An Ironic Shift in Shopper Sentiment


Continue Reading Below

If you are over the age of 30 you will recall the early days of etailing:  clicking through slow websites with less-than-optimal search features and time-consuming checkout pages. Ah, the check-out screen. Remember the trepidation you felt entering your credit card information?  What if your computer were hacked? Or an I.D. thief intercepted your transmission?  Your cousin was a victim!  She related in great detail the pain and havoc that could inflict. Much safer to use your credit card to shop at a “real” store.

Fast forward to today.

The Big Switch

In a national poll sponsored by, an online portal that offers coupons and cash-back when you make purchases at etail websites,  42% of adults (age 18+) said their number one worry this holiday season is “Being the victim of credit card fraud, identity theft or a store data breach.“  Tying for second place at a distant 27% were “Dealing with crowds or long lines” and “Being able to stick to a budget.”

What’s more, many Americans think it is riskier to make a credit card transaction at a brick-and-mortar retailer than via the internet, a smartphone or a tablet. CEO Jon Lal says online shopping has been safer than what you experience in-store “for many, many years. But people are just realizing this.” The systems retailers use at the brick-and-mortar  level vary in terms of sophistication, ranging from 1990s technology still in use at many mom & pop stores to the latest encryption and verification software used by large, national chains.

In fact, you can experience a different level of security at the same store. For instance, say you want to order a pie from the pizzeria down the street. If you phone in your order, when you pick it up the clerk might pass your credit card through the store’s low-tech “swipe machine.” In that case, says Lal, having your credit card information stolen “could be as simple as a dishonest employee” who jots down your account number and expiration date.

Ironically , if you made the same purchase through the pizzeria’s online website, the processing would be handled by a third party and is subject to the significantly higher security standards set by the credit card industry.

The Generational Divide

Interestingly, there’s a big difference in attitude between Millennials- those who reached adulthood around the year 2000- and, well, everyone older. (Sorry, Gen-Xers.)   Non-Millennials are more worried about having their credit card information stolen or misused and believe there is a greater risk of this happening today compared to a year ago. In Lal’s view, this “has a lot to do with their attitude about technology” in general.  Millennials- at least so far- seem to be more comfortable with it.

As he points out, “a lot of Millennials don’t know a world pre-Ipod, pre-Internet or pre-texting. For that generation there is not a natural mystery to technology as it is for people who did not grow up with it. Older people learned along the way.”

It might also have something to do with the fact nearly one-in-five Americans report having their credit card or personal information stolen and that non-Millennials are more likely to have been victims compared to Millennials (20% vs. 14%).

Still Too Complacent

Despite professed concern about being the victim of credit card or identity fraud across all age groups, many of us do too little -or nothing!-  to protect ourselves. According to Lal, “Even though people are worried about credit card fraud they don’t take the most basic measures,” such as updating their passwords on a regular basis (every six months) or checking to see that the purchase they are making is from a website with a “padlock” symbol, indicating it is secure. “You have two methods to verify your ID- email password or phone number.“ If an identity thief gets his hands on either one, it’s a key that opens many other doors.

For example, say you want to find out the balance in your checking account. If you do this via the internet  you will be asked for your password and probably have to correctly answer other “challenge” questions designed to positively identify you.  If you send a text to your bank, you will receive one back that includes a one-time-use passcode that allows you to access your account. But that code will only be sent to your specific phone number.

This approach “started with the financial services industry and has spread to other businesses, such as Facebook (NASDAQ:FB), Gmail, and so forth,” says Lal. For example, say you are a member and  want to use the cashback balance you’ve accumulated,  “BeFrugal sends you a text requesting your passcode.”

In terms of security awareness, there is also a generation gap: Millennials are more likely to not keep their anti-virus software updated.  But older Americans neglect the use of text verification when this is available and also tend to not lock their smart phones.

According to the non-profit  Identity Theft Resource Center (ITRC), through mid- November of this year, identity thieves have broken into 669 systems, ranging from a dry cleaner to Boston University to the State of GA to Children’s Medical Clinics of East Texas to brokerage firms  Scottrade,  Schwab, and ETrade.  Nearly 182-million individual accounts were exposed with two of the largest being T-MobileExperian (15,000,000) and Blue Cross Blue Shield (10,000,000).

I.D. theft and credit card fraud are a part of modern society. Instead of worrying about being a victim, take the necessary steps to protect yourself this holiday and year-round.

*John Lal's name spelled incorrectly in the first publication.