Story image

How online retail businesses need to bundle security into customer experience

08 Oct 2018

Article by F5 Networks Asia Pacific security specialist Shahnawaz Backer

Cashless payments are driving the e-commerce market in Southeast Asia (SEA).

With smartphone payment apps such as Google Pay and Apple Pay, consumers get to enjoy the convenience of a digital wallet anywhere, anytime.

Whether it’s ordering McDonald’s delivery, stocking up household necessities or even the occasional impulse purchase, consumers are demanding convenience – be it on their computers, or mobile devices.

In fact, recent research has found that consumers are willing to pay more for convenience and a personal touch.

Yet, for all the convenience those services offer, there’s still one overriding factor holding consumers back from using online services – trust.

A recent Ipsos study found that nearly half of global online shoppers refrain from shopping online due to a lack of trust, as fears and concerns over data privacy have deterred many people from sharing their personal information online.

Security is an important aspect in Singapore, with the latest research revealing that 47% of Singaporeans believe that security is the most important feature in their e-Commerce apps such as Carousell and Amazon.

This is compounded by the fact that three in five respondents will delete an application if its data security is compromised.

As online market places evolve and customer preference for e-Commerce continues to grow in Singapore and the Asia Pacific, security risks are becoming a bigger issue.

Businesses need to cater to the security needs of their customers to capture the opportunities in the region – but how can businesses ensure they deliver seamless and convenient services without compromising security?

Think like a consumer: We all have trust issues

From email addresses to phone numbers and credit card details, users expose a trail of data whenever we interact with online sites and apps.

With the amount of private data out there, coupled with the frequency of news on data breaches – 98% of the top 50 e-Commerce apps have been found to be vulnerable to security attacks – online retailers as well as customers are at risk of cybersecurity threats such as credit card fraud, hacking and phishing attacks.  

E-commerce sites, in particular, are increasingly targeted by hackers due to the sensitive payment card information.

Organizations doing business online need to have adequate cybersecurity controls in place, or risk consequences such as a loss of revenue, and damage to brand reputation in the event of a cyberattack.

Without a strong cybersecurity posture, no individual quality of a business is enough for visitors to buy a service or product they do not trust.

Security vs convenience

Mobile apps have taken the e-Commerce industry by storm.

So much information is stored in apps – users even have apps residing within apps that enable them to easily store social network profile or payment information in apps.  

This has transformed the way consumers shop online.

While online shopping has brought about greater ease of use and convenience, it also presents significant cyber risks due to the volume of sensitive data and personal information shared between merchants, payment providers and consumers.

This is a worry as consumers tend to favor convenience over security, and use devices and apps without discernment and readily surrender their information without a second thought – leading to a treasure trove of data for cybercriminals.

We recently ran a social experiment in Singapore and found that contrary to what they said (53% prioritized security to convenience), 70% of Singaporeans were more willing to sacrifice personal data for convenience.

This means that while users acknowledge the importance of security, their actions do not quite reflect it.

Therefore, there needs to be greater awareness of the issues of data privacy to ensure that adequate measures are taken by customers to secure themselves and their online accounts.

There needs to be a fine balance – and silent security is key

The demand for technology-driven intuitive experiences is here to stay, with the emergence of an affluent and digital savvy middle-class and rising Internet and mobile penetration in the region.

What this means for businesses is that they must be able to balance both the demands of convenience and need of staying secure.

This is where silent security comes in – the concept of providing an app experience that is secure, yet not overly inconveniencing users.

It involves using solutions that grant access to application functions and data depending on the identity, location, and device used to access the app from.

This ensures that users are who they say they are, and ensures that their credentials have not been compromised.

Biometric checks like fingerprints and facial recognition, as well as using two-factor authentication devices are also equally important.

As more consumers adopt online shopping, security in e-commerce is a top priority for both businesses and consumers.

Security needs to be foundational and silent, and should not be an afterthought.

Online businesses should have multiple layers of security in place to keep valuable data protected – ultimately finding that sweet spot between convenience and security to deliver the right user experience, or risk losing them.

Oracle updates enterprise blockchain platform
Oracle’s enterprise blockchain has been updated to include more capabilities to enhance development, integration, and deployment of customers’ new blockchain applications.
Used device market held back by lack of data security regulations
Mobile device users are sceptical about trading in their old device because they are concerned that data on those devices may be accessed or compromised after they hand it over.
Gartner names ExtraHop leader in network performance monitoring
ExtraHop provides enterprise cyber analytics that deliver security and performance from the inside out.
Symantec acquires zero trust innovator Luminate Security
Luminate’s Secure Access Cloud is supposedly natively constructed for a cloud-oriented, perimeter-less world.
Palo Alto releases new, feature-rich firewall
Palo Alto is calling it the ‘fastest-ever next-generation firewall’ with integrated cloud-based DNS Security service to stop attacks.
Facebook fights fake news ahead of Africa elections
“We also show related articles from fact-checkers for more context and notify users if a story they have shared is rated as false.”
The right to be forgotten online could soon be forgotten
Despite bolstering free speech and access to information, the internet can be a double-edged sword, because that access to information goes both ways.
Opinion: 4 Ransomware trends to watch in 2019
Recorded Future's Allan Liska looks at the past big ransomware attacks thus far to predict what's coming this year.