yet 77% admit to not trusting the security of mobile apps and only 35% say that they always read permissions of apps being downloaded.
It comes as no surprise that weak authentication is still an issue among most consumers, with 62% expressing a lack of trust in websites that only require a username and password at login. While seventy-one percent of respondents say they are most concerned about losing their password in a data breach, nearly a third admits to only having one to two passwords for all online accounts; 69% admit to using the same password for more than one device or site; and only 54% say that they regularly change their passwords. When questioned about preferred authentication methods, a majority of respondents cited software tokens and/or biometrics (voice and fingerprint verification) as the ideal ways to manage identities.
Brian Fitzgerald, Vice President, Marketing
“As the capabilities and convenience of the Internet continue to grow, so does consumer security concerns. The results of the Ponemon Study show that while these concerns are top of mind, behaviors and attitudes of consumers are not changing. It is incumbent upon the industry, to deliver on promises of strong and convenient security methods to help customers take advantage of the Internet while significantly limiting the risk of threats – both simple and sophisticated.”
EMC Corporation (NYSE: EMC) is a global leader in enabling businesses and service providers to transform their operations and deliver IT as a service. Fundamental to this transformation is cloud computing. Through innovative products and services, EMC accelerates the journey to cloud computing, helping IT departments to store, manage, protect and analyze their most valuable asset — information — in a more agile, trusted and cost-efficient way. Additional information about EMC can be found at www.EMC.com.
RSA’s Intelligence Driven Security solutions help organizations reduce the risks of operating in a digital world. Through visibility, analysis, and action, RSA solutions give customers the ability to detect, investigate and respond to advanced threats; confirm and manage identities; and ultimately, prevent IP theft, fraud and cybercrime. For more information, please visit www.rsa.com.