Dotcom trading is enjoying a boom, but its future
depends on maintaining consumer trust. Lindsay Nicolle reports on
the threats to confidence in online security
Like the Wild West, the internet has been largely tamed.
But it still has more than its fair share of bandits. And today,
they not only want your money, but your identity too. Online
internet identity theft could be the next major high-tech crime
wave to hit the UK, and the backwash in falling consumer confidence
could create problems for even major retailers and
banks.
So where does that leave the long-term viability of online
retailers? Are we facing a potential internet crisis where
consumers withdraw to the point that online will always be a
secondary channel for business?
By all accounts, the weather pattern looks stormy. UK internet
users are recklessly giving away too much personal information,
inviting the rapidly rising crime of online identity theft,
according to a poll by Winmark Research. As traditional identity
theft, such as credit card fraud, becomes more difficult because of
security initiatives such as chip and Pin, criminals are looking
for new ways to conduct fraud.
Fraud-based and phishing websites are mushrooming roughly 50% month
on month, according to the Anti-Phishing Working Group, whose
members include financial institutions, online retailers and law
enforcement agencies. The latest look like legitimate, unique
online e-commerce sites. They trick both casual and corporate web
users into being victims of identity theft, using highly creative
and sophisticated techniques.
Identity theft could become the greatest threat to the future of
the online business world. If users become disillusioned about
internet security, consumers are likely to turn on the mechanism
they feel has enabled the crime, along with any unfortunate
business involved.
Crucially for online businesses, 57% of consumers already believe
that the responsibility for protecting their online identities and
personal information is chiefly the role of the companies running
the websites, according to the Winmark research. Nearly 80%, when
questioned in the street, unwittingly give away enough personal
information for a fraudster to steal their identity. A surprising
60% would also willingly provide easy clues for passwords related
to personal information such as their date of birth or family
names.
On average, consumers have created more than 20 different online
identities by providing personal information to websites, with 66%
of people using the same password to access different types of
websites - from e-mail to bank accounts. Most have little or no
awareness of the existence of phishing scams and spyware.
Understandably, there is a fear that when consumers start to fall
victim to rising online identity theft, confidence in e-commerce
will plummet, leading to a backlash against e-tailers and online
banks.
"If the criminals succeed and internet identity theft continues to
escalate out of control, the consumer will rapidly lose confidence
in e-business," says Tim Pickard, strategic marketing director EMEA
at e-security specialist RSA Security.
A survey by analyst firm Gartner reports that of 5,000 online
consumers, 30% have already had their identities stolen online,
most in the past six months. Research by Vanson Bourne reveals that
33% of online traders are aware that the loss of consumer
confidence is the most damaging aspect of the security breach.
Indeed, the need to retain customers is starting to impede the
take-up of e-business, with 30% of online companies refusing some
customers access to their websites because of concerns about system
security.
"Software suppliers must invest more in developing and delivering
less vulnerable products," says Richard Stiennon, information
security specialist at Gartner.
Clearly, this will become a valuable competitive differentiator for
IT suppliers and online traders in the future. In the Gartner
survey, 80% of consumers say they would have the confidence to buy
more online if their accounts were protected by more than just a
user name and password.
The lesson here is the need to protect against external threats to
online systems, but what about weaknesses in internal controls?
Eighty per cent of corporate frauds involve an insider, according
to a survey by Nottingham Business School.
Online financial firms and e-tailers are understandably reluctant
to go on record blaming their staff for security breaches, and
instead talk up the role of cash machine pranksters and cloners in
restaurants. However, Vanson Bourne research reveals that IT
managers see the internal security threat to data as their biggest
concern.
"We have seen an increase in security issues involving internal
staff among our banking customers," says Paul Vlissidis, head of
penetration testing at IT consultancy NCC Group. "Some banks'
internal networks are weak. We can compromise more than 80% of
networks we test. We are experts but quite often the way we do it
is low-hanging fruit in security terms. But things are changing.
Many of our banking projects are specifically designed to beef up
internal security to recognised British and international security
standards, so I think we will see a reduction in public banking
data security breaches in the future."
But will this be enough to secure consumer confidence in
e-commerce? UK retail industry organisation Interactive Media in
Retail Group is predicting that internet shopping will grow
five-fold by 2010, representing 33% of UK consumer spending.
Meanwhile, the number of companies offering online banking services
is growing rapidly. IBM predicts that the number of supermarket
banking customers will grow from 5.8 million today to 14.4 million
in five years' time.
E-commerce is set for a rollercoaster ride in the coming months and
years as electronic protection plays catch-up with the online
identity thieves. In the end, consumers have the final say on the
future of e-traders, no matter what their size, and no one can yet
predict the winners.
Christmas boost for the e-tailers
The Interactive Media in Retail Group estimates that more than
£3bn was spent online by UK shoppers in the run up to Christmas - a
64% increase on the previous year. Forrester Research says UK sales
led the way in Western Europe, topping 33% of all online spending
over the festive period.
The internet's biggest retailer, Amazon, recorded its largest
number of shipments to date - more than 400,000 items on its
busiest day. The UK's largest internet retailer, Tesco.com,
experienced record sales with 750,000 shoppers visiting the site
during December, placing more than 600,000 grocery orders.
Supermarket Sainsbury's reports that by increasing the
reliability of its network and order management systems over the
peak Christmas period by more than 90%, it added the equivalent of
"tens of millions of pounds" in extra sales at one of its busiest
times of year.
Meanwhile, at the other end of the business scale, small to
medium-sized enterprises have also seen an upturn in online sales.
SMEs reported an average 60% increase in web sales during November
and December 2004, compared with 30% in the same period in 2003. A
Christmas poll by e-commerce specialist Actinic Software surveyed
companies ranging from start-ups created in 2004 taking a handful
of orders, to mature e-commerce sites processing several thousand.
The average number of orders over the period was 1,570.
The Actinic research reveals that in recent weeks some online
retailers have been almost overwhelmed by an increase in orders.
Chris Burslem of Online Paper says, "At one point during November
we nearly switched the web catalogue off so we could catch up with
the sheer volume of orders coming at us, not only from the UK, but
from all over the world."
Sites also reported an average 80% increase in online turnover,
indicating that the average order value has risen, as well as the
average number of orders. Some, including Mega City Comics, noted a
corresponding decline in offline sales. Julian McIntosh of
outdoor gear supplier Safariquip says, "Web sales are expected to
overtake over-the-counter sales early in 2005. The rate of web
growth is making us consider e-commerce as a safer and less costly
alternative to bricks and mortar growth into new branches."
Actinic chief executive Chris Barling says, "We may be seeing
the first signs that the internet is affecting not just high street
sales, but also the inclination of retailers to expand their
real-world outlets. Each year adds to the feeling that the original
dotcom boom hype wasn't so much wrong as too early."
Rise of the digital mafia >>