American Consumers Slow to Trust But Quicker to Forgive Security Breaches

Transatlantic businesses face greater short-term pain in the US but less long term retribution in the UK following a security breach, according to data from payment security business, PCI Pal. The research into consumer trust and spending habits was conducted during the last quarter of 2018 and pointed to some very clear cultural differences between the two countries.

According to the report, 62% of Americans report that they will stop spending with a brand for several months following a hack or breach, versus 44% of Brits. While less prone to react, Brits that do so are likely to hold onto negative perceptions for much longer than American consumers. 41% of British consumers and 21% of Americans reportedly never return to a brand after a hack. The research suggests that perception alone is enough to impact revenue and reputation -- almost a third (31%) of UK consumers stated that they spend less with brands they perceive to have insecure data practices, compared to just 18% of US survey respondents.

The findings suggest that the cost implication of a security breach remains high in both the US and UK, but brands will have to work longer and harder to mitigate negative perceptions in the UK to recover from the reputational costs of an incident.

“While security breaches are not new, consumers’ attitudes towards them appear to be changing significantly. This seems particularly prominent in the UK which suggests that the focus on GDPR has had a tangible impact on how British consumers view the value of their data, and business’ role in protecting it," says James Barham, CEO at PCI Pal.

More than half (56%) of all UK respondents reportedly dislike sharing credit card details verbally over the phone - in contrast just one in four Americans share this concern. Despite the wealth of online security threats, around a third of consumers on both sides of The Atlantic prefer online payment methods - 38% of Americans and 32% of Brits would look for an online alternative rather than share payment details verbally.

According to the survey, 55% of Brits have more trust in local stores and businesses to handle their data responsibly -- 30% rationalize that local businesses care more about their reputation while a quarter (25%) see them as less of a target for would-be hackers. American respondents suggested that national businesses would be more committed to security protocols (28%) while a quarter (25%) found comfort in the belief that bigger budgets mean more investment in security practices.

Some similarities transcended cultural differences -- the retail and travel industries are seen as potentially insecure on both sides of the pond. 19% of Americans and 40% of Brits see retail as a risky business when it comes to their personal data; 16% of Americans and 35% of Brits see the travel sector as the most insecure. Generally speaking, the UK is leading a growing trend in all-around awareness and concern in the matter of data security -- a trend to which Americans are now gradually catching on, the report says.

“Awareness of data security is something that is on everyone’s radar, yet our UK and US surveys have highlighted some real differences of opinions and traits, when comparing attitudes on data and payment security between the two countries,” adds Barham. “UK consumers certainly seem more guarded with providing personal information, such as payment card details, over the phone. Similarly, if a security breach has occurred at an organization, Brits appear more likely to avoid that organization in the future, and instead go elsewhere. In my opinion, 2019 is the year that organizations need to take steps to provide far clearer assurances to consumers as to just how their data is being captured, processed and stored.”

ON DEMAND: In this webinar, Regina Lester, Vice President of Security & Safety Operations at Toledo Zoo, will share her insights on implementing security technologies in the entertainment sector and the challenges all organizations face — large and small — when it comes to balancing budget and security.