Editorial

UK consumers won’t forgive COVID-19 data breaches

A third of consumers will walk away from an organisation if their data is compromised during the COVID-19 pandemic.

Posted 18 June 2020 by

New research suggests a third of UK consumers will avoid a business “for up to several years” if their personal data is compromised due to a business’ poor data security practices during COVID-19.

The research commissioned by PCI Pal shows a further 30 percent say they “would never return”, representing a significant potential risk to organisations that have had to adapt working practice.  Only one in 10 (11 percent) said “it wouldn’t impact” their loyalty to a business.

The firm shared the data as it revealed that Waltham Forest Council has implemented PCI Pal’s Agent Assist payment solution to secure all telephone-based payments and ensure continued compliance with data and payment security standards.

The Council says it wanted to a way for its Resolution Centre staff to guide citizens through the process of paying over the phone, while also maintaining complete privacy of cardholder data.

It also ensures the Council’s homeworking staff can continue taking PCI-compliant payments on both inbound and outbound telephone calls.

“As well as aiding compliance, the implementation of PCI Pal serves to strengthen local residents’ trust in the Council’s governance,” says Marcus Power, resident financial services manager, Waltham Forest Council.

“It demonstrates to residents that the Council is taking data security seriously at all times. We care about our citizen’s data and protecting their payments and information.”

With the solution implemented by Civica, the Council’s agents now have no visibility of payment card details as callers enter their data using a telephone keypad, therefore descoping the Council’s data and voice network from PCI DSS.

Consumer concern

While most consumers (69 percent) felt the same level of concern regarding how businesses are handling their personal data now compared to before the pandemic, more than a quarter (28 percent) said they felt more concerned.

This worry was further elevated when asked specifically about sharing payment information with businesses operating remotely. Here, three quarters of respondents expressed some level of concern, with a quarter stating that they are “very concerned” about how their payment data is being handled during the pandemic.

“Cybercriminals are shamelessly opportunistic and are aiming to capitalise on the remote working situation. Hackers are working around the clock to steal data for profit and therefore consumers are rightfully holding businesses accountable for lax data security practices,” says Geoff Forsyth, PCI Pal chief information security officer.

“This means that businesses must meet the highest compliance and security standards if they want to build and maintain customer loyalty during these unprecedented times.”