Retail Breaches Alter Customer Attitudes And Behavior

By Christine Kern, contributing writer

Studies show changes in way customers shop and pay

Two separate studies have concluded that customers are thinking differently about their shopping and payment methods in the wake of recent retail breaches. In an effort to retake control of their information, consumers have started shopping – and paying – differently.

Despite the implementation of data security breach notification laws and regulations, data breach-fueled identity fraud is on the rise.  In 2013, nearly 1 in 3 data breach victims suffered identity fraud, compared to 1 in 9 in 2010.  The increased media coverage of recent high profile data breaches has also served to reinforce the connections between data breaches and fraud in the minds of consumers, leading ultimately to changes in customer behavior.

The first study, National Consumer League's Data Insecurity Report, found that consumers are increasingly blaming retailers for the compromise of their credit card data and are responding by changing the stores they patronize. Interestingly, fraud victims tend not to discriminate between businesses and financial institutions when assigning blame for a data breach and in reaction to a breach, victims will specifically avoid doing business with the organization they blame for the attack.

The study also found that victims believe that the government plays a significant role in addressing data breaches and they expect the federal government to police the data security standards of all businesses, while at the same time expressing that these standards are currently insufficient to prevent breaches.

The second study, Security Matters: Americans on EMV Chip Cards, indicates that nearly two thirds of Americans are more likely to pay in cash after hearing about security breaches at large retailers, with younger respondents being much more likely to play in cash than their older counterparts.  The study found that the most common concern about the tap and pay features in EMV Chip cards is whether it increases the risk of theft.  Six in ten Americans expressed this as a concern, while 37 percent feared not being charged correctly, and 30 percent worried that payments either won’t go through or expressed uncertainty about the ease of use. 

The NCL study, which was conducted by Javelin Strategy & Research on behalf of the consumer group, indicates that about one in three consumers who receive notice of a data breach subsequently become the victims of fraud. In a survey of victims in major U.S. metropolitan areas, 61 percent of fraud victims said they are "certain" that breaches of their data at retail sites were the source of the fraud. About a third pointed to large retail merchants directly.

Nearly 60 percent of fraud victims said their trust in retailers has significantly decreased after their data was compromised. Fourteen percent said they avoid certain merchants because of the potential for fraud. Only 10 percent of consumers said they believe retailers can keep their data safe.

Despite the blame placed upon retailers, confidence in financial institutions remains higher, according to both surveys. Twenty-eight percent of fraud victims in the NCL study said they lost confidence in their financial institutions following their experiences. The second study, which was conducted by research firm Vision Critical on behalf of payment technology vendor NXP Semiconductors, found that more than 70 percent of Americans are confident in the security of their debit/credit cards, even after the news of major retail breaches.

However, many Americans are changing their payment strategies, the NXP study says. Some 64 percent of respondents say they are more likely to pay in cash after hearing about security breaches at large retailers, the survey says.