It’s a season of good cheer for e-retailers. The IMRG expects £7bn to be spent online in the 10 weeks in the run-up to Christmas Day, with £3.5bn of this coming in December alone. Overall online sales in the UK will rise by 40 per cent to £42bn in 2007, up from £30bn this year.
Through Q1-Q3 2006, total U.S. e-commerce spending rose 19% versus 2005 to $122.1 billion. But it could still be higher: Gartner say $2 billion has been lopped off of e-commerce this year after a survey of 5,000 online U.S. adults in August 2006 found that security breaches — both online and offline — had a significant impact on buying patterns and use of Internet banking. Nearly half of those surveyed (46%) said concerns about theft of information, data breaches or Internet-based attacks have affected their purchasing payment, online transaction or e-mail behaviour.
So it’s time for action. But what? I’ve always been an advocate of getting some secure hardware into the loop. But what? Yet more 2FA roll-outs, this time in Switzerland, show one way forward. Banks there will be providing customers with smart card readers (for DPA) for free. But this kind of 2FA doesn’t solve every problem: we really need it to be a stepping stone on the the way to some kind of end-to-end PKI-based solution.
I hope no-one will mind me plugging that I will be presenting on combatting CNP fraud at the Plastic Card & Online Fraud conference in London in January.
My opinions are my own (I think) and are presented solely in my capacity as an interested member of the general public. [posted with ecto]