Study: Identity theft worries consumers

But heightened awareness about the online danger hasn't spurred them to make better use of passwords and PINs, according to RSA Security.

Feb. 25, 2004 12:19 p.m. PT

2 min read

Most consumers do poorly when it comes to password management, making them vulnerable to identity theft, according to a new survey.

That's in spite of an increased awareness among consumers about the need to protect their identity online, RSA Security said in the study released Wednesday. That gap between the perceived risk and the strength of safeguards against it could sap customer confidence in online business, hindering companies from taking advantage of the cost-savings and revenue potential of the Internet, the security firm said.



		Get Up to Speed on... Enterprise security Get the latest headlines and company-specific news in our expanded GUTS section.

"Consumers are under the false impression that passwords provide enough security to protect personal information," said a statement from John Worrall, a vice president of worldwide marketing at RSA. "Forward-looking organizations that have a large number of people accessing electronic information--whether they are customers, employees or partners--are recognizing that more reliable forms of authentication are critical for securing important information, including personal information and corporate assets."

RSA commissioned the survey of more than 1,000 consumers, its second annual assessment of security perceptions and practices regarding identity theft and computer attacks. The report coincides with a conference on security held by the software maker in San Francisco this week.

The study found consumers are weak in the management of passwords and personal identification numbers used to make transactions online and through ATMs. About two in three people surveyed use fewer than five passwords, while more than one in 10 use only one password for everything.

About 65 percent of respondents said that they themselves were "very responsible" for protecting their identities, while 53 percent felt it was the job of the bank or the financial institution concerned. To a lesser degree, they said that level of responsibility fell to law enforcement agencies (29 percent), the federal government (27 percent) and merchants (24 percent). The survey allowed more than one response.

The study found that the number of consumers unwilling to share personal information with online retailers rose from 35 percent last year to 44 percent this year. Of the 64 percent of respondents who considered themselves "more informed" about identity theft issues compared with a year ago, nearly half said they don't consider themselves any safer, and one-quarter said they felt more vulnerable.