by Constantine von Hoffman

Can Great IT Security Ever be a Selling Point?

Nov 29, 20113 mins
CybercrimeData and Information SecurityData Breach

Info security is a major consumer sore spot, yet companies won't talk about it in their marketing.

Consumers worry about the security of personal information online and have huge doubts about businesses’ ability and willingness to do anything about it. Even someone with a Harvard MBA could spot the opportunity here. So why don’t B2C companies to use IT security to stand out in the market place?

Consumers take info security seriously. According to a recent survey, 16% of Americans, 24% of Brits and 26% of Aussies say they would stop doing business with any bank, credit card company or retailer which had a security breach that put their personal information at risk. That’s only for a potential risk, imagine the numbers if information is actually taken?

Even so most companies – especially financial services – do everything they can not to bring up the issue. There are a number of reasons for this. These companies are afraid that mentioning security to consumers will raise and not calm worries. This is an assumption that needs to be re-examined because it is based on their history with brick-and-mortar banks. With physical banks robberies are very rare. Because of this consumers naturally assume the bank has adequate security measures in place. Making a big point about additional safety steps — like bringing in armed guards – does make people wonder why they are there all of a sudden.

However, everything changes when you go online. Network breaks are a regular occurrence, unlike armed robbery. Because of this and similar issues security is already a consumer concern. (For some reason it isn’t enough of a concern for most of them to do anything about it, though…)

U.S. banks actually have laxer security for consumer transactions then banks in Europe. This is because American banks – not consumers – have to pay for fraudulent charges. In Europe, the responsibility is on the consumer, says Adam Dolby, eBanking Manager for Gemalto, an international digital security company. “So they’re willing to take a few extra steps to protect themselves,” he says.

The topic came up as Dolby was showing me the company’s new B2B security product, called Ezio Plug & Sign. It’s designed to cut down on automated clearing house and wire transfer fraud with a system that is supposed to make it impossible for anyone not in possession of a physical key to gain access to particular accounts. When he showed it to me my initial reaction was, “I wish I had one.”

Dolby said he hears that a lot when he tells non-computer people about it (and he says a consumer rollout isn’t out of the question – but it’s not really at the top of Gemalto’s to-do list right now). So, again, it’s not like consumers aren’t aware of security problems or uninterested in solutions.

There are other reasons that B2B companies don’t like use security in their marketing. Probably the biggest one is that then they would have to live up to it … and that costs money. Also, it might make hackers focus on that company more. No will ever forget what happened to Todd Davis, CEO of ID security firm Lifelock. He became a victim of identity theft after using his own social security number in ads in order to prove how good the company’s services were.

Yeah. Definitely a good idea not to go that far.