SecureData, a member of the JSE-listed ERP.com Group and the distributor for RSA Security products in Sub-Saharan Africa, today announced that an annual study released today by RSA Security showed continuing reluctance by consumers to conduct personal business online because of security concerns, with nearly one-fourth reducing their online shopping and one-fifth refusing to work with their financial institutions over the Internet.
More than half of all respondents believe that widely-used user ID/password protection schemes are not enough for the protection of online information.
"Clearly there's a lot of work to be done if businesses want to build more online trust with consumers. While awareness of threats remains high, consumer confidence in dealing with those threats is low," commented John Worrall, vice-president of worldwide marketing at RSA Security.
"The message here is simple: if organisations want their customers to do business with them online, they need to implement stronger forms of information security. In the battle to win over the confidence of online customers, it's obvious that traditional passwords are the main enemy."
The third annual study, commissioned by RSA Security and conducted by Opinion Research Corporation, was initiated to explore consumers' current attitudes, perceptions and security practices and how these have changed over the last two years. More than 1 000 consumers were asked a variety of questions relating to awareness of security issues, feelings of safety, and use of available safeguards against identity theft and computer attacks.
"When asked the question 'How informed are you about identity theft issues now when compared to a year ago?' 61% of respondents considered themselves 'more informed'. However, only 18% of adults feel safer, and 23% feel more vulnerable than they did in 2004. In addition, 25% of respondents have reduced their online purchases in the past year, and 21% refuse to conduct business with their financial institutions online. Another 43% refuse to give out personal information to online merchants.
"In order to move from awareness to confidence, consumers need to see evidence that business is taking action to protect personal information," added Worrall. "The study also asked for opinions relating to traditional user ID/password security schemes, with more than half of all respondents (53%) believing these do not provide enough protection for online information. According to the survey, poor management of PINs and passwords for access to online services, desktop computer systems, ATMs and other electronic accounts is a major vulnerability. Two in three respondents (65%) use fewer than five passwords for all electronic information access, and 15% use a single password for everything. These numbers are identical to the 2004 figures.
"The majority of consumers are aware of the problems associated with passwords, but until they are presented with a reliable, easy-to-use alternative, they're going to continue to exhibit poor password management practices," continued Worrall.
Internet service providers and financial institutions are beginning to offer users the option of stronger forms of authentication. In late 2004, for example, America Online launched a premium service in conjunction with RSA Security, called AOL Passcode, providing members with the option of a second level of protection beyond passwords.
"We've seen the beginnings of a trend toward the widespread replacement of passwords with better authentication methods," concluded Worrall, "and its continuation will help bridge the gap between consumer awareness of identity theft and actual protection against it."
Other findings in the study:
* Consumers continue to express concerns over sharing personal information with online merchants. The 2004 survey showed 44% were unwilling to do so, compared to 43% this year.
* Consumers believe the primary responsibility for identity theft protection lies with both individuals and their financial institutions. When asked the question 'Which of the following are very responsible for protecting you against identity theft', 61% listed themselves and 52% listed banks/financial institutions (more than one response was permitted).
* Nearly 70% of the respondents do not feel that companies they do business with online are doing enough to protect personal information.
Survey methodology
The 11-question survey on consumer attitudes, perceptions and security practices was conducted nationwide, by telephone, with 1 022 adults from 3 to 6 February 2005 by Opinion Research Corporation. The margin of error is plus or minus 3% for results based on the entire sample.
For further information, please contact Andrew Ochse at telephone (011) 257 8600; fax (011) 257 8699; e-mail andrewo@securedata.co.za.
Share
With more than 13 000 customers around the globe, RSA Security provides interoperable solutions for establishing online identities, access rights and privileges for people, applications and devices.
Built to work seamlessly and transparently in complex environments, the company's comprehensive portfolio of identity and access management solutions -- including authentication, Web access management and developer solutions -- is designed to allow customers to confidently exploit new technologies for competitive advantage. RSA Security's strong reputation is built on its history of ingenuity and leadership, proven technologies and long-standing relationships with more than 1 000 technology partners. For more information, please visit www.rsasecurity.com.
SecureData
SecureData, an ERP.com company, is Africa's premier IT security solution provider. SecureData's solutions incorporate anti-virus and content security, network security, intrusion prevention software and network asset management. SecureData's comprehensive "Managed Security Services" include design, audit, implementation, vulnerability assessment, outsourcing and hosting. SecureData distributes, sells and supports category leading IT security products to the public, corporate and SME sectors throughout Africa as well as products and services to the SOHO and consumer markets through partnerships with ISPs.
As well as being the sole distributor in Sub-Saharan Africa for Trend Micro, SecureData is the southern African distributor for US-based BorderWare, SA-based Cell-ID, UK-based Centennial and US-based Network Privacy. For more information, visit SecureData at www.securedata.co.za.
ERP.com
ERP.com is a JSE-listed company focused on the implementation, integration and management of enterprise applications in an e-business environment. For more information, visit ERP.com at www.erpcom.co.za.
Editorial contacts