The latest Office of National Statistics data pointing to a rise in cybercrime highlights the need for more robust business processes and better guidance for consumers, according to a digital payment security company.
Tony Porter, global head of communications at Eckoh, said: “The vast majority of UK consumers are reasonably well educated about the risks of exposing their data, but there are also millions of consumers who assume that the convenience of making payments online or over the phone comes with levels of security that simply aren’t robust enough. We are publishing a draft digital health and safety guide to spell out the potential risks and encourage people to think twice before they speak to an agent, click or press send.”
The firm suggests that the average UK consumer, irrespective of age, is now accustomed to using several communications channels, including phone, text, social media, web self-service, messaging apps and more. Ease of use, in Eckoh’s view, can lull a consumer into a false sense of security. Research also shows that fewer than 20pc of merchants have invested in secure payment technologies to prevent fraud; a figure that Eckoh believes could be much lower. Tony Porter said: “Enterprises talk extensively about putting their customers’ needs at the heart of their business and yet are seemingly happy to put their personal data at risk on a daily basis. The most public example of this is making customers speak their card data over the phone to anyone who can hear it, including the contact centre agent.”
Security standards vary hugely, but the evidence of security is often discreet or hidden. Barclays’ recent announcement that it is moving to voice authentication of customers as an alternative to passwords is an example of the trend towards the implementation of telephone-based security which is led by banks and other financial institutions, the product firm adds.
Tony Porter said: “It is conceivable that we might eventually see the death of the alphanumeric password. With IVR speech recognition systems validating identity and then serving the customer on the basis of voice commands. The advantages to both the customer and the provider are manifold. Better security based on unique identification and a way of completely avoiding traditional menu-based phone systems.”
The company says that the wider picture on security away from the banks is less robust, with many businesses little more than digital colanders. Tony Porter added: “Until businesses get their payment security processes up to date and properly protect customer data, consumers must remain vigilant and extremely careful about how they expose their personal data. Never assume that companies will protect it. Always look for the same level of validation that a company would expect from you.
Eckoh is sharing its draft of a digital health and safety guide for consumers to prompt debate about payment solutions and telephone-based security and help offset the risk of fraud:
Walls have ears
Don’t speak your card details out loud in a public place. If overheard, your details could be used to make a fraudulent transaction.
Keep your personal details personal
Don’t share the combination of your name, address details and order number in a public forum. These can be used to commit identity fraud.
Keep an eye on your card
Always ensure that your card remains in sight. Contactless payments don’t require a PIN and transactions could be charged to your card.
Don’t be tricked by hoax callers
Unexpected calls from companies saying that they have detected a virus on your computer are always fraudulent. Never engage with the caller.
Be careful on email
Avoid putting sensitive details into an email to any organisation. Emails could be interfered by people not connected to your transaction.
Check your statements
Keep an eye on your bank statement and query any unusual transactions. These may be errors or they may be fraudulent.
Don’t be afraid to ask
Ask a call centre operative whether your card number is being recorded before giving out credit or debit card details over the phone.
Check for the padlock
Only purchase from a site with TLS (Transport Layer Security) technology. Look for the padlock on the address bar of your browser.
If in doubt, hesitate
The convenience of online services can lead us to ignore the risks and put our bank details in jeopardy.
Refresh your passwords
Regularly change your passwords and make sure they include a combination of letters and numbers. Your oldest passwords may be the easiest to guess.
Don’t be too social
Never share your personal details in a Tweet or a Facebook post. These are not secure and your information could be used fraudulently.
No comment
Never enter your card details into a site’s comment window. This isn’t secure and can potentially be seen by anybody visiting the site.
Call your friends
Emails from friends asking for money may often be fraudulent. Call or text your friend if concerned about their safety.
