As companies work to define an exceptional customer experience, my guess is few of them think about the security of the customer and their personally identifiable information (PII). While consumers are willing to trade privacy for convenience, is it incumbent upon application providers to provide secure apps.
When we buy a product or service from a manufacturer, we do so with the assumption that the product will solve a problem. But what if it creates one with unforeseen circumstances?
Seventy-seven percent of applications have known vulnerabilities. Based on my interviews with hundreds of IT executives, they are not surprised. Organizations put much more emphasis on getting apps to market and monetizing them than ensuring they are secure.
Developers are rewarded for releasing applications as quickly as possible, without regard for the security of the application. Until consumers start worrying about the security of the apps they use and foregoing those apps that do not value the privacy of their information, we can expect more egregious breaches of B2B and B2C data.
While it’s not pleasant to think about, caveat emptor. The emoji keyboard that pops up on your phone has a vulnerability. The key fob to your car is easily replicated to steal your car. Hundreds of mobile websites and apps leak PII.
What’s a consumer to do? Ask questions about how the items they are buying are being secured. By asking questions, we begin to let manufacturers and solutions providers know that security matters and will be part of our purchase decision.
We know 55 percent of consumers are willing to pay more for a better customer experience. How many more are willing to pay for a better customer experience that’s also secure?
We’re in an ongoing battle with hackers to develop and deploy secure apps that protect our PII. It is incumbent upon us as consumers to hold suppliers accountable for the products and services we buy.
This goes for the security of our infrastructure, medical devices, as well as our cell phones. It’s a matter of making security part of the product requirements upfront and then employing security testing throughout the development process.