In the Internet age, privacy and convenience always seem to be at odds with each other. According to a recent poll by the privacy research group Ponemon Institute, it looks like web users are beginning to realize that.
About 68 percent of users questioned said they don’t mind if a computer authenticates their identities when making a purchase — as long as their personal information is not collected. The survey of 551 users was paid for by security firm Threat Metrix.
Companies such as ThreatMetrix can authenticate the identity of a user by looking at incoming data such as the machine’s unique hardware signature or its Internet address. Other companies also rely on less sophisticated authentication techniques such as “cookies,” or small programs that collect browser data, to verify someone’s identity.
Larry Ponemon, chairman and founder of the Ponemon Institute, said he was surprised that consumers felt comfortable with techniques that authenticate their identity, but he said it makes sense given that consumers value convenience and want to have a secure, trusted transaction experience online.
“We know that consumers feel there is an advantage to doing business online, like better choice or prices,” Ponemon said. “This data suggests you need to be open with the consumer.”
The results favor companies like Threat Metrix, which as mentioned paid for the report. But the poll is useful in that it points out that online merchants have to behave in a certain way in order to gain greater trust consumers.
By giving up some machine-specific data, users surrender some privacy. But they also can protect themselves from fraud and purchase things online without going through time-consuming hassles. About 80 percent of users are concerned about becoming victims of online fraud, and 83 percent believe that online vendors should increase their efforts to stop fraudsters from stealing consumers’ personal data.
About 75 percent of those surveyed said they believe computer authentication is preferred because it’s more convenient that remembering passwords or answering pre-selected personal questions. About 33 percent of respondents said they are worried their personal information would be disclosed to other online businesses and services. Some 12 percent said they were concerned merchants themselves would misuse or abuse the device authentication data.
Of those who are concerned about computer authentication services, about 55 percent said they would rather use passwords to prove their identities. About 61 percent of the total group said they’d expect to be notified if an online merchant was unable to match their computer’s device fingerprint to a security system, and 83 percent said they’d expect the online merchant to provide alternative methods of verification if the device authentication didn’t work.
Among the U.S. residents who were polled in August, about 43 percent said they have been victims of online fraud and 30 percent said they had faced financial losses or credit card billing fraud as a result.