Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Operations //

Identity & Access Management

5/13/2019
01:30 PM
Connect Directly
Twitter
RSS
E-Mail
50%
50%

78% of Consumers Say Online Companies Must Protect Their Info

Yet 68% agree they also must do more to protect their own information.

More than three-quarters of US consumers strongly agree that companies need to protect their information, a 16% increase over last year, according to a comprehensive study of online consumer behavior.

The research, conducted by IDology, also shows 71% of Americans say their decision to choose a financial institution would be positively affected if it uses better, more advanced identity verification methods. That's a dramatic 27% increase over last year, when only 56% of Americans reported the same.

The "Second Annual Consumer Digital Identity Study" is based on 1,499 responses collected by an online survey from Jan. 29 to Feb. 11. Survey respondents are representative of the 225 million people who make up the US online population of 18 years old and older.

Christina Luttrell, IDology's senior vice president of operations, adds that while consumers say companies need to protect their information, 68% strongly agree it's also their own responsibility to protect their own personal information.

Many consumer are taking action to protect themselves, she points out. Of those who were notified their data had been breached, 60% say they changed their account passwords, 38% had their card reissued, and 32% turned on two-factor authentication.

Consumers also expect more online, with 37% saying they have abandoned signing up for a new online account (via computer or mobile phone) because the process was too difficult or took too long. This was especially true among Gen Z respondents (51%) between the ages of 18 and 24.

"The younger folks want it fast, and they want it now," Luttrell says. "And they don't want to jump through hoops."

Interestingly, asked whether they would use some of the new tools to sign into an online account, the majority (58%) of consumers say they prefer to enter their information manually, according to the report. However, 42% say they would auto-fill the information with a password manager, and 34% would be willing to snap a picture of an identity document, such as a driver's license. Another 24% say they would be fine with a third-party pulling the added information from their mobile carriers, and 23% are OK with pulling identity information from their social media profiles.

Frank Dickson, a research vice president at IDC who focuses on identity management, adds that that old trade-off between security and ease of use has to change.

"The security industry has to make their products easy and secure," Dickson says. "Companies have to invest, and it certainly takes extra work on the part of the provider. It's a challenge, but it's the responsibility of the provider to put in the extra effort and do it right."

Related Content:

 

 

 

Join Dark Reading LIVE for two cybersecurity summits at Interop 2019. Learn from the industry's most knowledgeable IT security experts. Check out the Interop agenda here.

Steve Zurier has more than 30 years of journalism and publishing experience, most of the last 24 of which were spent covering networking and security technology. Steve is based in Columbia, Md. View Full Bio

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
REISEN1955
50%
50%
REISEN1955,
User Rank: Ninja
5/13/2019 | 3:15:23 PM
Personal rules - helpful
DO NOT enter your SSN in any fashion.   Keep a credit card with a low low limit for internet ONLY purchases, say $500 --- that way a thief cannot buy a Porsche.   Monitor credit reports and accounts daily if possible.  Advise bank of out of country trips ALWAYS.  Take one, just one, credit card on a trip.  Realize that any personal data you enter into a website WILL be available at some point in time.  Take the safe side approach.  Be careful what you fingers type into a keyboard.  
Sodinokibi Ransomware: Where Attackers' Money Goes
Kelly Sheridan, Staff Editor, Dark Reading,  10/15/2019
Data Privacy Protections for the Most Vulnerable -- Children
Dimitri Sirota, Founder & CEO of BigID,  10/17/2019
State of SMB Insecurity by the Numbers
Ericka Chickowski, Contributing Writer,  10/17/2019
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
7 Threats & Disruptive Forces Changing the Face of Cybersecurity
This Dark Reading Tech Digest gives an in-depth look at the biggest emerging threats and disruptive forces that are changing the face of cybersecurity today.
Flash Poll
New Best Practices for Secure App Development
New Best Practices for Secure App Development
The transition from DevOps to SecDevOps is combining with the move toward cloud computing to create new challenges - and new opportunities - for the information security team. Download this report, to learn about the new best practices for secure application development.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2019-16404
PUBLISHED: 2019-10-21
Authenticated SQL Injection in interface/forms/eye_mag/js/eye_base.php in OpenEMR through 5.0.2 allows a user to extract arbitrary data from the openemr database via a non-parameterized INSERT INTO statement, as demonstrated by the providerID parameter.
CVE-2019-17400
PUBLISHED: 2019-10-21
The unoconv package before 0.9 mishandles untrusted pathnames, leading to SSRF and local file inclusion.
CVE-2019-17498
PUBLISHED: 2019-10-21
In libssh2 v1.9.0 and earlier versions, the SSH_MSG_DISCONNECT logic in packet.c has an integer overflow in a bounds check, enabling an attacker to specify an arbitrary (out-of-bounds) offset for a subsequent memory read. A crafted SSH server may be able to disclose sensitive information or cause a ...
CVE-2019-16969
PUBLISHED: 2019-10-21
In FusionPBX up to 4.5.7, the file app\fifo_list\fifo_interactive.php uses an unsanitized "c" variable coming from the URL, which is reflected in HTML, leading to XSS.
CVE-2019-16974
PUBLISHED: 2019-10-21
In FusionPBX up to 4.5.7, the file app\contacts\contact_times.php uses an unsanitized "id" variable coming from the URL, which is reflected in HTML, leading to XSS.