Retailers are continuing to grapple with a surge in cyber criminals using stolen usernames and passwords to gain access to user accounts. With credential stuffing attacks accounting for nearly 27 per cent of retail data breaches, retailers have been left with basic protection such as password hygiene to tackle the problem.
Looking more closely at the problem, these incidents often stem from broader digital security and data privacy issues. The passing of the Digital ID Bill in the Australian Senate is a crucial step towards securing and responsibly managing personal identity information. This legislation not only enhances security protocols but also lays the groundwork for innovative solutions to fight fraud effectively.
In the future, as businesses and government agencies collaborate under the Digital ID framework, retailers will finally have access to new solutions to authenticate customers securely. This will not only enhance customer trust and satisfaction but will reduce identity-related fraud and as a result, build greater confidence in digital transactions.
The real impact of identity theft on retail consumers
Criminals with stolen identity credentials can create fraudulent accounts, conduct high-value transactions, register for services and even apply for credit. The result of these attacks leads to financial losses and damage to credit scores and, potentially, prolonged legal battles for retail consumers whose identities have been compromised.
It’s a significant issue. A recent report from IDMatch, a joint Federal, State and Territory government initiative, revealed 1 in 4 Australians have been a victim of identity crimes at some point in their lives – with an estimated annual cost of at least $3.1b to individual victims, businesses and government agencies. The report also highlighted identity-related crimes as a key enabler of serious and organised crime.
Wearing the cost of identity fraud
The repercussions of identity theft also extend far beyond financial losses, creating legal challenges for retailers navigating complex data protection laws and consumer rights. More data means heightened risks and costs, necessitating robust storage, security, and management measures. Mishandling data not only breaches trust but also invites legal repercussions and reputational harm.
With identity theft becoming increasingly prevalent (a staggering 62 percent of Australians see the protection of their personal information as a major concern), it requires retailers to carefully follow the law, and ensure strong security measures are in place and data is being managed effectively.
What can retailers do?
Prioritising digital ID solutions is a strategic move for retailers that addresses critical security concerns while enhancing customer trust. By minimising the amount of personal data collected and shared, retailers reduce the risk of exposure to identity theft. For example, when retailers receive verified customer information from a trusted source, they can rely on the authenticity of the data without needing to collect additional sensitive information like a driver licence or birth certificate.
This approach not only safeguards consumers’ personal information but also reduces the potential impact of data breaches on retailers’ reputations and their bottom line. By limiting the data they store, retailers also decrease their exposure to privacy and legal risk, as they are less likely to be in possession of sensitive data that could be exploited by cybercriminals.
Enhanced visibility for customers regarding the use and sharing of their information is another crucial aspect of digital ID solutions. When customers have greater insight into where and how their data is being used, they can more effectively monitor for suspicious activity and take steps to protect themselves against identity theft. This increased transparency not only strengthens security measures but also builds consumers’ confidence that the retailer is protecting their privacy and security and so can be trusted.
Additionally, digital ID solutions streamline the customer experience by offering a seamless and secure method for individuals to verify and protect sensitive identity information. By leveraging digital identities, retailers can ensure that only authorised individuals have access to sensitive data, minimising the risk of fraud. This not only enhances security but also improves the overall customer experience, as customers can enjoy a frictionless and user-friendly process for verifying their identities and completing transactions securely.
Digital identity holds immense potential as a tool to help mitigate fraud and better protect both consumers and retailers. Embracing this technology marks a crucial step towards a more secure and resilient digital ecosystem, fostering trust and confidence in online transactions and equipping retailers to confront the challenges of identity fraud head on.
Rick Iversen is head of product and scheme for ConnectID.