Retailers Beware: More Than Half of Consumers Would Return to Using Cash Payments at Checkout If Merchant Data Breach Reported
1 in 5 U.S. consumers say they would stop shopping at the hacked store
SAN JOSE, Calif. – Dec. 19, 2016 – Thales, a leader in critical information systems, cybersecurity and data protection, today announced the results of its survey of Americans’ holiday shopping behavior and potential reactions to a retailer breach. The survey revealed more than half of consumers believe they would change their purchasing behavior at a retailer if they knew its systems had been hacked and credit card data stolen. Fifty-five percent of U.S. consumers would return to cash payments at checkout and 20 percent would take their shopping elsewhere.
If a retailer had been hacked and had customer credit card information stolen at some point, which of the following best describes how you would react?
- 20% - I would not shop there anymore
- 55% - I would shop there but only using cash, not debit, mobile or other payments
- 25% - I would shop and use all payment methods there as usual
Plastic Beats Paper
According to the survey, more than 90 percent of consumers who plan to buy holiday gifts will use a credit card, debit card or mobile device like a smartphone. This surpasses 56 percent of consumers who plan to use cash. Even though the use of mobile wallets is on the rise due to speed and ease of use, only 16 percent of U.S. consumers plan to use mobile payments this season.
Which of the following payment methods do you plan to use for your holiday purchases this year? (Survey allowed for multiple answers to fully capture consumer preferences)
- 59% - Debit card
- 56% - Cash
- 54% - Credit card
- 32% - Gift cards
- 16% - Mobile payment, such as Apple Pay or Android Pay
Crumbling Brick & Mortar
The switch to online and mobile device shopping and payments has gained serious ground against brick-and-mortar. In the U.S., physical stores are in the lead, but just barely. Sixty-six percent of U.S. consumers intend to visit a store to buy holiday gifts, while 64 percent will purchase on a desktop or laptop computer. One-third of holiday shoppers will use a mobile device, such as a smartphone or tablet.
Which of the following, if any, describe how you will be making your holiday purchases this year? (Survey allowed for multiple answers to fully capture consumer preferences)
- 66% - At a store’s physical location
- 64% - On a desktop or laptop computer
- 33% - On a mobile device, smartphone or tablet
- 8% - I do not plan to do any holiday shopping this year
“These survey results offer a stark reminder that a serious data breach could stop many consumers from shopping at a merchant’s store or at the very least move them back to cash payments,” said Jose Diaz, director of payment strategy at Thales eSecurity. “While the current make-up of U.S. consumer buying habits shows a slight lead for traditional approaches, I anticipate that we will continue to see greater adoption of mobile for both browsing and buying during the holidays as well as an increase in mobile wallet use over the next five years.”
The Thales eSecurity Survey was conducted by Wakefield Research (www.wakefieldresearch.com) among 1,000 nationally representative adults ages 18+ in the U.S. and in the U.K., between November 30th and December 6th, 2016, using an email invitation and an online survey. Quotas have been set to ensure reliable and accurate representation of the U.S. and U.K. adult populations 18 and older.
Results of any sample are subject to sampling variation. The magnitude of the variation is measurable and is affected by the number of interviews and the level of the percentages expressing the results. For the interviews conducted in this particular study, the chances are 95 in 100 that a survey result does not vary, plus or minus, by more than 3.1 percentage points in each country from the result that would be obtained if interviews had been conducted with all persons in the universe represented by the sample.
About Thales eSecurity
Thales eSecurity + Vormetric have combined to form the leading global data protection and digital trust management company. Together, we enable companies to compete confidently and quickly by securing data at-rest, in-motion, and in-use to effectively deliver secure and compliant solutions with the highest levels of management, speed and trust across physical, virtual and cloud environments. By deploying our leading solutions and services, targeted attacks are thwarted, and sensitive data risk exposure is reduced with the least business disruption and at the lowest life cycle cost. Thales eSecurity and Vormetric are part of Thales Group. www.thales-esecurity.com
Thales is a global technology leader for the Aerospace, Transport, Defence and Security markets. With 62,000 employees in 56 countries, Thales reported sales of €14 billion in 2015. With over 22,000 engineers and researchers, Thales has a unique capability to design and deploy equipment, systems and services to meet the most complex security requirements. Its exceptional international footprint allows it to work closely with its customers all over the world.
Positioned as a value-added systems integrator, equipment supplier and service provider, Thales is one of Europe’s leading players in the security market. The Group’s security teams work with government agencies, local authorities and enterprise customers to develop and deploy integrated, resilient solutions to protect citizens, sensitive data and critical infrastructure.
Thales offers world-class cryptographic capabilities and is a global leader in cybersecurity solutions for defence, government, critical infrastructure providers, telecom companies, industry and the financial services sector. With a value proposition addressing the entire data security chain, Thales offers a comprehensive range of services and solutions ranging from security consulting, data protection, digital trust management and design, development, integration, certification and security maintenance of cybersecured systems, to cyberthreat management, intrusion detection and security supervision through cybersecurity Operation Centres in France, the United Kingdom, The Netherlands and Hong Kong.