The recent massive data breaches have changed consumers’ shopping habits, and if they don’t feel like a retailer is protecting their personal information, they’ll take their business elsewhere.
A new report from Javelin Strategy & Research (LINK), commissioned by data management solution provider Identity Finder finds that across industries, consumers are leaving businesses that do not safeguard their data.
One-third of consumers reported they will shop somewhere else if their retailer of choice is breached (33%), and 30% say they will find new health-care providers if their hospital or doctor’s office are breached. Finally, 24% of consumers say they will switch bank and credit card providers following breach.
Todd Feinman, CEO at Identity Finder, says the biggest takeaway is that information security trumps loyalty.
“This is spread across industries,” he says. “It’s capitalism at its finest. They are saying, ‘we aren’t afraid to not do business with you.’”
Losing customers is never good for retailers, especially in the current economic climate, but the report also finds the cost of protecting consumer data is on the rise. Javelin suggests that businesses create their own internal sensitive data management systems to avoid costly breaches.
Target (TGT), which suffered a breach that hit 70 million consumers in November and December 2013, spent $61 million in expenses to investigate the breach, offer credit monitoring services and increase call center staffing and to hire legal services. This is all in addition to seeing its stock prices fall 3% since the breach, the report finds.
The discount retailer announced this week its plans to use MasterCard’s (MA) chip-and-pin technology in its store-based REDcard portfolio. The merchant will also install new payment terminals allowing payments from chip-enabled cards to be accepted across its 1,797 U.S. stores.
The move is encouraging, says Al Pascual, senior analyst of security, risk and fraud at Javelin Strategy & Research, as EMV, or chip-based cards have been on the shelf for a while in U.S. retailers.
“They are much closer to a solution,” Pascual says. “But that doesn’t necessarily mean better data security. It’s indicative of the impact of data breaches in the long term."
Feinman is more skeptical, and says consumers should be reminded that the move could be a marketing tactic to have them sign up for another store-based credit card.
“I would like to hear more about what they are doing to protect other personal information that is not protected by the REDcard smart chip,” he says. “It’s a good incentive for people to get onto their financing program.”
Javelin reports that 54% of health-care providers are offering victims protection compared to 40% of financial and banking institutions and 30% of retailers.
But Pascual maintains that overall, companies are realizing they need to shape up.
“We are seeing this, not just in a single organization, but across industries. There are working groups, merchants and more sharing data findings to improve security,” he says. “This was an important issue before, for select people. Now it’s in the board room in the C suite and people are more willing to partner with others.”