Retailers need to do away with stereotypes about digital literacy and understand that all their customers are wary of online security. Mary Winter explains.

Two weeks ago, a criminal defrauded my credit card for $2,138. It appeared on my transaction history just after I had been shopping online. I hadn’t even entered any details from my card. They billed me twice for nothing.

I rang the bank and they were familiar with the phoney website. They cancelled my card and I suffered for a few days before receiving another card which I needed urgently.

The bank explained that this was not an isolated case in regard to the phoney website. They told me the case would take four to six weeks to review and there was no guarantee I would get my money back. They also informed me that my details would be put on a blacklist to protect other retailers and I may not receive services from certain suppliers in future.

This is the second time this has happened. I am left feeling insecure; fearful of spending online, distrustful of credit cards and shy of smaller online retailers.

I fear long-term consequences.

I know I am far from an isolated case. In recent focus groups I have conducted with consumers, cyber security is a hot issue being discussed in earnest, particularly after the Medibank and Optus data breaches.

To help overcome these concerns, our research suggests retailers should embrace the following issues:


It is typical for businesses to hide their ‘inner sanctum’ opting not to reveal their inner workings. Largely, consumers have no idea of what is really going on behind the scenes.

Even though we are heavily invested in organisations such as banks and superannuation companies we don’t really know what they are doing with our money.

This lack of transparency is quite common for brands as it makes them look sharp, clean and efficient. However, the glowing external veneer is no longer reassuring. The cracks in bureaucracies have been exposed.

Organisations have also kept their inner processes close because they assumed they were boring and not newsworthy. This is changing.

Transparency is cool. It is worth making a song and dance about your cyber security story. In this environment, only exposure will reassure, not cover-ups.


For decades the older and younger generations have been stereotyped against technology use. Often the first to embrace certain social media platforms, the young have been seen as digital natives and inherently trusting of the internet. Older people have been stereotyped as lacking tech skills.

I have seen these stereotypes challenged in research again and again. For example, retirees can be addicted to their computers and very online savvy as they have time to learn and experiment.

It is also a stereotype to think that one life stage is more cynical about the web than others. Some people think older people develop greater cynicism as they mature through life experiences. Another stereotype is to believe that youth are cynical because they do not see society supporting them as well as previous generations.

When it comes to cyber security, all age groups are cynical. The issue is simple regardless of your age: the web is hackable. If it is online, it can be hacked.

Retailers with a younger market cannot assume they will be more trusting. Older consumers cannot be assumed to be less trusting.

The online environment cannot be trusted and retailers must be clear about what they are doing to keep customers safe.

Bigger may no longer be better

Generally, people trust the government more than the commercial world. It is perceived to have the citizen at heart. The government is also big and resourceful. We are inherently wired to give it credit for strength and reliability because psychologically, that’s what we need.

Big entities are also perceived to have the resources – the manpower and the intelligence – to have better cyber security. Smaller organisations are perceived to have fewer resources. This is perhaps why I subconsciously feel nervous about shopping with smaller retailers after experiencing credit card fraud. Somewhere in the back of my mind, I imagine little retailers to be less resourceful and vigilant with my details.

How long can the belief that bigger is safer last? Medibank and Optus are large organisations.

Big can mean slow to change, slow to observe problems and slow to address them.

Projecting an image of big and powerful is not likely to make consumers feel safe. Only transparency and sold proof with do that.

Overall, this is a time for reassurance and support. Retailers should tell the community what they are doing to make things more secure and educate consumers about what they can do to protect themselves.

This issue is not going away so those who own it will build credit for the future.

As for me, after being burned twice by these criminals I’m now being overly cautious in this environment. Regaining my trust may be the biggest challenge for any online retailer.

Mary Winter is the Insights Director at Principals.

This article first appeared in Inside Retail

Contact us to learn how Principals can make your brand a force for positive change.