US customers lose confidence in online security

Online customers in the US are growing frustrated with the lack of security provided by banks and online retailers, and no longer...

Online customers in the US are growing frustrated with the lack of security provided by banks and online retailers, and no longer trust passwords alone to secure their online transactions, according to a survey by research company Gartner.

The findings are drawn from a survey of 5,000 adult internet users in the US, which finished in April, and show that online customers want providers to offer more than just passwords to protect online accounts, and that security concerns may be hampering the growth of e-commerce, according to Avivah Litan, a vice-president and research director at Gartner.

Almost 60% of those surveyed said they were concerned or very concerned about online security. Even more important for online retailers, over 80% said they would buy more from an online retailer who offered more than just a user name and password to protect their accounts.

"The data shows that consumers want more than passwords," Litan said, but added that there were limits to how far consumers were prepared to go to secure their online activities.

When asked to choose between technologies to supplement password protection, respondents gave high ratings to low-tech options such as asking shoppers to provide responses to tailored questions, or shared secret technology that displays shopper-selected images on web pages to prove the authenticity of websites.

More complicated solutions like security software downloads or so-called "multifactor authentication" that couple smartcards or USB tokens with usernames and passwords were less popular.

The most popular security choice for customers of online shopping and banking sites was to make providers legally responsible for strict security measures.

Those surveyed said they wanted the choice of using stronger authentication.

Litan said that the use of strong authentication to secure online transactions, including smartcard technology and one-time passwords, was greater among banks and online retailers in Europe and Asia than in the US.

Gartner predicts that by the end of 2007 more than 60% of banks in the US, but fewer than 20% worldwide, will rely on simple passwords for retail customer authentication.

But Litan warned that that could change, especially as retailers and banks contend with a wave of phishing attacks that lure customers to phoney websites and steal their account and financial information.

"We're getting more calls from banks and other providers looking to protect their customers and give them added security," said Litan. "They're worried that consumers are losing confidence in the online channel."

Paul Roberts writes for IDG News Service

Read more on IT risk management