Unsecure Wi-Fi: We all do it, even though we shouldn’t
We all have bad habits. It’s part of what makes us human. Some of these habits are trivial, others less so…
In the world of ecommerce and mcommerce there are two things that consumers still do with alarming regularity and with potentially disastrous consequences.
The first is using unsecure Wi-Fi. It just shouldn’t be done, yet is the ultimate example of choosing convenience over security. This is the Wi-Fi that you find at coffee shops and airports. You wouldn’t wander around handing out copies of your credit card details to strangers, but when you make a financial transaction on an unsecure Wi-Fi connection, this is essentially what you are doing.
Last year, a company carried out a ‘warbiking’ study of London. Warbiking is, essentially, kitting up a bicycle with Wi-Fi scanning equipment and cycling round a large city, mapping and studying Wi-Fi networks.
Out of the almost 82,000 Wi-Fi networks scanned in London, 81.5% either had no security or had out-dated security. As part of the research, the company also set up a Wi-Fi network called DO NOT CONNECT. Over 3,000 people still connected to this network, with only 2% of them using encryption software.
The people who did this should consider themselves lucky that they only exposed their financial details to a company looking to prove a point. It could have been far worse.
The other bad habit is passwords. Every year, countless security firms issue lists of the most popular bad passwords, always featuring 123456, p4ssw0rd, qwerty, abc123 with monotonous regularity. Despite the advice to consumers to have a different password for every account and to change them regularly, this is often ignored, again for the sake of convenience.
Is there anything the merchant can do to help out with this?
In the case of the Wi-Fi networks, not much. While ‘the customer is always right’, there isn’t much a merchant can do to stop them from sharing their card details with all and sundry aside from advising them against it.
As for passwords, while there are products coming on-stream offering an alternative to passwords, it is still early days. So, for the time being, the abc123 p4ssw0rd is king.
These gaps in online security are a combination of consumer ignorance and laziness. However, online security depends on both the merchant and the consumer doing their part to combat fraud.
Although a merchant can’t change consumers’ bad habits, merchants can ensure that they are satisfying their security responsibilities. Merchants should defend their businesses and their customers’ data with the most sophisticated fraud tools available to them.
Even if consumers aren’t always upholding their online security responsibilities, merchants should make sure they are fighting fraud by ensuring they are employing the best online security measures available to them.