Data and Card Security Through the Eyes of Global Consumers

How do consumers react to data breaches? Badly.

Darren Gill

By Darren Gill, chief revenue officer, PCI Pal

Businesses and consumers around the world are migrating their presence to exist online and cybercriminals have noted the wealth of information that’s been uploaded for their taking. Financial data, contact information, Social Security numbers and other highly personal data are stored in corporate and partner networks, which has attracted the attention of hackers looking to profit from stolen data.

With data breaches on the rise, consumers are growing increasingly wary of sharing their personal data with companies. To gauge the full impact of recent breaches, PCI Pal, a provider of secure and compliant payments solutions for contact centers, recently surveyed consumers in Australia, Canada, the United Kingdom and the United States to uncover their attitudes toward data security and how companies (and any third parties they work with) can help them to feel more secure. The findings are clear: consumers will hold companies accountable for the frivolous management of their data, even if the breach is a result of third-party negligence.

Data Security Concern Spillover

Based on our findings, it’s no surprise that consumers are concerned about their data security: 44% of Americans, 38% of Brits, 33% of Australians and 37% of Canadians reported being victims of a security breach. And that’s not all — following data breaches, many of these consumers will change the way they engage and spend money with businesses. Some 83% of U.S. consumers, 44% of U.K. consumers, 43% of Australian consumers and 58% of Canadian consumers reported they will stop spending with a brand for several months following a breach, while some consumers reported they will stop spending with a brand forever. Whether it’s adjusting how much they spend or deciding to avoid the company altogether, these figures represent significant potential revenue loss that many businesses may not be able to recover from.

Our research also found concerns around how an organization obtains consumer data, with 40% of Americans, 55% of Brits, 49% of Australians and 42% of Canadians reporting feeling uncomfortable sharing sensitive payment information over the phone. This suggests that consumers are reconsidering the safety of common business practices in data collection.

Gaining Consumer Trust

While these findings underscore growing concerns around businesses’ data security practices, the report also details several steps companies can take to earn consumer trust, before and after a data breach. Across regions, consumers wanted companies to undergo regular security audits and put in place verification systems. They also wanted businesses to be federally mandated by the government to protect consumer data and claimed they would feel safer if sensitive personal information was not required for every transaction.

The research also found that, in the event of a data breach, there are steps companies can take to regain consumer trust and loyalty:

In the United States, 41% want the business to admit responsibility and invest money in improving security efforts, 26% want a third party to confirm its ecosystem is safe before spending with them again and 21% go even further to require the company to announce PCI compliance to earn back trust.
In the United Kingdom, 43% want the business to admit responsibility and invest money in improving security efforts, 50% want a third party to confirm it is safe before spending with them again and 47% go even further to require the company to announce PCI or GDPR compliance.
In Australia, 44% want the business to admit responsibility and invest money in improving security efforts, 37% want a third party to confirm the company’s system is safe and another 37% want the company to announce security compliance.
In Canada, 33% want the business to admit responsibility and invest money in improving security efforts, 26% want a third party to confirm the company’s system is safe and another 28% want the company to announce security compliance.

Repairing trust after a breach should …