Abstract
Overview
In light of the TJX saga, issuers will no longer passively accept the costs
incurred from lost cardholder data that is no fault of their own. Merchants,
on the other hand, view PCI compliance as costly and burdensome, and of little
value beyond “compliance”. Rather than point fingers and assess
blame, all industry participants must understand the necessary steps to secure
cardholder data efficiently and cost effectively. Furthermore, it is
imperative to recognize how consumer behavior is affected by data breaches.
This report provides an in depth analysis of consumers’ attitudes and
perceptions regarding data breaches paired with a case study of the TJX data
breach. This detailed analysis of extensive consumer research delineates
specific action plans for merchants’ and issuers’ communication
and security policies.
Primary Questions
- How do consumer perceptions match the reality of data breach sources and
results?
- Who do consumers hold responsible for protecting their security interests?
- Who do consumers believe is doing a good job of protecting their security
interests?
- What do consumers believe merchants and issuers must do in the event of a
data breach?
- What best practices can affect real and perceived security?
- What can lessons can be learned from the TJX data breach?
View Cart
