Customer Authentication Tips for Safer Holiday Shopping


The holiday shopping season represents a major chunk of annual revenue for retailers in virtually every sector. Per the National Retail Federation, sales grew over 14% to nearly $900 billion in November and December 2021; if they grow at the same rate this year, holiday retail sales will top $1 trillion in 2022. The holiday spirit, fueled by the rush to catch Black Friday bargains, has everyone spending, and $226 billion of these sales are happening online.

‘Tis the Season for Hacking

While it’s a great season for retailers, it’s also a cash-in season for hackers who take advantage of the hype. Their scams include fraudulent giveaways that harvest user details, fake firms that never supply goods or formjackers and card skimmers that insert malicious code into e-commerce sites. However, phishing, an old cybercriminal favorite, will still be the most prominent attack this holiday season. 

Phishing, especially with the exceptional rise in cheap and easy-to-use phishing-as-a-service kits, will disrupt plans, cost money and generally try to ruin the holidays for retailers and consumers alike. A typical attack sees the victim opening an email impersonating a trusted retailer, like Amazon. The email looks legitimate, except the link provided within it leads to a spoofed site where the attacker can steal the user’s login details and hijack their account. 

Why you Need Better Customer Authentication

Consumers are growing more aware of the dangers of online shopping. A recent survey by TransUnion found that the majority (54%) are concerned about being victimized by fraud this holiday season — up 17% from 2021. Confidence in the security of a retailer’s customer authentication processes directly affects consumers’ willingness to do business with them. The same survey reported a 40% increase in consumers stating that they would abandon a purchase due to lack of sufficient security. 

For retailers, providing more secure customer authentication isn’t just about allaying consumers’ fears, it’s about protecting their own business. A successful phishing attack on a customer can mean lost income due to redirected purchases and fraudulent orders, reputation damage and potential…