If online merchants can keep their sites secure, they stand to make big gains from a consumer base that is overwhelmingly willing to play its part in protecting payment credentials.
However, while nearly 80% of consumers indicate a willingness to enter a security code for their credit card online, only 57% of merchants require it for e-commerce transactions, the American Express Digital Payments Security Survey reported.
Sixty percent of merchants have reported experiencing fraudulent online sales and nearly half of consumers who shopped online in the past year report experiencing payment fraud, representing nearly 80 million people, the report said.
Incidents of fraud have reached a point where most consumers are willing to take extra measures to strengthen their online security, creating an opportunity for merchants to increase sales and build customer trust, Amex says.
"Merchants can take steps to ensure they not only are providing a smooth commerce experience for their customers but also a secure experience, whether it be online or mobile," said Mike Matan, vice president of industry engagement, product and marketing for American Express’ Global Network Business.
Consumers are willing to take extra steps for better security, with between 60% and 80% saying they would welcome CVV code requests, billing address verification, security questions, one-time passwords or building a customer profile.
"Taking these steps may enable merchants to build trust with their customers and ultimately convert more people who visit their sites into purchasers," Matan said.
In compiling its findings, American Express last month surveyed more than 1,000 consumers and 400 merchant business leaders with responsibility for customer payment decisions, data security or online sales strategy and planning.
Forty percent of consumers view online shopping as high risk, compared with only 28% that have a similar view of the risk of an in-store purchase when not using cash, the report said.
While 63% of consumers agree that businesses generally do a good job of ensuring the security of their data, 42% indicated they have abandoned an online purchase in the past year because of security concerns.
That finding should send a signal to merchants, Matan said. "Merchants who increase their online security measures may see an impact on the number of consumers who complete a sale."
Merchants intend to bolster data security, as 49% of merchants project their investments related to payment data security will increase over the next year, and 28% said they were already investing more than a quarter of their IT budgets on security.
More than 35% of consumers see the holiday shopping season as a time to increase their own vigilance around payment security, with 37% saying they would change their online shopping habits to be more secure.
While 62% of consumers said they track transactions on an ongoing basis, 38% said they review statements monthly or less frequently, the report stated. Also, 53% check a site when shopping online to ensure the site uses encryption to protect payment data.
Always a security concern, the report indicates consumers are slowly catching on that using the same password for numerous websites is not a good idea.
Forty-four percent of consumers say they use a different password on every online account, but 30% say they change passwords only once or twice a year. And 17% of consumers say they never change their banking or payment passwords.