By Shelia Watson
Contributing Writer

For businesses hoping to sell their wares online, the picture painted by a recent survey is not pretty.

The poll of 5,000 U.S. adults showed that in 2006 alone, retailers lost nearly $2 billion due to consumers’ fears regarding security. Half of those losses resulted from people who avoid sites that appear less secure, with the rest from those who are wary of conducting e-commerce business at all.

The report, completed by Gartner Inc., a Stamford, Conn.-based IT research and advisory group, also noted that the impact of eroding consumer confidence extends beyond online purchases and into both e-mail marketing and online banking, with about 33 million people avoiding online banking due to security concerns.

Those consumers and Gartner aren’t alone in their concerns. A report released last month by the Government Accountability Office, the research and investigation arm of the government, showed that cyber-crime in its various forms—among them identify theft and phishing—are costing the economy about $117.5 billion per year.

And the incidents of cyber-crime are fueling the fears of doing business online, the report concluded.

In fact, those figures may be worse than estimated, according to David Powner, GAO’s director of IT Management Issues, who authored the report.

“Whatever is reported by organizations, most of that will likely be underreported because of disincentives to report losses,” he said in a statement.

The dismal news comes just as retailers are gearing up for more issues with security, as the deadline looms for them to comply with credit card security rules from the Payment Card Industry Security Standards Council.

PCI was formed by the major payment card brands American Express, Discover Financial Services, JCB, MasterCard Worldwide and Visa International. The 21-member board of advisers includes a range of companies that are immersed in the financial world, including ExxonMobil Corp., PayPal Inc. and McDonalds Corp.

PCI compliance is meant to enforce strict rules regarding transactions that the payment card companies hope will reduce instances of fraud and security compromise.

Most retailers have until Sept. 30 to meet PCI compliance, although July 31 was the deadline for Level 4 retailers—those with fewer than 20,000 credit card transactions per year—to report. Those retailers represent only about one-third of all Visa transactions, although they account for about 80% of Visa’s credit card’s data breaches, according to PCI documents. Retailers in levels 1, 2 and 3 must meet the Sept. 30 deadline.

Another Gartner report released last month showed that the number of retailers reporting has increased steadily over the past few months, with a few of them expressing concerns that the requirements are too stringent.

SUBSCRIBE | REPRINTS | CONTACT US

Phone: 843-849-3100    Fax: 843-849-3122