Foxwood Online Marketing

By the way, this report is not about the workplace but I liked the image.

I discovered an interesting survey about the difference in online security perceptions between Generation Y, A.K.A. Millennials, and Baby Boomers from Mashable.  After a little digging I found the entire report on the ThreatMetrix website.  This study was of people in these 2 groups who are active users of the Internet.  On average they spend 24 hours per week with 57% making purchases online daily or weekly.  In spite of this 79% have either some (53%) or serious (26%) concern about fraud when shopping online and 72% are concerned about becoming a victim of online fraud.

The key differences between Boomers and Millennials are:

• Boomers are more concerned about becoming a victim of online fraud. 
• Millennials are more likely to see the security of online commerce as a factor in choosing or using an online merchant.
• Millennials are more likely to own and use a smartphone for mobile payments and other commercial transactions.  Boomers who do own a smartphone are more concerned about smartphone payment security.
• Millennials are more likely to believe fraud risk on mobile devices is lower than laptops or desktops when shopping online.

The results are not totally logical.  Boomers are more concerned about becoming a victim of online fraud but are less likely to consider security as a factor in choosing an online merchant.  It's as if Boomers who shop online realize the risk is higher and are willing to take that chance but not factor in risk when choosing a vendor.  Not that most Boomers or Millennials would be able to identify a site's security strength.  While you can look for security-related patches, who really knows how to judge this?  It's not surprising that Boomers own fewer smartphones than Millennials.  The surprising fact is that Millennials believe fraud risk is lower on a mobile device.  Being more tech savvy you would think they would be aware that many people do not implement security features on mobile devices and there have been many articles concerning security risks from downloaded apps.  There are also devices which can breech security or clone a smartphone if the perpetrator is in close proximity to the user.

My professional experience with security was in 2 areas.  As the implementer of an eCommerce application for a $6B division in 1997, I learned that security added at least a year to the project development time.  The security "nazis" as we called them were a strange breed.  They were into power and seemed to love flaunting it.  Junior level security employees could back down senior level management and seemed to look for these conflicts.  However the offset to their power was their risk.  Should any security breech occur, every one of the security team that signed off on the application would be fired. 

My other experience was when I consulted for a Wireless LAN company recently.  There we had to not only worry about WID (Wireless Intrusion Detection) but WIP (Wireless Intrusion Prevention) which disables any Access Point not recognized as part of the platform.  Here's an example of WLAN fraud.  When businesses charged for wireless access, a thief would sit outside the business in a van.  He would intercept your log-in and claim that the link was broken and asked for your credit card number again.  Other cases involved hacking in through unauthorized Access Points in a business to break into the corporate data bases to capture all the credit card numbers.  What happens in these cases is an employee who did not have good access to the company WLAN would bring in a cheap Access Point thereby opening the network.  This is where WID comes in now.  The interesting fact about wireless fraud in businesses is that there is less serious instances in wireless than in bad guys who figure some way to get in the building and go through an employee's computer.  That's because businesses perceived higher risk from hacking communications going through the air than through a wire which required the WLAN makers to develop better security to break into the market.

Frankly I was surprised that there were not more differences in security concerns between Millennials and Boomers but I guess that's because both groups rate the risk similarly.  That is, the risk is low to the individual, there are security processes built in from credit card companies and banks, and the actual amount you would be liable for is small.  That factored against the convenience and cost savings of shopping online means we are all willing to take on more risk.  I also think that we are rapidly moving down a path where we have fewer and fewer privacy rights which adds to security risk.  With convenience comes risk.  It is a trade-off most of us are willing to accept regardless of age.