According to the Consumer Loss Barometer, the financial services sector is the most proactive when it comes to investing in and focusing on information security, yet more than one-third of consumers say their personal bank accounts have been compromised and almost eight in 10 financial institutions admit to being breached in the past two years, writes Nathan Desfontaines, cyber security manager, technology advisory: information protection and business resilience at KPMG.
In addition, the vast majority of consumers say they would change banks if their institution didn’t take the proper steps to remediate a cyber-attack.
Financial institutions have a real opportunity to solidify trust with their customers by demonstrating that security is a strategic imperative, and that they are taking every possible precaution to protect consumers. Consumers have a lot of options in this environment, so companies need to ensure that they get it right as the battle for customers is fierce.
The survey of 449 banking consumers found that 37% would move to a new institution if the bank refused to cover their losses, while 30% said that they would leave if the bank did not provide timely acknowledgement or response to an incident.
Consumers surveyed indicated that there are several steps that banks can take to alleviate their concerns, most frequently citing a guarantee to cover losses (74%), frequent communications and updates (38%), and providing a free credit report (35%).
In conjunction with the consumer survey, KPMG conducted a survey of 400 senior cybersecurity executives, including 100 in financial services, distributed evenly between chief information officer (CIO – 25%), chief information security officer (25%), chief security officer (25%), and chief technology officer (CTO – 25%).
The survey found that the financial services sector was the most proactive of all the sectors. Sixty-six percent of finance executives indicate that their companies have invested in information protection in the past year – well ahead of their peers in other sectors. In fact, 64 percent of executives assert that their companies dedicate more than 10% of their annual IT budget to information protection initiatives. In addition, 85% say they have a leader in their company whose sole role is information security – again, ahead of other sectors KPMG polled.
It is encouraging to see that financial institutions are clearly making the investment in information security and are ahead of their peers from other sectors, but in order to retain loyal customers and attract new ones, they will need to continue demonstrating their commitment and ability to protect their customer’s assets as well as to put their minds at ease.
Regardless of the platform affected, data breaches deter consumers 40 percent of mobile wallet users would not feel comfortable using a mobile pay app that had recently been hacked.
Most major mobile payment apps seem to be safe. But risks persist, for instance, it may be possible, though cumbersome, to intercept credit card data from Samsung Pay through a tokenisation flaw — meaning that mobile wallets must be careful if they are to avoid blunders that hurt adoption.
If breaches occur in the future, the impact on the ecosystem at large could be massive.
Consumers are consistently worried about mobile payment security, which is stopping them from using the wallets. Two of the top five reasons why mobile phone owners cite for not using mobile payments are related to safety and security. The Consumer Loss Barometer indicates that a breach could impact wallets’ already low adoption. A future breach could not only dampen slow adoption, but also shrink the existing pool of users.
At the moment, mobile payments are becoming more popular, however, they still face some high barriers, such as consumers’ continued loyalty to traditional payment methods and fragmented acceptance among merchants. But as loyalty programmes are integrated and more consumers rely on their mobile wallets for other features like in-app payments, adoption and usage will surge over the next few years.
