Data breaches have become a talking point in the consumer landscape. Thanks in part to recent high-profile cyberattacks on several major domestic retailers, customers are now familiar with hackers' capabilities and the lasting impact a breach can have on both a business and its clientele.
According to the Identify Theft Resource Center, more than 40 percent of recorded breaches this year occurred in the general business category. Merchants of all sizes need to be aware of the constant threat of a potential cyberattack, especially as hackers diversify their methods of theft. Businesses today are responsible for protecting the customer's sensitive information because they are collecting personal data to process payments in exchange for products and services.
The consequences for not securing personal details are quite severe in terms of financial ramifications and losing customers. Consumers are also more likely to discontinue shopping at a particular local business that's been breached, which can also heavily impact the bottom line. It's in the merchant's best interest to not only partner with a verified payment processor, but also educate its customers on how to take action if their sensitive data is compromised.
The Federal Trade Commission outlines four simple steps for consumers on what to do if their identity is stolen:
- Call the companies where fraud occurred
- Place a fraud alert and get an up-to-date credit report
- Report the identity theft to the FTC
- File a report with the local police department
After a consumer completes the aforementioned steps, they should do the following:
- Close new accounts opened in their name
- Remove or dispute fraudulent charges from any existing accounts
- Ensure accuracy on a credit report
- Add an extended fraud alert to existing accounts
Business plan of action
Merchants should help educate the customer on what to do if their identity or sensitive information is compromised. They should also communicate and notify consumers if they are breached. Current laws and industry regulations dictate if and when a business must let its customers know about a breach, but most consumers believe it's a merchant's moral obligation to keep them informed. In fact, a recent Experian survey found more than two-thirds of customer respondents wanted a business to explain the risks and potential harms they faced in wake of a breach. Another 56 percent added they wanted to hear all of the facts.
Businesses today share a responsibility of keeping their customers' data safe. Pairing with a trusted payment processor is a great way to mitigate the threat of fraud, but merchants still need to keep their customers informed. The financial impact from a breach is large. A business' reputation will also dramatically suffer, but the onus is on the company to educate and protect its customers from a cyberattack. People shouldn't be left in the dark when it comes to their own sensitive information.