 |
While the rest of us are enjoying the lazy days of summer, retailers are already thinking about Cyber Monday and the holiday shopping season it heralds. This summer, I’d like to make a public plea to all online retailers – in between all of the planning around holiday web store design and cyber door busters, can we talk about mobile security? I started thinking more deeply about mobile security after reading that respondents in a J. Gold survey (which RSA co-sponsored) reported losing 3% of total revenues, or an average of $92.3 million per company, to mobile ecommerce fraud. Obviously that’s not good for online retailers – nor is it good for consumers. Most of us have fraud protection offered through our banks and card issuers, so even if our card has been used in a fraudulent mobile or online transaction we rarely lose that money. Usually (and I realize there are exceptions) all it takes is a quick call to get the situation resolved. This is the free rider problem in the ecommerce ecosystem – consumers aren’t held liable. This is fair and just for a number of reasons, not least of which is the fact that compromised credit cards have usually been stolen from an entity other than the consumer (e.g., a merchant). This liability shift to merchants and issuers also encourages people to use their cards online, thus increasing revenue for merchants and issuers alike. So why am I so focused on mobile security when this is an issue that affects every ecommerce transaction? Because mobile ecommerce is one of the greatest innovations in retail and I for one want to keep the party going! I could wax poetic about the great deals I scored while waiting for my daughter at the orthodontist’s office or for cheer practice to end, but it suffices to say that if not for mobile ecommerce my online purchases would be reduced by at least half. And with nearly 28% of companies reporting that more than 50% of their revenue came from a mobile app I’m obviously not alone. In order to support a sustainable ecommerce presence, merchants have to confront fraud head on as the volume of ecommerce transactions exploded along with losses. Likewise, in order to support a sustainable mobile ecommerce presence they must confront fraud in that channel before those transactions too grow beyond expectation. So merchants please, as we start dreaming about online sugarplums dancing in our heads, turn your attention to securing that mobile channel. For starters, enroll in risk-based 3D Secure, take steps to ensure that your brand isn’t being compromised by rogue mobile apps and build strong authentication into your apps. I plan to spend a lot of quality time with my iPad on the beach this summer and you know what that means – more shopping! The post Please Don’t Take my Mobile eComm Away appeared first on Speaking of Security - The RSA Blog and Podcast. |
