Many Australian retailers and small business owners are scratching their heads wondering why consumer confidence in Australia is so low. They are experiencing ‘recession-like’ conditions and the injection of cash in the form of tax cuts and interest rate cuts into the hip pocket of tax-payers and home-owners hasn’t seemed to have made much difference.

Questions related to subdued consumer sentiment are: is this related to low wage growth? Or soaring house prices plus the record household debt? Or the rising cost of essential living expenses like utilities and food? Perhaps it is something less obvious – Australians don’t trust businesses like they once did.

While brand reputation (or a lack of) affects Australians’ newly tightened purse strings, new collaborative research conducted by payment security specialist, PCI Pal, and cloud telephony platform provider, Natterbox, has revealed another possible explanation for Aussie cautiousness: lack of trust in data security.

The research found that the way companies safeguard their customers’ personal data plays a crucial role when it comes to Australian consumers’ trust, and also how much they are willing to spend with that particular brand. In fact, three out of four Australians consumers (74 per cent) claim their confidence in a brand’s data security impacts their purchasing decisions.

With the rising possibility of high-profile security breaches, data security is at the top-of-mind for Australians when they reach for their wallet. The growing threat of credit card fraud, scammer activity and security breaches has unnerved many consumers. According to KPMG’s 2019 Global Banking Survey, financial scams and bank fraud are increasing in Australia, with almost half a billion dollars lost to scammers in 2018. Phone and text scams are also on the rise, surging from 15,400 in 2015 to 21,600 reports in 2017.

Now, even the faintest prospect of a scam gives consumers pause when they hand over their payment and personal data. The PCI Pal/Natterbox research shows that more than 30 per cent consumers have been a victim of a security breach or hack – the statistics are even greater (40 per cent) for baby boomers and high-income earners.

If a brand has experienced a security breach, it can have severe and immediate consequences for their sales revenue. Many Australian consumers surveyed stated they would be unwilling to forgive a company that compromises their personal data – 43 per cent said they would never return to a brand post-breach, and a further 43 per cent reported they would suspend purchasing in the aftermath of a breach. Over half of consumers surveyed trusted large national companies over small local businesses, based largely on the belief that larger organisations invest more in data security. Worryingly, the retail sector was the least trusted industry for protecting the customer’s personal data security while the small business sector in Australia is also in the low-trust category.

What can businesses do to win consumer trust?

Consumer confidence has been eroded by common phone data breaches yet front and foremost, phone calls are fundamental when consumers want human connection. This means businesses must intensify their efforts to reassure consumers of their data security over the phone as it plays a crucial role in shaping customers’ perception of a brand.

The PCI Pal and Natterbox research found over-the-phone credit card payments (Cardholder Not Present) is something many feel uneasy about – around half (49 per cent) of respondents are not comfortable giving their credit card details over the phone while 56 per cent would opt for an alternative payment method. One-third of young consumers (aged 18 – 24 years old) claimed to ‘absolutely refuse’ to share their payment information over the phone. To accommodate for this, businesses should allow customers to connect directly and seamlessly to the card payment network to make payments while on call.

How to prevent customer information being exposed

Make Security a Priority

Any consumer-facing business should be prepared for the increasing likelihood of an attempted hack. A critical first step is to remove agent access to payment card information with PCI DSS Compliance technology. Businesses must stay one step ahead of the hackers to protect themselves and their customers.

PCI DSS Compliance

PCI DSS stands for Payment Card Industry Data Security Standard, which sets the requirements for organisations and sellers to safely and securely accept, store, process, and transmit cardholder data during credit card transaction to prevent fraud and data breaches.

Contrary to popular belief, pausing call recording during a Cardholder Not Present (CNP) transaction is not PCI DSS compliant. Technology by PCI Pal, instead, intercept any tones when keys are entered by the customer on their telephone keypad and prevents the agent from hearing or seeing sensitive card data such as the PAN and the CSV. Instead, all they will see are asterisks on the screen while the customer and the agent can maintain a dialogue throughout the entire process.

More security is needed

Australians are clearly concerned about their data being held by companies. Therefore, adding extra layers of protection when handling sensitive customer data is mandatory. At a time when Australian retailers are experiencing challenging times, businesses must take data security seriously to build consumer confidence and brand preference.

Charles Heunemann is managing director and vice president – Asia Pacific of Natterbox Limited Australia.