From festive fun to password panic: Managing money online this Christmas
Methodology
The Kaspersky Lab Global IT Security Risks Survey 2018 is a study into the state of consumer attitudes towards their money and financial security online.
A total of 12,448 consumers were surveyed in 22 countries.
Key findings
- A third of people (31%) cannot always remember their online banking credentials
- A fifth of respondents (20%) use a device to store their online financial log in details and passwords
- This has led to a quarter of shoppers (26%) losing money through an online financial incident without being refunded
- 54% of consumers are more worried about their financial credentials being accessed or stolen by cybercriminals than other private information (e.g. home address or sensitive photographs)
- 46% of those surveyed would make more online payments if they felt their credentials were better protected
Introduction
Visiting our favourite online retailers is quickly becoming the most convenient way to complete must-have purchases. Fast tracked delivery, exclusive discounts and free returns have made online shopping an exciting and essential part of modern life. It’s estimated that three quarters of us have shopped online. Even browsing for products has become a popular pastime and nearly all of us have done it when we are on our lunch breaks, commuting to work, or sat in front of the television.
It is hardly surprising then, that retailers try to entice us into buying by putting their best bargains online. And with more than £747 billion spent in just five countries during the festive season in 2017, digital spending will be crucial to retailers making a profit this Christmas.
The e-commerce boom has made it easy to spend money online with every type of retailer you could imagine – from those selling groceries and gifts, through to paying service providers or buying a boat. The possibilities are endless and the choice of payment options is growing.
However, once upon time, this was far from the case. For example, auction website eBay has encouraged both buyers and sellers to use PayPal off the back of a strategic partnership for the last 15 years. The majority of retailers are now happy for us to use whatever payment method we prefer in order to stop us from going elsewhere. From credit card transactions and bank transfers, to cryptocurrency, subscriptions, and loyalty points, we can pay for goods and services in more ways than ever before.
Yet, while such a wide range of payment options offers us both choice and flexibility, it also gives us the headache of protecting our financial details in multiple locations. Kaspersky Lab figures suggest that 60% of consumers are worried about online banking fraud. With the majority of people having numerous online shopping accounts, digital wallets, bonus points systems and login credentials, it can be extremely challenging to keep everything in order and remember every PIN, password and code we all need to stay in control. Some of us even struggle to recall the email address we used to register with a particular retailer.
Speaking to people around the world on the struggles they face with this very issue, we have uncovered how they manage their finances online; examined their attitudes to financial cyberthreats, how safe their money is and how they value it against the security of other sensitive information. Here we reveal the risks people are prepared to take when making transactions online, what they do to protect their credentials and the threats they fear could lead to their hard-earned money falling into the wrong hands.
We love to shop online, but is our money safe?
Shopping has become one of the most popular online activities, only being beaten by email. The majority of us purchase on the web using laptops or desktop computers, with the use of smartphones steadily rising as retailers make their websites more mobile friendly. Different payment providers also look after their customers on smart devices, so completing purchases remains as convenient as possible.
However, with online shopping now the norm, cybercriminals are ready to take advantage of those who fail to protect themselves online. You don’t have to look too far to find an example of just how vulnerable our financial information is online. In October 2018, American HSBC customers’ account details were accessed by hackers through a sophisticated breach, affecting hundreds of thousands of people. This is a great example of the importance of taking control of our own security and not relying on others to keep our information safe. But if the big banks are falling fowl, what can we do ourselves to minimise the chances of becoming a target?
Nearly anyone who uses the internet understands that cyberthreats exist, they are part and parcel of online activity, and nine out of 10 people are aware that a breach could result in monetary losses. For nearly two thirds (60%) of respondents, this awareness translates into concern around the risks we are taking with our finances online. People do not want to be left vulnerable and become potential victims of money vanishing from their accounts.
Indeed, we are so concerned about money being stolen online that we prioritise keeping our financial details secure over the protection of other sensitive and personal information, such as private photographs. More than half of the people that were surveyed (54%) said they would be more worried about these credentials being accessed by cybercriminals than any other aspect of their digital lives. It is simply much more disastrous if cybercriminals discover credit card details than embarrassing photos.
The issue of remembering the vast number of passwords and PINs we need to transact online is also a cause for concern. In a bid to remember the words and numbers that unlock our accounts and finances, we are in fact opening them up to everyone due to bad habits. We might be taught at school to write important things down, like historical dates or mathematical equations, to help us remember them – but doing this with financial credentials puts us at risk. Writing a credit card PIN in a notepad, or saving a bank account passcode on a laptop, could make you more vulnerable to attack and result in monetary losses.
However, storing payment credentials on a device is not common practice, with the majority of us aware that if a device goes missing or is stolen, they could be easily compromised. However, the surveyed revealed that a fifth of people (20%) still rely on their smartphone or other devices as a way of noting down private banking information. This reliance on recording credentials has the potential of them falling into the wrong hands.
How are we spending our money?
We’ve talked about how easy it is for us to transact online, but with so much choice just how do we prefer to do it? Using a debit or credit card has long been the most popular method of making an online payment. It’s the first option that the majority of retailers present us with when we go through the checkout process and we are used to handling our cards in physical stores. As we all hustle and bustle to buy gifts this December, many of us will use a card by default – as if we’re on autopilot! Indeed, according to our survey, four out of five people (81%) have used plastic to complete an online purchase.
Yet while debit and credit card payments remain king online, many people are quickly becoming accustomed to using other methods to complete purchases. There has been a steep rise in the popularity of e-wallets (such as PayPal), with many retailers and auction websites asking customers to use them instead of cards and bank transfers.
As well as a range of payment options, we are also being rewarded for spending, with loyalty and bonus schemes encouraging us to spend in different ways with a variety of retailers. In fact, more than half (53%) of respondents use these services, often leaving many people feeling like they getting goods and services for free. Simply by frequently spending with a brand and passing over personal information – from financial details, to favorite interests – retailers give shoppers points or money off future purchases.
Will we ever remember all our passwords?
We are often told choice is good thing. From restaurant menus to television subscriptions, we are offered many different options by brands and businesses so that we can run our lives however we choose. Nevertheless, when it comes to protecting our finances online, this isn’t always the case. As the variety of payment methods continues to grow, giving us even more choice, shoppers have the challenge of remembering all of the credentials that keep their money safe.
As we have already discovered, many of us struggle to remember passwords so it is no surprise that we also fail to recall every website or portal we have used our financial details on, or the people we have paid through online transactions. For example, less than half of respondents (48%) said they are able to recollect our login details for all of the websites where we have made an online payment. Imagine the amount of time you would waste if you wanted to remove credit card details from a retailer’s website, but you didn’t know how to sign in. It can be even harder to track all of the websites and services where we have saved our financial information, like an e-wallet account or debit card. In fact, only 38% of people can remember everywhere they have previously made a payment online.
More alarmingly, Kaspersky Lab found a third of people (31%) still struggle to remember their online banking credentials, admitting that they have either forgotten them or do not even try to remember them. Trying to shop for Christmas gifts without knowing how much money you actually have in your account is a risky game to play. This forces people to recover or change these details in order to both access their money and keep it safe.
Signing up for subscriptions services is also incredibly tempting as we can quickly access our favorite television shows, movies and products at will. Yet, while registration is easy, it can become very difficult to track spending. 32% of people who answered the survey do not always remember every service or automated payment (direct debit) they have subscribed to. Signing up for two streaming services, a few magazines and a cosmetic plan (e.g. shaving kits) can quickly lead to costly fees from multiple brands.
Is our money safe?
It is often the case that the product is so desirable that we do not worry if the website we’re buying it from is dangerous. When we see the perfect gift for a friend this Christmas, how many of us will check that our accounts won’t be compromised? In fact, only a fifth of respondents (20%) could say they know what to look for to make sure the website they are paying on is secure and one in ten (13%) even have a special bank account or card to use for purchases they feel could be risky.
Despite the rise in online payments, across multiple methods and recipients, there are still quite a few of us who are wary about transacting on the web. Kaspersky Lab statistics show that more than half of people (52%) are worried about being vulnerable when purchasing products or making financial transactions online. So, from paying a retailer for a new shirt, to paying back a friend for a meal, the slight majority of us would prefer if this could be done more securely. The survey also revealed that nearly half of the people we spoke to (46%) would be happier to pay for goods online more often if they had reliable protection for these financial transactions.
These fears are justified when they hear from friends or family members who have had money stolen, or when we are on the receiving end of cybercrime ourselves. With the festive season creating a peak in online spending, threats could be lurking around every corner. A third of shoppers (32%) revealed that they have even experienced a financial incident in the past year. This left many of them (26%) out of pocket as their money could not be retrieved and they were not compensated by any payment provider or retailer involved.
The good news is that the overwhelming majority of people (83%) believe the most important service to set a strong password for is online banking. The survey has shown consumers are determined to guard their finances and when faced with an online financial threat, with many springing into action by changing credentials – such as passwords and PINs – to try to keep their money out of the wrong hands.
How can we spend with confidence this Christmas?
The festive season, for many of us, is a time of joy and spending on the people we love. This year is predicted to see a record number of Christmas purchases online, with millions of people set to use a wide range of accounts and multiple payment methods. It should be a period we can all enjoy. Yet the truth is that many of us are struggling to remember all of our email addresses and passwords that give us access to these services. We don’t have much hope of completing those enticing ‘flash deal’ purchases for loved ones if we do not even know how to log in.
We are still relying on writing down or separately saving our credentials – leaving us at risk of exploitation – or simply resetting our passwords whenever we need to use one because we are not trying to commit them to memory. If we are going to be able to move away from these habits, we need solutions that mitigate risk and guarantee our money remains safe. This could be done via retailers we shop with, but it is also practical and convenient for us all to be able to do it ourselves through a specialist security solution.
Online retailing is fun and lets us shop for top bargains at our convenience without having to worry about visiting a physical store. If this is to remain the case, with people staying proactive at keeping threats at bay, such as by changing their passwords regularly, then they need help remembering all of this vital information.
- Kaspersky Security Cloud is an example of how software can adaptively help us all to overcome the challenges we face in keeping our finances secure. The solution protects your credit card details by opening a secure browser whenever you buy online and by auto-filling securely your payment details.
- The Kaspersky Password Manager, for instance, is designed to keep private lives safe – including financial details. It gives shoppers secure access to their passwords, PINs and key credentials, anywhere on any device – making payments both quick and safe.
Such solutions can ensure we all enjoy a bit of retail therapy and be can frivolous this festive season without it becoming a nightmare of panicking about our passwords.