Convenience or security: What do your customers value more?
Computerworld - An enormous challenge for organizations is striking an appropriate balance between a need to verify identity and the ability to provide quick and easy access to systems and confidential information. A lack of balance can have serious consequences. A leading Web merchant may lose business because the identity management procedures fail to authenticate a legitimate customer. Or even worse, individuals may become victims of identity theft because an online business fails to use proper identity management safeguards.
To address the convenience and safety conundrum, technology companies are developing biometrics and universal identification systems for purposes such as access to bank accounts, entry into public buildings and security screening at airports.
To find out the types of identity management technology consumers prefer and the expectations they have about how organizations use it, the International Association of Privacy Professionals, Electronic Data Systems Corp. and Ponemon Institute recently conducted a Web-based survey of almost 1,200 adults throughout the U.S.
The survey asked respondents about personal information they are willing to share over the telephone or Internet, both to establish a new business relationship and to validate their identity when making contact with a company they already do business with. People said they are more willing to share personal information with a customer service representative over the telephone than during an online session. The pieces of personal information individuals are most willing to share with organizations to establish their identities are: name (88%), home telephone (88%), address (84%) and customer account numbers (82%).
The pieces of information individuals are least willing to share are: racial or ethnic origin (8%), Social Security numbers (12%), debit card numbers (16%), nationality (18%) and driver's license numbers (18%). How much is too much? According to 65% of the respondents, three or more separate pieces of personal data to identify them is too much.
Consumers want convenience
It is interesting to note that despite the rise in incidents of identity theft, the study suggests consumers want identity management to be a relatively easy and efficient process. The most salient findings are shown in Figure 1 below. In short, respondents don't want organizations to require them to deal with complex passwords or access procedures. For example, if they forget their online password, 44% of respondents said it should be e-mailed to them immediately so that they can access the system with minimal delay, and 44% said that customer service representatives should provide helpful hints or prompts if they forget their password.
As shown in Figure 1, only 26% of respondents believe that they should be locked out of an online transaction for repeatedly failing to enter their password or special access code. And just 13% of subjects are willing to provide three or more pieces of personal data before being granted access permission.
- Radicati: Cloud Business Email - Market Quadrant 2013 Google was named the top cloud business email provider in a recent report by research firm Radicati. Out of 14 key players, Google...
- Tablets in the Enterprise: A Checklist for Successful Deployment How can you enterprise manage and secure tablets in order to protect corporate data while providing access to the information and applications employees...
- Enterprise Mobility: A Checklist for Secure Containerization The advantages and disadvantages of the multiple approaches to containerization. Learn More>>
- Enterprise File Sync & Share Checklist File sync and share has changed the way people work and collaborate in today's tech-savvy world. Gone are the email roadblocks, clunky FTP...
- Live Webcast LIVE EVENT: 5/7, The End of Data Protection As We Know It. Introducing a Next Generation Data Protection Architecture. Traditional backup is going away, but where does this leave end-users?
- LIVE EVENT: 5/7, The End of Data Protection As We Know It. Introducing a Next Generation Data Protection Architecture. Traditional backup is going away, but where does this leave end-users?
- On-demand webinar: "Mobility Mayhem: Balancing BYOD with Enterprise Security" Check out this on-demand webinar to hear Sophos senior security expert John Shier deep dive into how BYOD impacts your enterprise security strategy... All Security White Papers | Webcasts