Javelin Strategy & Research, March 2007, Pages: 35
In light of the TJX saga, issuers will no longer passively accept the costs incurred from lost cardholder data that is no fault of their own. Merchants, on the other hand, view PCI compliance as costly and burdensome, and of little value beyond "compliance". Rather than point fingers and assess blame, all industry participants must understand the necessary steps to secure cardholder data efficiently and cost effectively. Furthermore, it is imperative to recognize how consumer behavior is affected by data breaches. This report provides an in depth analysis of consumers' attitudes and perceptions regarding data breaches paired with a case study of the TJX data breach. This detailed analysis of extensive consumer research delineates specific action plans for merchants' and issuers' communication and security policies.
Primary Questions answered
- How do consumer perceptions match the reality of data breach sources and results?
- Who do consumers hold responsible for protecting their security interests?
- Who do consumers believe is doing a good job of protecting their security interests?
- What do consumers believe merchants and issuers must do in the event of a data breach?
- What best practices can affect real and perceived security?
- What can lessons can be learned from the TJX data breach?
