No matter what part of the payment industry you’re in, earning and retaining your customer’s trust is paramount. In light of numerous data breaches and even government spying, companies the world over have to work harder than ever to earn their customer’s
trust –especially when it comes to protecting their personal data and privacy. This fact was made clear in Unisys’ annual
Unisys Security Index Report released last month.
Respondents in the Unisys survey were asked which of three types of organizations they trusted most with their personal data. Although financial institutions came in at the top of the list, nearly half (47%) said they didn’t feel confident that companies
in the Financial Services sector could handle and protect personal information. The public sector was ranked above private companies and service providers, however, just 16% expressed confidence in mobile phone, TV and energy providers (a significant 15% of
people said they trust none of these sectors with their data). For me, this revelation is truly troubling because I believe that the mobile phone is positioned to assume a central role for mainstream banking and payments, a trend that researchers
Gartner and
IDC have previously confirmed. The rating ascribed to the mobile phone operators must surely give the banks cause for real concern. As the mobile phone becomes the converged delivery channel of choice for consumers, the banks could see their own ratings
slashed.
As an industry, clearly, we must address this consumer mistrust and lack of confidence if we are to enable the widespread adoption of electronic and mobile commence, two areas that represent the future of the payments sector. So the question we must ask
is this: “How do we demonstrate our commitment to protect customer’s data privacy and build their trust?”
The simple answer is we must collectively work together as an industry to define best practices and then adhere to a clearly-defined set of metrics that holds each of us accountable for our actions. While this may seem a daunting task, much of the groundwork
has already been laid and the precedent is set. For example, the European Union has been forging ahead with its
plans for safeguarding the privacy and data protection of its citizens (with renewed urgency in the light of the Snowden revelations). In the EU, the
EuroPriSe initiative, and their “European Privacy Seal” program, is an excellent way for an organization to demonstrate its commitment to data protection and data privacy, and is open to any organization whether
based in the EU or not. EuroPriSe certification guarantees compliance with EU Data Protection and Data Privacy legislation, and is a great position from which to establish compliance with all major jurisdictions worldwide.
As Ronald Reagan once said, “Trust but verify”, and in the light of the scale of data protection breaches, people are much more wary about trusting any organization. The burden of proof is on the organization. Through independent groups like EuroPriSe and
an industry commitment to formal privacy certification programs, we can not only “talk the talk” about the treatment of customer data, but we can “walk the walk”, which after all, is the only true way to earn trust and bridge the confidence gap.