The messy truth is out there about identity theft, and your customers are afraid of it. Receiving a new debit or credit card after a breach is annoying, but it's also at the bottom of the list in terms of what they worry about. Everyone knows a story of someone's identity being stolen which resulted in a nightmare of forms, denials and misunderstandings. It's not as simple as showing a driver's license and being done with the matter. These tales include descriptions of bankruptcies, days in courts, hours of arguments and of entire lives being put on hold until everything has been worked out — however long it ended up taking. Cautious citizens have made identity monitoring companies (e.g., LifeLock) a booming industry, and they've also made the victim businesses close up shop after a breach has occurred. When customers can't trust you with their data, you risk far more than you realize. Encryption is an additional step that companies everywhere need to take for the sake of their businesses. We'll look at how this technique may help you boost your reputation and help keep your customers coming back.
To learn how encryption can lower the cost of regulatory compliance while enhancing security, download our white paper Reducing the Cost of Regulatory Compliance with Encryption.
The Heart of the Problem
From Target to Wendy's, it's becoming more and more apparent to even the least tech-savvy person out there that no one is immune from a potential breach. You may have already noticed more people using cash in an effort to lessen their chances, or possibly even had less involvement with online platforms. If you work in the health fields and you're subject to HIPAA and HITECH laws, then perhaps you've seen more people inquire about what exactly is done with their data. Overall though, it's going to take a lot for people to give up technology completely, so you'll need to start finding the best ways to keep data under lock and key. While your customers may not understand the full scope of encryption, you can explain the concept to them when asked. The heart of the problem lies in both a fear of the unknown and a lack of understanding how they're vulnerable and what they can do about it. Taking the right actions in your business addresses the insecurities that people may have when it comes to entrusting you with some of their most precious financial or personal data.
If you accept credit cards then hopefully you're already aware of the liability shift that occurred in October. In an effort to minimize expenses when it came to fraudulent charges, major credit card companies successfully lobbied to have the merchants take pay for criminal charges if they were still using the older swipe machines at the time of the breach. Because of the encryption technology the new chip machines make possible, it prevents the thief from gaining information that could be used again for further transactions. With the magnetic stripe, the information gleaned from a breach could be used over and over to make duplicate cards or charges online. Despite the fact that merchants were given ample response time to get their card systems up to par, there were delays due to cost and time constraints for learning the new system. In the case of Wendy's, the impact of their breach may have been significantly lessened with the use of chip cards at every establishment. Again, customers may only know so much about the switch and what the driving factors are, but they likely have some feelings about those who still use the older technology in light of the possible identity theft problems.
Customers are becoming more and more vocal about how they feel about identity theft, and older people in particular are making explicit choices to keep their data offline and use cash where they can. When 42% of people have experienced some sort of fraud and 68% of people are checking their information regularly to prevent identity theft, the consequences are definitely not far from their minds. From tax returns to their doctor's office, it seems nowhere is safe. To put things in perspective, Target had 40 million people who were affected by their hack, and their team was not ready for this type of backlash (which to a certain extent is understandable.) People couldn't get through on the phones, websites wouldn't load, and people were livid. People who needed to confirm if there were charges made, in order to prevent any further ones from occurring, couldn't get the information they needed. Customers are not only speaking out with their voices but also with their wallets when it comes to where they choose to shop.
A Matter of Trust
Your customers don't necessarily need to hear a lecture about how you're looking out for them, but you should be doing what you can to broadcast how you're helping them. By employing the best methods, you can give people the reassurance they need whether you deal with them in person, over the phone or strictly online. If you mainly deal with a customer base who understands the basics of technology, you can certainly go into more detail. However, even if you don't, you can still make it known that you've taken the precautions. Taking the action to encrypt data is another step in a long line of trying to connect with your customers through your branding, mission and products.
As you've probably already heard, this debate has hit the mainstream in a big way beyond just identity theft. The government has been putting pressure on companies like Apple and Google to give up information about their users, or build in a backdoor to their encryption software so they can find it themselves. The government employs their own tech experts to break into devices that these conglomerate companies have spent years trying to safeguard. Their means have been met with mixed reviews on both sides of the fence. Apple doesn't want to open up a slippery slope that might introduce us into a police state while some officials think the access is necessary to keep potential major criminals at bay. While your company may not come across anything of this nature, you're still a part of this issue whether you want to be or not. For the most part, people value their privacy online as well as in person as a part of their freedom.
Tokenization is a type of cryptography that still aims to make data unusable should a thief manage to get ahold of it. Tokenization is an alternative option to traditional encryption, and larger companies especially have seen how it helps them simplify their overall safety protocol. Tokenization is typically simpler to manage, and companies with hundreds of employees appreciate the lifting of the burden of keeping encryption keys out of the wrong hands. When it comes to customer trust, you're using a random string of characters to hide their most vulnerable data. The software today can be easily applied to a variety of applications and programs, meaning you'll have total protection wherever your data is stored. It's no surprise that regulatory agencies encourage tokenization when working with payment and health data, because it generally helps make the complicated goal of proper security a little more attainable. This is not to say that encryption and key management are obsolete by any stretch of the imagination. Tokenization is simply another option for you to evaluate for keeping customer data safe.
How to Talk to Your Customers
There are ways to explain encryption to customers who know little about how their data is transmitted in the virtual world. At the very core of encryption lies the idea that a thief can take the information because there are only so many ways that anti-malware programs can seal out clever hackers completely. What encryption does is stop the thief from being able to read the data in any way that could be useful for them to steal someone's identity or otherwise misuse what they find. Knowledge is power, and encryption stops that power from falling into the wrong hands. This is not about bragging about your superior safety measures, but rather about letting the customers know that you're aware of the risks of taking shortcuts when it comes to their information. Typically businesses who show this type of concern for their customers see that concern taken through the rest of their organization as well, meaning that both employees and customers will see the measures taken to ensure satisfaction.
The End Result
Customer loyalty is unfortunately not merely as simple as keeping their data safe, however it's a vital part of branding yourself in the eye of the public. Companies of all sizes are subject to customer fear, so do not consider yourself to be immune from how your customers feel about their security. If you're only using a basic firewall or anti-malware protection, then you're simply not doing enough. Too many companies are making these precarious mistakes either due to a lack of resources or a lack of knowledge about how important this matter is. No business can afford to play fast and loose with customer data, and proper encryption can take the threat of facing an angry mob of customers way down. Even if you never experience a hack, it's another selling point in how your business both maintains current regulatory standards and is keeping up with the security demands for tomorrow as well. Just remember that an investment in encryption or tokenization software is ultimately an investment in keeping your business alive.