A lot of news over the past twelve to fifteen months about data security in retail.
Most of it quite unpleasant for retailers.
And not just because of the expensive, short-term damage — which can include make-good services to affected consumers, board-requested independent investigations and the cost of system upgrades — but because of the oft-hidden, long-term damages.
Data breaches invite shoppers to shop elsewhere. And data breaches damage trust in a brand — which will lead shoppers to share less and less personal data.
Witness the impact, per recent primary research studies:
- Forty-five percent of shoppers have changed where they shop as a result of a data breach.1
- Nearly thirty percent of global shoppers are deeply mistrustful of retailer notice, choice and control on personal data use.1
- Over fifty percent of digital shoppers are reluctant to share social media data with retailers.1
- In 2013, retail was the industry least trusted by consumers to protect personal data.2
Little needs to be said about the impact of customer loss — especially in an age when customer acquisition is increasingly difficult and expensive.
More needs to be said about the impact of loss of trust in a brand.
A loss of trust will lead to a reluctance to share information with a brand. Information that might be about likes and dislikes, hobbies and interests, favorite brands or perfect sizes. Information about birthdays and anniversaries. About family. Information that can lead to personalized service. Which can then lead to a greater bond between brand and shopper. Which leads to a greater lifetime value.
The oxygen of tomorrow’s retail will be information. Data breaches gradually choke that off, pressing a harsh thumb onto the windpipe of a retail brand.
Cybercrime in retail is a growing issue, and it’s not going to go away. In the second quarter of 2014 alone, over 176 million customer data records were stolen — 83 percent of them from retailers.3
Eighty percent of malicious attackers now are part of organized groups.4 In 2014, ninety-five percent of all enterprise networks were compromised to some degree.5 As the survey results above clearly show, the impact of these breaches is significant, immediate and long-lasting.
To meet this challenge and earn consumer trust, retailers must extend their efforts in data security beyond Payment Card Industry (PCI) compliance.
What will data security look like going forward?
We at Intel view enterprise architecture as serious business — a critical strategic capability that must include security at the silicon and software levels. We’re working with our partners to develop solutions that deliver a high level of security from a transaction’s start to finish. In October 2014, we introduced Intel® Data Protection Technology for Transactions, developed in collaboration with NCR*. The industry’s first solution to provide end-to-end encryption of consumer and financial data that is built into the point of sale (POS) platforms, it’s just one of the initiatives we’re working on right now.
Shoppers and retailers need solutions that help keep data out of the wrong hands.
For short- and long-term reasons.
Can your current architecture deliver? This is a focal point for us in 2015.
For more detail on our strategic vision, check back in this space in the coming weeks.
Global Director, Retail Sales
1 Merkle-Intel Primary Research: Digital Shopper Behavior, November 2014.
2 Cisco Consulting Services, 2014.
3 “375 Million Customer Data Records Compromised in 2014 – Retail Industry Hit Hardest.” SafeNet News, 30 Jul. 2014. Web. March 2015.
4 Ponemon Institute and IBM, 2014.
5 Kleiner Perkins, May 2014.
Intel and the Intel logo are trademarks of Intel Corporation in the U.S. and/or other countries.
* Other names and brands may be claimed as the property of others.