Tracking Online Behavior: Three in Four Consumers Say Using Their Information For Fraud Detection Purposes is ‘Okay’
Posted May 3, 2011
On the Heels of the McCain-Kerry Privacy Bill, ThreatMetrix and the Ponemon Institute Surveyed Consumers About Behavioral Advertising
LOS ALTOS, CA – May 4, 2011 – ThreatMetrix™, the fastest growing provider of cloud-based fraud prevention solutions that do not require personally identifiable information (PII), today announced that a joint study with the Ponemon Institute revealed the majority of consumers are comfortable with online behavioral tracking for fraud prevention purposes, but remain hesitant around advertising and promotional purposes. The results are outlined in a report, “Consumers’ Reaction to Online Fraud.”
Seventy-four percent of consumers expressed some level of concern about online advertisers collecting and using their information for future promotional activity. Survey results showed that half of respondents, however, reported that it is acceptable to use information about their online behavior as long as it’s used to detect potential fraudsters. The rest of survey respondents were divided in their sentiments; 24% said they don’t think behavioral targeting in any form is appropriate, whereas 26% said it is okay for online businesses to use their information to either send them ads or monitor potential fraudsters.
When asked about the extent of obtaining consent to use their online behavioral information for fraud detection, only 16 % said advance consent was necessary for each transaction. One third said consent was not necessary at all, while the majority (36%) said consent only once in advance is sufficient.
The Issue of Behavioral Advertising
As a hotly contested topic, in mid-April Senators John McCain and John Kerry introduced a privacy bill focused on the security and management of personal information. In it, they outline how companies must reveal when they are collecting consumer information, in what capacity it will be used and keep that data safe from hackers. This comes in response to proposed FTC legislation in late 2010, which was initiated in response to the privacy implications arising out of behavioral advertising.
“Such legislation could have unintended consequences for those engaged in cyber security efforts,” said Reed Taussig, president and CEO of ThreatMetrix. “While the recognition of the unique role of data collection for fraud prevention was recognized by the FTC staff, there will likely be tradeoffs between privacy and security.”
“Businesses must be sensitive to using personal information for targeting,” added Taussig. “Consumers are generally not comfortable about receiving ads and promotions, based on our survey results, but are more open to companies using their information to verify their identity. It’s just a balance of using the information appropriately, or risk losing their trust and loyalty.”
The majority of consumers (70%) reported that if they were assured their personal information was not collected when used for fraud detection purposes, they were comfortable with an online business authenticating their identity through a digital fingerprint. Another 22% said they were unsure.
“Online businesses need to move toward other authentication techniques that evolve beyond using personally identifiable information, but can still prevent fraudsters from being alerted about the security precautions a company is taking,” said Taussig.
When it comes to disclosing the use of a digital fingerprint, three in four consumers indicated that disclosure is not necessary, or only if such disclosure does not reduce the business’s ability to fight cybercrime.
On top of that, 82% of consumers indicated that they would expect an online business to use alternative methods to verify their identify if they were unable to match their computer’s digital fingerprint to their security system.
The research also looked at consumer sentiment about fraud prevention across the banking, social media and Web 2.0 industries and mobile channel. For more information about the findings, download a copy of the report at http://info.threatmetrix.com/ConsumerSurveyOnlineFraud2011.html.
The Ponemon Institute© is dedicated to advancing responsible information and privacy management practices in business and government. To achieve this objective, the Institute conducts independent research, educates leaders from the private and public sectors and verifies the privacy and data protection practices of organizations in a variety of industries. For more information, visit www.ponemon.org.
ThreatMetrix®, The Digital Identity Company®, is the market-leading cloud solution for authenticating digital personas and transactions on the Internet. Verifying more than 20 billion annual transactions supporting 30,000 websites and 4,000 customers globally through the ThreatMetrix Digital Identity Network®, ThreatMetrix secures businesses and end users against account takeover, payment fraud and fraudulent account registrations resulting from malware and data breaches. Key benefits include an improved customer experience, reduced friction, revenue gain and lower fraud and operational costs. The ThreatMetrix solution is deployed across a variety of industries, including financial services, e-commerce, payments and lending, media, government and insurance.