1 in 3 victims of an account compromise stopped doing business with the company or site
LOS ANGELES – November 16, 2016 – TeleSign today released its Consumer Account Security Report 2016, providing insight into consumer sentiments on online security and the value they place on their digital lives. Of the 1,300 U.S. consumers surveyed, nearly a third report the value of their online life at $100,000 to priceless. Further, more than half of the respondents surveyed (55 percent) place the onus on businesses as the party primarily responsible for providing for the security of their online and mobile accounts.
“When you consider what comprises an online life – email, banking and social media accounts, personal information, photos and more – these assets are extremely valuable, even ‘priceless’ as some reported,” said Aled Miles, TeleSign CEO. “With the majority of consumers looking to businesses to keep them safe online, companies need to prioritize providing strong account security or risk losing valuable users. In fact, our report shows 1 in 3 victims of account compromise stopped doing business with the impacted brand.”
More Than Half Experienced a Security Incident
Fifty-one percent of consumers experienced a security incident in the past year, whether it was having an account hacked, password stolen, or their personal information compromised. This is in part due to a key finding of the Report that shows consumers continue to reuse passwords at an alarming rate. On average, consumers use the same password for seven online accounts – meaning that 71 percent of online accounts are protected by passwords that are used across multiple sites. Additionally, 46 percent of consumers use passwords that are older than five years.
These statistics are significant when considering the magnitude of consumer credentials flooding the market in 2016, which has already recorded the highest number of data breaches on record according to the Identity Theft Resource Center. When credentials for one account are compromised, it creates a domino effect, essentially putting all other accounts protected with those same credentials at risk of cybercrime.
Millennials Prove Most Risky
Within key demographics, the Report found that millennials (ages 18 to 35) have the poorest security habits putting them at the highest risk for fraud. Overall, 64 percent of the millennials surveyed have had an account compromised, hacked, or their password stolen while less than half (44 percent) of all other generations combined have experienced the same. Millennials were also found to use fewer unique passwords to guard their accounts, with 35 percent using only 1 to 4 passwords, versus 25 percent for all other generations.
Awareness of Two-Factor Authentication (2FA) Increases
On the upside, consumers are making strides in adopting additional security beyond passwords. Forty-six percent report ever enabling 2FA for any account, up from 39 percent in 2015, representing an 18 percent year-over-year increase. Further, of the 46 percent who have ever enabled 2FA, 77 percent turned it on for at least one new account in the past year. Interestingly, those that had at least one account compromised are almost twice as likely to enable 2FA as those who have not been victims of online fraud (60 percent vs. 32 percent).
Additional findings include:
- Eighty-two percent of consumers are concerned about online security with 88 percent concerned specifically about being hacked.
- Almost half (42%) of fraud victims say the security incidents resulted in losses.
- Only 12 percent of consumers are concerned about securing Internet of Things (“IoT”) devices, falling well behind concern for other accounts such as banking and finance accounts (87 percent) or email accounts (56 percent). This is notable in light of the recent attack targeting IoT devices, which according to experts, was the largest distributed denial of service (“DDoS”) attack on record.
- Nearly three in four (73 percent) consumers say forgetting their password is the most frustrating part of the account security process.
“With all the dangers we face today in our online lives, it’s encouraging to see that consumers are becoming increasingly aware of how to protect themselves beyond the password alone,” said Miles. “Seventy-three percent are urging companies to provide additional security such as 2FA. Turning it on is a step everyone can take today towards keeping their accounts secured and their online lives safe and private.”
- For full access to the TeleSign 2016 ‘Consumer Account Security Report,’ please visit: telesign.com/casr2016.
- To learn more about protecting online accounts, visit the Ultimate Guide to Two-Factor Authentication at turnon2fa.com.
# # #
TeleSign’s account security platform is trusted by the world’s largest brands to prevent online fraud. Combining real-time data & analytics, phone verification and two-factor authentication, TeleSign helps customers secure billions of end-user accounts from compromise. To find out more, visit http://www.telesign.com or follow us on Twitter – @TeleSign.
TeleSign commissioned Lawless Research to design and conduct a study about consumer online and mobile account security. Between August 31 and September 5, 2016, 1,300 adults who have a mobile phone and at least one online account completed a 10-minute survey. The online survey was hosted by Qualtrics and Survey Sampling International provided respondents from their online panel. Tests of significant difference were conducted at the .01 level (99% probability that the difference is real, not by chance).