Karen Webster

The Dangers of Listening To Consumers

If you want to create a digital commerce strategy that maximizes your chances of adding value to the consumer and merchant experience on the Web and/or via the mobile phone, whatever you do, don’t ask consumers what they think.

Better to watch what they do instead.

According to Pew Research Center, 90 percent of consumers said that it’s only a matter of time before their online information is compromised or stolen.

Similarly, Gallup surveyed 11k consumers at the end of 2014. And a paltry 20 percent of Americans said they trust the companies they do business with to keep their personal information secure – something that has nosedived by 55 percent, Gallup says, in the last year.

Yet, 73 percent of consumers that traverse the Web use duplicated passwords across multiple sites. Nearly 25 percent use passwords that are more than a decade old and half use a password that hasn’t been changed at all in 5 years. Practically no one ever reads the privacy policies that dictate how companies they opt-into can use their data.

A similar poll by Pew in 2014 had similar findings but with a bit more specificity. Nearly 70 percent of online adults said that they didn’t trust the security of the data maintained by social media sites, and two-thirds of them didn’t believe that search engines kept their data secure or private. Concerns ranged from selling their data, posting on their walls or news feeds without permission, and/or spamming their social networks/friends.

Yet, 77 percent of consumers use social logins (Facebook and Twitter) to access websites — an increase of 45 percent since 2012 — because it’s convenient.

Earlier this year, Bizrate talked to more than 6k consumers and reported that only 5 percent of those who own a mobile phone said they trusted tech companies like Apple, Google, Facebook and others providers to provide them with a mobile payments app. Their expressed preferences were, overwhelmingly, their bank at 84 percent.

Yet consumers are using those services for payment and using some of them, like PayPal, a lot. The bank-branded mobile payments apps outside of P2P services like clearXchange that have launched have largely failed to gain any traction – if you can even find one to use.

The previously mentioned Gallup survey also said that 91 percent of consumers only trust their banks to keep their personal data safe. That’s not surprising – anyone who uses online and mobile banking can attest to the feeling of security when enabling transactions via digital banking channels. Fewer than two-thirds of those consumers say that they feel the same way about the retailers and credit card companies they do business with.

Yet, a big chunk of the commerce taking place today online is done by using both card on file options at Web merchants and credit cards to check out online with a vengeance.

And, online commerce is exploding.

ECommerce, as a percent of total retail sales, is already ~10 percent, which is not a small number when you consider all of the stuff that probably won’t ever be bought online. And that figure understates the momentum and impact digital is having in certain merchant segments where mobile devices are not only giving more people more access, but tipping the online/offline convergence scales dramatically. In fact, a report published by the NRF in January of this year projects that over the next three years, sales made via mobile devices will approach $640 billion – which is the entirety of the entire eCommerce market in 2013.

So are consumers lying? Or deliberately trying to mislead surveyors about their digital shopping and buying preferences?

Of course not.

But what consumers say when asked (about most anything for that matter) and what they actually do turn out to be entirely different things. After all, when asked by anyone, “Are you concerned about security when shopping online?” what consumer wouldn’t reply, “Well, of course I am.”

And that’s the big disconnect that innovators – established and emerging – must navigate as we enter the next phase of digital and mobile payments. A phase that will help determine how a consumer’s digital commerce identity takes shape, and who the consumer decides is best suited to enable that for them. It is also a reason why you should be skeptical of most things you read that are based on believing what people say in polls—garbage-in, garbage-out, as the statisticians say.

Now, to be entirely fair, part of the big disconnect that consumers are expressing is thanks to the great job that the payments ecosystem has done over the years to train consumers that the security burden isn’t on them when transacting anywhere – online or offline. Not to mention the overarching confusion they have about payments, in general.

And the fact that there aren’t many choices for consumers to choose from that they can use consistently across all of the places they shop, the various channels at which they currently shop and the various devices they use as part of their shopping journey.

On the security front, banks have made it very clear to consumers that they’re protected – zero liability – if anything happens to their card and/or if they have a sketchy transaction with a merchant. It’s why consumers not only use their cards online routinely but feel comfortable keeping a “card on file” with the merchants they shop with regularly. Since most consumers don’t really understand the difference between Visa and MasterCard and Bank of America and Citi (despite how clearly each party attempts to explain the difference), the card networks get to come along on that ride.

PayPal was invented to solve a security and privacy problem of doing business with a small seller that a buyer had never heard of. For eBay to ignite at all, it needed a way to convince consumers that they would be able to pay a seller without a problem – or incurring a liability – if something happened. Seventeen years and 165 million accountholders later, PayPal has created a digital payments method that consumers feel safe using across any digital channel.

Amazon, when it launched, had to solve an entirely different problem for its customers. Its initial problem wasn’t safety and security, but getting a consumer to go through the pain of actually checking out back in the days of yucky, slow dial-up Internet connections. One-click – easy and simple – was its value proposition to consumers, one that over time grew to include massive product selection, as well as fast (and free) delivery. Today, as one of the world’s largest online retailers, Amazon clocks 175 million visitors a month to its site, more than twice that of Walmart.com, and is stealing market share from all flavors of retailers right and left. Its Amazon Prime members, estimated to be 40 million, are totally hooked, now converting a visit to a sale 74 percent of the time – more than 20X what happens on most other websites. Authentication, however, remains nothing more than a password and then a single click to check out.

Now all of these players have had the advantage of riding the online and digital wave with the consumer pretty much since the get-go. This decade-plus head start has helped them gain the trust of the consumer by being a familiar part of their online and digital shopping and payment experience year in and year out.

But as we fast forward into a world that will accelerate the proliferation of digital commerce channels – and digital commerce enablers – who will the consumers trust to be their digital commerce identity in the years to come?

If you believe what consumers say, when asked, that will be the banks. But remember what I said about surveys that ask about what most consumers believe! Most banks are nowhere with respect to mobile payments and commerce. And with a few exceptions that you don’t even need all of the fingers on one hand to count, they aren’t likely to get anywhere in any sort of timeframe that’s relevant.

So, that then begs a few big questions.

What third-party intermediary consumers will choose to take the digital commerce journey with them? And what do they want to have included as part of this digital identity?

Contenders abound – and competition is emerging to give consumers a variety of choices when deciding.

Mobile OS options like Apple and Android Pay are hoping they win big. But both have to persuade consumers that storing credentials on the phone is safe – tokenization notwithstanding. Consumers, who are still confused what it means to be asked “debit or credit” when they swipe their debit cards, may not entirely understand that if they lose their phone or misplace it, that their tokenized commerce identity remains safe. Android Pay has to overcome the hurdle that their transaction and card data will end up on Google somehow (hey, don’t laugh, it’s why Google Health cratered – no one wanted Google to have their personal details for those same reasons).

That’s the hurdle that Facebook and social networks have to overcome, too. And the more that consumers see retargeted ads in their news feeds, the less comfy they feel that what they might buy via a Facebook-enabled payments scheme wouldn’t end up there too. Facebook has struggled over the years to get traction around commerce at all – its social commerce experiments have failed as has its foray into Gifts. Consumers may like the convenience of logging onto websites using their Facebook social ID, but having their payments credentials tied to that is an entirely different matter.

As the granddaddies of the Internet commerce world, PayPal and Amazon have a relationship with the consumer that’s both familiar and trusted, and works across any digital channel. Their individual challenge moving forward, is – ironically – now the same: acceptance in as many merchant environments as they can muster, and fast, including in-store, getting consumers to use it for payment at those new points of acceptance and clearly differentiating what they do from others – and each other to get consumers to establish preference.

Then there are the card networks whose digital payments strategies are all about playing the field. At the same time they’re embracing third-party intermediaries and enabling those schemes with their respective tokenization initiatives, they remain pedal-to-the-metal seeking acceptance on merchant sites and working with their issuers to enable additional utility for the cards that they enable as part of that checkout experience. I wrote in my piece last week that the card networks have the potential to elbow aside the online ad giants over time — if they are successful in their efforts to use their transaction data and develop the ecosystem of innovators to make their cards useful. The networks should be trading on the fact that consumers know and trust their brand and double down on acceptance in the digital channels. And, if I were most banks, I’d let them – and give up on trying to be a standalone mobile payments brand.

Merchants, of all of the stakeholders, have the biggest rock to push up the hill since they’re the names most often associated with breaches. It makes it hard, if not impossible, for a merchant-branded scheme like a CurrentC/MCX to scale unless it becomes part of another scheme that’s both familiar and trusted. It’s also why you’re starting to see factions like Best Buy, Target, Dunkin’ – and I’m sure others soon – peel off and join other mobile and digital payments schemes.

As far as what consumers want included as part of the commerce identity, that’s a more complicated issue.

Starting with whether consumers will have only one, or whether, like payments methods, consumers will have several that they use where and when they are given the best incentive to do so.

Some factions also believe that having all of the things connected to a consumer and her commerce activities is what will make a commerce identity most useful – things like shopping lists, recommendations based on past behaviors, multiple payments methods, loyalty memberships, gift cards and coupons – all of the things that eliminate the friction of having to keep track of all of those things separately.

But as much as that eliminates the friction, it consolidates everything that’s relevant into one place that consumers may feel puts them at risk if something were to happen. Shutting off a card and replacing it with a new one is one thing, having to rebuild a consumer’s entire commerce identity is an entirely different – and much more complicated – matter.

Innovators have always had the problem of threading the needle between what consumers say they’ll do and then what they actually end up doing. It’s why Steve Jobs trashed the notion of consumer research that asked consumers what they might use and instead gave them what he thought would “wow” them. Jobs took the position that it was up to him and his team to look at the breadcrumbs consumers were dropping all over the place and to use them to knit together a solution that would excite and inspire.

Oh, and lest you think that any of what consumers express anxiety around is new or because mobile is now in the mix or that there are more places to shop on the Web or because there is more hype about security and hacks and breaches, 92 percent of consumers expressed the same concerns over privacy and security in 1999 according to an FTC report published around the same time. Those concerns helped foster policy changes, best practices and innovations to mitigate the downside of these privacy and security concerns but have done nothing to change how consumers answer the same question 16 years later – “do you have concerns about security when transacting online?”

As the song goes, everything old is new again.

Ask the same question, get the same predictable answer. But watch those same consumers 16 years later to see what they do, and the insights you glean will be entirely different.

That’s actually something we’re doing now with a partner in the commerce space, that I can’t disclose just yet. We’re in the process of looking at a bunch of breadcrumbs for a bunch of consumers who traverse the online world to understand what their commerce footprints say about the kind of commerce identity that would be most useful to them – and how many they might envision having. Armed with that information, we’ll be teasing out the insights that will help all of us understand what they value and then which of the many contenders are well-suited or positioned already to deliver upon those requirements. We’ll be releasing this information for the first time at our Retail Reinvention program on Aug. 4 in Chicago.

Drop me an email if you’d like to be part of the pre-briefing on Aug. 4 before the results will be made public.



Digital transformation has been forcefully accelerated, but how does that agility translate into the fight against COVID-era attacks and sophisticated identity threats? As millions embrace online everything, preserving digital trust now falls mostly on banks and FIs. Now, advances in identity data and using different weights on the payment mix afford new opportunities to arm organizations and their customers against cyberthreats. From the latest in machine learning for fraud and risk, to corporate treasury teams working in new ways with new datasets, learn from experts how digital identity, together with advances like real-time payments, combine to engender trust and enrich relationships.

Click to comment