If credit card details are compromised, shoppers will not return to do business

New research commissioned by Semafone® has revealed that the overwhelming majority of people would not do business with a company that had failed to protect its customers’ card data. In the survey, conducted by OnePoll, 86.55% of 2,000 respondents stated that they were “not at all likely” or “not very likely” to do business with an organisation that had suffered a data breach involving credit or debit card details. The proportion of women expressing this view was 91.48%, which was markedly higher than the figure of 81.93% for men.

The survey also revealed that other types of data breach would drastically erode customer confidence. Below are the percentages of people who stated that they were “not at all likely” or “not very likely” to do business with an organisation which had suffered breaches involving the following types of personal data:

• Credit or debit card details 86.55%
• Home address: 82.95%
• Telephone number: 80.10%
• Email address: 76%

Tim Critchley, CEO of Semafone, commented, “These figures serve to underline what we should already know – that the reputational damage suffered by companies who fail to protect personal data can translate directly into a loss of business. The protection of card details is no longer simply a matter of best practice – the economic consequences of a failure to do so are potentially devastating for a business of any size.”

The research findings coincide with news that the European Parliament has voted to approve the EU’s new data protection legislation, which brings in a number of serious measures in favour of customers. These include a potential fine of 5% of gross revenues for companies who fail to protect customer data adequately, and the requirement to inform local data protection authorities within 24 hours of any breach.

“I can’t see how any organisation can continue to ignore the increasingly loud demand from customers to keep personal data safe,” continued Critchley. “Our research shows how seriously the public takes the safeguarding of its data, and the new data protection legislation makes effective security even more imperative. Not only will offending companies face the financial penalty of a fine, but they will suffer the immediate negative publicity that comes from the 24 hour disclosure rule. I think we are going to see a great many companies starting to take security a whole lot more seriously. ”