Convenience or security: What do your customers value more?
Computerworld - An enormous challenge for organizations is striking an appropriate balance between a need to verify identity and the ability to provide quick and easy access to systems and confidential information. A lack of balance can have serious consequences. A leading Web merchant may lose business because the identity management procedures fail to authenticate a legitimate customer. Or even worse, individuals may become victims of identity theft because an online business fails to use proper identity management safeguards.
To address the convenience and safety conundrum, technology companies are developing biometrics and universal identification systems for purposes such as access to bank accounts, entry into public buildings and security screening at airports.
To find out the types of identity management technology consumers prefer and the expectations they have about how organizations use it, the International Association of Privacy Professionals, Electronic Data Systems Corp. and Ponemon Institute recently conducted a Web-based survey of almost 1,200 adults throughout the U.S.
The survey asked respondents about personal information they are willing to share over the telephone or Internet, both to establish a new business relationship and to validate their identity when making contact with a company they already do business with. People said they are more willing to share personal information with a customer service representative over the telephone than during an online session. The pieces of personal information individuals are most willing to share with organizations to establish their identities are: name (88%), home telephone (88%), address (84%) and customer account numbers (82%).
The pieces of information individuals are least willing to share are: racial or ethnic origin (8%), Social Security numbers (12%), debit card numbers (16%), nationality (18%) and driver's license numbers (18%). How much is too much? According to 65% of the respondents, three or more separate pieces of personal data to identify them is too much.
Consumers want convenience
It is interesting to note that despite the rise in incidents of identity theft, the study suggests consumers want identity management to be a relatively easy and efficient process. The most salient findings are shown in Figure 1 below. In short, respondents don't want organizations to require them to deal with complex passwords or access procedures. For example, if they forget their online password, 44% of respondents said it should be e-mailed to them immediately so that they can access the system with minimal delay, and 44% said that customer service representatives should provide helpful hints or prompts if they forget their password.
As shown in Figure 1, only 26% of respondents believe that they should be locked out of an online transaction for repeatedly failing to enter their password or special access code. And just 13% of subjects are willing to provide three or more pieces of personal data before being granted access permission.
- Best iPhone, iPad Business Apps for 2014
- 14 Tech Conventions You Should Attend in 2014
- 10 Desktop Apps to Power Your Windows PC
- How to Add New Job Skills Without Going Back to School
- Slideshow: 7 security mistakes people make with their mobile device
- iOS vs. Android: Which is more secure?
- 11 sure signs you've been hacked
- The 12 PCI DSS 3.0 requirements addressed by Peer 1 Hosting This handy quick reference outlines the 12 PCI DSS 3.0 requirements, who needs to be compliant and how Alert Logic solutions address the...
- Defense Throughout the Vulnerability Life Cycle This whitepaper provides insight into how to leverage threat and log management technologies to protect your IT assets throughout their vulnerability life cycle.
- Alert Logic for PCI DSS Compliance To achieve PCI DSS compliance, you must identify and remediate all critical vulnerabilities detected during PCI scans. Threat Manager streamlines this process by...
- Cybersecurity Imperatives Reinvent Your Network Security With Palo Alto Networks The Rise of CyberSecurity
- Live Webcast On-demand webinar: "Mobility Mayhem: Balancing BYOD with Enterprise Security" Check out this on-demand webinar to hear Sophos senior security expert John Shier deep dive into how BYOD impacts your enterprise security strategy...
- Live Webcast Endpoint Backup & Restore: Protect Everyone, Everywhere Arek Sokol from the bleeding-edge IT team at Genentech/Roche explains how he leverages cross-platform enterprise endpoint backup in the public cloud as part...
- Streamline Software Asset Management, Compose a software Management Symphony Keeping track of your organization's software is easy with effective software management solutions from CDW. View the videos in our software solutions channel
- Druva inSync: Endpoint Data Protection & Governance CLICK HERE to watch this video about protecting corporate data on laptops and mobile devices, sponsored by Druva. All Security White Papers | Webcasts