The 28th January now officially marked Data Privacy Day, and Karen Wheeler, from Affinion asks 'what more banks can do to prevent cybercrime?'
It barely seems a week goes by without a fresh data hacking scandal hitting the headlines. In the last few days alone, we’ve seen news emerge that Lloyds Banking Group has become the latest victim as it came under siege from a two-day cyber-attack in January. Online crime is on the rise, and at a rapid pace: the annual Crime Survey of England and Wales (CSEW) recently revealed cyber offences accounted for nearly half of all UK crime in the 12 months to September 2016.
With this in mind, it’s hardly surprising that the 28th January now officially marks Data Privacy Day. Set up in 2007, it has now gone global, being observed in more than 50 countries. Its aim is to raise awareness about how personal customer data is used, stored and managed and the importance of online protection and privacy.
However, I’d argue that we’ve now moved beyond a need for raising awareness, and find ourselves at a point where customers expect practical steps to be taken to prevent cyber-crime. Indeed, research by Norton revealed 51% of customers think it’s harder to stay safe online than in the real world. With fraudsters becoming increasingly sophisticated, it’s clear the onus is on both businesses and customers to help protect their personal data. I believe there is a real opportunity for banks in particular to take a bigger role in protecting their customers’ data, but also helping customers to protect their online identity elsewhere on the internet.
If banks can adopt this protective role, it could help them to form a deeper relationship founded on trust – which could also encourage loyalty in a fiercely competitive market.
An opportunity for banks to build stronger customer relationships?
Given the amount of personal, financial information they store, it’s not surprising that banks are often the centre of attention when it comes to cybercrimes, and face a battle of retaining customer trust and loyalty. Traditionally, banks have invested a great deal of time and money in fraud and data protection and, every time a consumer carries out a transaction, technology monitors it and flags up any anomalies compared with regular behaviour patterns. This clearly makes life more challenging for fraudsters so they are instead focusing on stealing and using ‘real’ people’s details. Criminals are increasingly seeking to take control of a person’s affairs through their online passwords or by gaining access to sensitive information via people’s social media accounts.
However, with a constantly shifting fraud landscape, there is a lack of clarity around whose responsibility it is and how to protect against fraud, which leads to dangers for all concerned. For banks and businesses, it is impossible to avoid reputational damage and the potential loss of customers if they fail to adequately support their customers in cases of identity fraud. 73% of consumers would reconsider using a company if it failed to keep their data safe, according to research by Deloitte.
Equally, the current situation could be regarded as a source of opportunity for the banking community. Firstly, they can educate consumers about the risks and steps they can take to protect themselves. While some financial services institutions may question whether or not this is their job, given the amount of money they lose as a result of fraud, perhaps the question banks should be asking is whether or not they can afford not to address this issue?
Banks are generally among the most trusted brands by consumers when it comes to data security – the Symantec State of Privacy Report in 2015 revealed that banks were trusted by 66% of respondents with their data and only hospitals and medical services were more trusted at 69%. This means that a great deal of goodwill and brand value already exists for financial services institutions that they are currently failing to maximise.
By enabling people to make better security and fraud prevention choices that are backed up by relevant and knowledgeable support when things go wrong, banks can enhance their reputation with customers. By consequence, this should increase a customer’s bond and loyalty to their bank – and reduce the amount banks pay out in relation to fraudulent activity.
In fact, our recent study into customer engagement found that banks that offer ‘protecting the customer’ products have 13 per cent higher customer engagement scores compared to the average, meaning they stay longer and are more likely to recommend to others.
Empower customers to protect themselves
It’s undeniable that customers also have a responsibility when it comes to protecting their personal data. Poor privacy practices can increase the frequency and extent of the fraud threat. A study by Telesign shows that 54% of people use five passwords or less for their online activity, meaning a fraudster can take control of large portions of an individual’s affairs relatively easily.
Last year, Financial Fraud Action UK launched ‘Take Five’, a national campaign that offers advice to help people protect themselves from preventable financial fraud. The advice includes never disclosing full passwords and the warning signs to look out for in suspicious emails or texts which claim to be sent from a customer’s bank. Simple advice, yes, but sound guidance that empowers customers to be careful and wary about who they disclose their personal information to.
The ubiquitous connectivity of modern life means there is an unprecedented, ever-rising level of customer data online which both businesses and customers need to take responsibility for keeping safe. Perhaps the time has come for financial services institutions to look beyond the threat and instead see the challenge as a potential opportunity.
Karen Wheeler, is the UK Country Manager, Affinion