As identity hacks continue, e-commerce must rethink customer data collection

The report, released by security firm Gemalto, indicated 25 million records a day were “compromised or exposed” with identity theft dominating the breach type. While social media hacks made up over half of all breaches, e-tailers were also well represented, with online divisions of Adidas. Macy’s, Bloomingdales, Sears, K-Mart and Best Buy all admitting to falling victim to cyberattacks in the last 12 months.

The state of e-commerce

More than ever, customers are turning to the online marketplace to purchase goods and services. According to Statista and eMarketer global sales will break the $3 trillion mark by 2019. The trend is expected to continue, achieving $2.8 trillion in 2018, $3.3 trillion 2019, and $4.8 trillion by 2021.

M-commerce (mobile commerce) contributes largely to this success. It accounts for 60% of the total of e-commerce sales, a 40% rise in 2017. According to eMarketer, China alone made up 67.1% of m-commerce sales worldwide in 2017. Significantly, sales are expected to nearly triple from $909.93 billion to $2.595 trillion between 2017 and 2021. Research suggests that as mobile phone use increases, customers are likely to become increasingly comfortable in making higher value purchases.

Digital identity the next phase of e-commerce

Currently, the e-commerce business has primary control over how customer data is used and stored. According to a recent survey by KPMG, less than 10% percent of customers felt they had control over the way organisations handle and use their data today. Many customers are unhappy with their data being sold to third parties.

As global e-commerce continues to gather pace, the increasing reliance on data clearly presents enormous challenges for the sector. However, digital identity technology could transform the way e-commerce operates, as embracing digital identity will release the burden of handling data, while improving the experience for customers.

Self-sovereign digital identity allows customers to take full control of their personal information and open up new potential markets for e-commerce. While security concerns are top of mind for many, some fundamentals of e-commerce should also benefit from the introduction of self-sovereign digital identity.

Abandonment rates (the inability to convert the shopping cart to checkout), for example, continue to cost businesses billions each year. According to a recent report, on average 3 out of 4 carts are abandoned — a statistic that has shown no improvement at all in the last 10 years.

The most common reasons for high abandonment rates are;

• customers need to create an account to complete a purchase
• the checkout process is too long and complicated
• the customer doesn’t trust the website with their credit card details.

E-commerce in all sectors — from fashion to retail to finance — have struggled to bridge the gap. Utilizing a digital identity solution at check outs will provide a more efficient process for the customer at checkout and consequently improve conversion rates.

User experience is always important for shoppers — but sign up, login and check out forms are annoying, slow to fill out and they typically put user experience last. Often too much information is collected from users even when it’s not required to complete the transaction. Instead, this information is for the retailer’s own statistical use, or worse yet, is on-sold to other organisations

Bad data — a customer can easily mistype an address, and thus, cause a package to be sent to the wrong place. Identity verification is a crucial element in verifying a customer’s address. A streamlined process will allow business to catch errors and therefore reduce costs.

Regulatory compliance. The General Data Protection Regulation (GDPR) which came into effect in May is the most comprehensive data privacy law in the world, and places a number of obligations on enterprises in terms of how they manage customer data.

The GDPR gives customers the right to access, correct, delete, and restrict the processing of their data, which is crucial if customers data is being used for marketing or advertising. And, although it’s an EU law, it will affect any company that is based in Europe or wants to do business with customers in Europe

Improvements like Amazon’s 2-step identity-verification feature do give businesses an additional layer of protection, however, they remain a ‘centralized’ solution which means that the maintainence and security burdens continue to land on the business. Decentralised platforms will be the key.

Self-sovereign digital identity will provide customers the tools to manage their data securely, while also incentivizes e-commerce providers to develop new sign up and checkout processes, eradicate bad data issues, and improve overall customer experience.

About the author: Barbara Marengo is a Marketing Coordinator at Sphere Identity — a company providing digital identity solutions for enterprises and individuals using blockchain technology.