Online customers in the US are growing frustrated with
the lack of security provided by banks and online retailers, and no
longer trust passwords alone to secure their online transactions,
according to a survey by research company Gartner.
The findings are drawn from a survey of 5,000 adult internet
users in the US, which finished in April, and show that online
customers want providers to offer more than just passwords to
protect online accounts, and that security concerns may be
hampering the growth of e-commerce, according to Avivah Litan, a
vice-president and research director at Gartner.
Almost 60% of those surveyed said they were concerned or very
concerned about online security. Even more important for online
retailers, over 80% said they would buy more from an online
retailer who offered more than just a user name and password to
protect their accounts.
"The data shows that consumers want more than passwords," Litan
said, but added that there were limits to how far consumers were
prepared to go to secure their online activities.
When asked to choose between technologies to supplement password
protection, respondents gave high ratings to low-tech options such
as asking shoppers to provide responses to tailored questions, or
shared secret technology that displays shopper-selected images on
web pages to prove the authenticity of websites.
More complicated solutions like security software downloads or
so-called "multifactor authentication" that couple smartcards or
USB tokens with usernames and passwords were less popular.
The most popular security choice for customers of online
shopping and banking sites was to make providers legally
responsible for strict security measures.
Those surveyed said they wanted the choice of using stronger
authentication.
Litan said that the use of strong authentication to secure
online transactions, including smartcard technology and one-time
passwords, was greater among banks and online retailers in Europe
and Asia than in the US.
Gartner predicts that by the end of 2007 more than 60% of banks
in the US, but fewer than 20% worldwide, will rely on simple
passwords for retail customer authentication.
But Litan warned that that could change, especially as retailers
and banks contend with a wave of phishing attacks that lure
customers to phoney websites and steal their account and financial
information.
"We're getting more calls from banks and other providers looking
to protect their customers and give them added security," said
Litan. "They're worried that consumers are losing confidence in the
online channel."
Paul Roberts writes for IDG News Service