The Rippleshot Data Breach Blog

Are Retailers Doing Enough to Protect Customer Data Security?

Written by Zach Walker | Nov 7, 2014 5:39:00 PM

Claiming that retailers don't care about the security of their customers' data is not accurate, but one publication is making the case that retail organizations simply aren't doing enough to protect this sensitive information. They are too complacent, and therefore putting their customers at greater risk for fraud as they are more vulnerable to hacks and security breaches. 

Del Heppenstall, the author of a recent Retail Week article, suggests that payment data security simply isn't a high enough priority for a number of retailers. Heppenstall stresses that this is on a global scale, particularly in places like the UK where only 6 percent of the average retailer's IT budget is spent on security, according to the local government. However, it's important for organizations all over the world, particularly here in the United States, to be cognizant of this and make sure they are not lacking in their efforts to protect customer information.

Heppenstall's main point is that retailers have become so consumed with their big data strategies that they haven't stopped to consider whether they are keeping their growing volumes of information safe. It's understandable that retailers are excited about the prospects of big data, as it can provide numerous benefits in regards to marketing and improving the customer experience. However, it's important to understand that as big data grows and retailers are able to do more with their information, the importance of protecting it increases as well. Database security breaches are increasing at a rapid rate, particularly at a high-profile level, which makes protecting customer information even more crucial. 

"The retail sector has an insatiable thirst for customer data for targeting marketing and tailored services, but we should ask ourselves whether the controls around 'big data' and data warehouses are really up to scratch," he writes. "While a cyber-criminal may not be able to turn this into cash immediately, this can provide a gold mine for identity theft and downstream fraud even if the eventual target is not the retailer who leaked the information in the first place. Furthermore retailers are also diversifying their offering into the healthcare, insurance and banking space, which means they hold more of shoppers' login, payment and other details than ever before."

Fortunately, big data can go a long way towards helping keep data safe. Organizations that take a big data approach towards monitoring credit card usage and identifying anomalies can stop fraudulent activity often before it even takes place. The digitization of information allows businesses to calculate thousands upon thousands of transactions in a relatively short amount of time, provided they have the right technology in place. This can help identify suspicious activity that may end up representing the early signs of a credit card security breach. 

Many recent credit card security breaches have taken place because the retailer and banks in question didn't use their data effectively to monitor any potentially fraudulent customer activity. When big data is not being used in this manner, breaches can go undetected for a long time, meaning that when they are eventually noticed a substantial amount of damage has already been done. Working with a fraud monitoring services provider will help ensure merchants and banks are using data to help prevent potential breaches from turning into serious incidents. 

To learn more about payment security and which emerging technologies have the best chance at reducing payment fraud, download our whitepaper below.