LONDON, UK – 29 June 2016 – SecureAuth Corporation, the leader in adaptive access control, today announced survey findings revealing that Britons have an extremely lax attitude towards online security and may not be aware of the risks when using public WiFi. This drives a detrimental risk to online security for businesses, as well as personal online security. Results showed a staggering 71% of participants would choose to improve internet speed over personal online security (29%), whilst 3 in 5 Brits are happy to share personally identifiable information (PII) over public WiFi.
A deeper dive into the demographics of the data reveals:
• A third (34%) of women would choose to improve personal security over internet speed, 70% more than men (20%)
• Millennials are three times more likely to want faster connectivity than better online security (76%)
• Generation X and baby boomer generations are more security-conscious with more than 1 in 2 (54%) opting to improve personal online security rather than internet speed
When it comes to using public WiFi networks, it seems that Brits aren’t all that clued up on the security risks. While the majority of participants felt safer when credentials (such as username or password) are required to access public WiFi networks, a shocking 23% said they feel secure when no details are required to connect. The truth is that no public WiFi network is secure as many people within a certain distance can gain access, and each person has the potential to read data by means such as network sniffing or third-party data gathering for example. In fact, Brits are ready to voluntarily give up information as 69% said they would enter their email address and one fifth (20%) would give up their home address to connect to public WiFi.
Whilst connected, almost half (49%) use public WiFi to shop online and more than 1 in 3 (36%) to do their banking – both of which involve credit or debit card transactions. Research also reveals that 28% of people access work emails whilst connected to public WiFi, serving as a reminder that user behaviour isn’t just a personal security issue but also a very real threat to businesses.
“With one WiFi hotspot for every six people in the UK , there is no shortage of opportunity for bad actors to take advantage. In 2015, there were more than 2,000 confirmed breaches and it’s estimated that 63% of those attacks leveraged stolen credentials. Whilst not all of these attacks took place over public WiFi, clearly it is a window of opportunity for bad actors and there is a need for more consumer education around online security,” commented Craig Lund, SecureAuth CEO.
Sharing isn’t always caring
The survey found that almost 3 in 5 (59%) Brits are still disclosing personally identifiable information (PII) over public WiFi such as:
• Their address (40%)
• Their account passwords (35%)
• Credit/debit card number (27%)
• Passport number (9%)
The inherently open nature of public WiFi means users are at greater risk of data theft. When theft of PII occurs, individuals are often left to manage a myriad of problems. They can include stolen identities, damage to one’s personal financial posture (owing to incidents such as the opening of credit cards in one’s name) and even data being held for ransom.
“Users will always take the path of least resistance and companies can’t rely on individuals to take adequate measures,” continued Craig Lund. “Businesses can make it much harder for criminals to make use of stolen credentials by implementing adaptive access controls to protect their corporate network should login details be compromised in an attack, whether through employee fault or otherwise.”
Outside of the statistics listed above, other telling findings include:
• Respondents over the age of 45 are more likely to choose an increase in personal security (54%) than faster internet speeds (46%)
• Young people are the most likely to share personal information online – 64% of those aged 16-24 have shared PII whilst connected to public WiFi
Craig Lund’s top tips:
• Businesses should implement methods of strong authentication and be performing risk analysis as part of the authentication process
• Don’t disclose personal information such as bank details or an address when connected to public WiFi
• Consider using a virtual private network (VPN)
• Always use a private internet connection where possible
• Minimise risk by avoiding reuse of passwords across multiple online services
• Where possible, make use of two- or multi-factor authentication
SecureAuth is the leader in adaptive access control solutions, empowering organizations to determine identities with confidence. SecureAuth® IdP provides authentication security, Single Sign-On and user self-service tools together in a single platform, allowing strong identity security while minimizing disruptions to the end-user. SecureAuth IdP is currently protecting over five million users worldwide. For the latest insights on adaptive access control, follow the SecureAuth blog, follow @SecureAuth on Twitter and on LinkedIn, or visit www.secureauth.com.
SecureAuth® IdP is a registered trademark of SecureAuth Corporation in the United States and/or other countries.
i Research commissioned by SecureAuth with OnePulse in June 2016. 1,498 UK adults were surveyed.
ii Calculated by data from The ONS and iPass WiFi Growth Map
iii Verizon 2016 Data Breach Investigations Report – http://www.verizonenterprise.com/verizon-insights-lab/dbir/2016/