With reports of cybersecurity mishaps surfacing periodically, the retail industry has only a so-so reputation for protecting consumer data. In fact, data breaches have just become a part of doing business.
In a 2018 study by security provider Thales, it was reported that 75% of all US retailers have ever experienced a data breach, and rates were increasing—from 19% in 2017 to 50% this year.
The ubiquity of retail data breaches affects shopping behavior. According to Janrain's latest "Brand Trust Survey," 48% of US internet users try to buy exclusively from companies they believe will protect their personal data.
None had full trust in any industry; 6.7% of US internet users trusted brick-and-mortar retailers the least to protect personal data, while 4.4% trusted online retailers least.
Compared to internet companies, restaurants or hotels, those figures seem relatively positive, though respondents could choose only one industry. Even though consumers trust a Home Depot or Zappos more than Facebook, they still question the safety of their personal data gathered by retailers.
US internet users also didn't have much faith that brands were looking out for them in an October 2018 survey by Shred-it about fraud awareness; 43.2% thought their personal information could be vulnerable to a security breach.
Here, the retail industry didn't fare as well as in the Janrain survey. Buying online was the activity US internet users thought would leave them most vulnerable to fraud or identity theft (39.3%). Leaving a paper trail through in-person purchases was considered riskier (26.9%) than online banking (18.9%) and traveling (8.3%).
Countering consumer skepticism is a balancing act for retailers. The drive to reduce friction and streamline the checkout process can be at odds with tightened security measures.
But it is not as if data security isn't a major priority. According to Thales, 84% of respondents in retail organizations were increasing their IT security spending in 2018, and it was the biggest topic US retail marketers were actively discussing, according to a Nanigans survey.
Data privacy and security even ranked higher (58%) than buzzy subjects like artificial intelligence (AI) and machine learning (53%) or regulation and compliance issues like GDPR (47%).