Consumers Willing to Accept Promotional Offers from Retailers in Return for Passwords

November 28, 2016

Bracknell, UK Centrify, the leader in securing enterprise identities against cyberthreats, today released findings from its 2016 Online Shopping survey that examined consumer online shopping habits and attitudes towards security, including whether consumers change their passwords for different retailers and whether their security practices are influenced by promotional offers and special deals.

The online study, commissioned by Centrify, finds that over 70 per cent of surveyed respondents will spend somewhere between £50-£1000 online shopping this Christmas. As online shopping becomes the norm, the convenience and popularity of the process means consumers must be increasingly aware of the risks, and ensure the experience remains safe and secure.

The survey reveals that security remains top of mind as over 70 per cent of consumers noted they always think about their security/privacy when shopping online. Unfortunately, despite the changing attitudes towards security, some consumers are still making basic security faux pas online.

Password hygiene is also a continuing problem when shopping online. Nearly 14 per cent admitted that they share passwords with friends and family so they can login to their accounts, whilst over 50 per cent said they save them to the retailer’s websites so as not to forget them. Over half also said that they only sometimes use different passwords for different retailer’s websites.

Most concerning is that one in eight said they would accept discounts and special offers from retailers in exchange for their passwords, highlighting the risks consumers are willing to take in order to save money online.

83 per cent would sometimes, or never, check the security and privacy terms and conditions of the retailer, leaving them wide open to hacking and data theft if shopping with an unknown or untrusted retailer. On top of this, more than a fifth would still not ensure there is a secure padlock icon in the browser before making their purchases, and 27 per cent said they would only do this on some occasions.

With Black Friday around the corner and the Christmas shopping season well under way for most, frugal shoppers need to consider their online safety before making any purchases. Barry Scott, CTO EMEA, Centrify, said: “Consumers can’t afford to put their personal information at risk for the sake of saving a few pounds on their Christmas shopping! They need to protect themselves and their personal information to avoid giving the best gift cyber-criminals could ask for, their money and identity!”

Below are our top ten tips for consumers when shopping online:

  • Always shop with reputable sellers, and be cautious when entering URLs. A misspelled domain, or non-‘https’ site could land you on a false site designed to steal your information.
  • Ensure you read the site’s privacy policy to understand how and where your personal information is being used. Lack of an easily visible privacy policy should be a red flag to using that site.
  • Be suspicious of links in unsolicited emails – always type the link directly into your browser, do not click on them within the email. Hovering over the links should highlight if the link is unsafe, as you would notice the link underneath may be different to the text.
  • Deals that appear too good to be true often are, so treat them with even more caution.
  • If an online retailer requests extra personal information, such as a password for your email or bank account as part of the shopping process, do not enter them.
  • Secure mobile phones if you plan to use them for shopping by enabling security features such as passwords and encryption.
  • Always use different, long, and complex passwords (or passphrases) for each site. If you don’t, and a hacker steals your password for one account they will have free rein over the others! This would have devastating consequences on sites that have your personal and credit card information.
  • Enable multi-factor authentication where This involves combining two or more different ‘factors’ for extra security when logging in – such as something an individual has (like an ATM card or smart card), something a user is (such as a biometric characteristic like a fingerprint or retina scan) or something the user knows, like a password.
  • Passwords are not meant to be shared. Never give out your passwords online, on the phone or even to friends or family!
  • Do not store passwords. Many browsers, programs, or web applications will offer to store your password for you so you only have to enter the password once and never again. While seemingly a convenient option, it is a bad idea to store passwords associated with personal or financial accounts. This is especially true if you use public or shared computers.

About Centrify

Centrify is the leader in securing enterprise identities against cyberthreats that target today’s hybrid IT environment of cloud, mobile and on-premises. The Centrify Identity Platform protects against the leading point of attack used in data breaches ― compromised credentials — by securing an enterprise’s internal and external users as well as its privileged accounts. Centrify delivers stronger security, continuous compliance and enhanced user productivity through single sign-on, multi-factor authentication, mobile and Mac management, privileged access security and session monitoring. Centrify is trusted by over 5000 customers, including more than half of the Fortune 50.  

Centrify is a registered trademark and Centrify Server Suite, Centrify Privilege Service and Centrify Identity Service are trademarks of Centrify Corporation in the United States and other countries.  All other trademarks are the property of their respective owners.

English