CreditLock.com

In a recent informal poll/survey available at www.Creditlock.com , visitors were asked where they believe Identity Theft is most likely to occur. As many as 75% of respondents said Identity Theft is most likely to occur either at "Computer and Internet" or due to "Merchants Data Loss". The actual results were 10% for "Home Robbery", 6% for "Office Robbery", 3% for "Street", 41% for "Computer and Internet", 34% for "Merchants Data Loss", and 3% for "Other".

Such results clearly show that when it comes to the safety of sensitive consumer information, consumer confidence in both online and offline merchants is severely compromised. Merchants need to take such perception very seriously, especially when considering that several published surveys have indicated that Identity Theft is actually most likely to occur due to traditional means such as stolen wallet, stolen mail, etc...

The contradiction between consumer perceptions, and the actual results found by some surveys could have several explanations. Lately, there have been several high profile cases where merchants compromised sensitive consumer records such as TJ Max. Such cases are often highly publicized, whereby an individual stolen wallet or stolen mail is rarely publicized on a national scale. Hence, consumers' perception could be shaped by such "publicity", as opposed to other facts or surveys. Additional reasons for such contradiction includes nuances associated with survey taking. Some surveys are based on actual reported Identity Theft cases. Some would argue that such results could differ substantially if "un-reported" identity theft cases were included.

Consumers behaviors are shaped by their own perceptions. If 75% of consumers believe that Identity Theft is most likely to occur due to "Merchant Data Loss", or through "Computer and Internet", then consumers will alter their purchasing behavior accordingly. According to an article published on February 16, 2006 by Business Week, a survey conducted by The Conference Board concluded that in 2005, 41% of consumers were purchasing less online than in 2004. The article related such behavioral change to rising online fraud and attacks. Similarly, if consumers conclude that purchasing offline at regular stores also exposes them to an added risk of Identity Theft, it is very possible that consumers will also alter their offline purchasing behavior.

Consumers could alter their traditional offline purchasing behavior in many ways. Consumers could start resorting to paying by cash, rather than by credit. Consumers could start declining offers for Frequent Buyer programs in order not to have to divulge personal information. Many consumers often make purchases on impulse. If consumers are concerned about Identity Theft, it will cause them to weigh the risks of making a purchase, relative to the risk of becoming an identity theft victim. Such hesitation could affect impulse shopping, possibly resulting in the ultimate abandonment of certain impulse purchases.

This makes it obvious that merchants cannot ignore such perceptions. If a merchant cannot make the consumer feel safe during his shopping experience, regardless whether it is online or offline, then such merchant will most likely experience loss of business. In an attempt to improve payment security, merchants processing, transmitting, or storing credit card data were encouraged to comply with the Payment Card Industry (PCI) Data Security Standards based on several criteria. After several years of such initiative, it was recently reported by eweek.com that Visa reported on May 9, 2007 that 35% of the largest retailers have been certified PCI-Compliant by Visa. Although such figure is an improvement from 18% in the prior year, it still needs to improve further.

In addition, Visa reported that as many as 14% of the largest merchants are

non-compliant, and are not even willing to promise Visa that they are trying to be compliant. As implied by the creditlock.com poll/survey, such retailers may soon realize that consumers are already uneasy about their perception of the risk of  Identity Theft attributed to "Merchants Data Loss". Hence, if such merchants don't remedy the situation soon, their business may ultimately suffer (if it is not already suffering...).

Consumers are right to be concerned about Identity Theft risks that may be beyond their control, such as Merchants Data Loss. Nevertheless, consumers are not totally powerless to do something about it. Consumers can shift their purchases to merchants they deem to have adequate security measures in place. In addition, consumers can also employ various Identity Theft protection measures. Such measures could include Credit Monitoring, to discover whether they have become a victim of Identity Theft, or Credit Freeze (availability and details about Credit Freeze can be found at http://www.creditlock.com/creditlockdownpro.html ), in order to disable criminals from opening new credit accounts in their victims' names.