Our need for ease and convenience is putting our digital identities and security at risk. A new BehavioSec report finds that 37% of us have shared our personal security data with a friend or partner. Of this group, 87% said that they trust the recipient with this information.
This trust can be explained by two key factors – convenience, and a lack of understanding of the potential value of this data – 16% report that it was more convenient than inputting the data themselves at the time, with 12% reporting that they don’t think the information would be of interest to anyone else. 6% have even deliberately shared the details in fear they will forget them.
We appear to have clear barriers when it comes to our physical belongings – 67% of us say we wouldn’t look through a friend’s physical personal items such as a handbag or wallet without their permission. Reasons for this included ‘I wouldn’t wish to violate their privacy’ (57%) and ‘I wouldn’t want them to look through my things without permission (52%). However, this hesitance and sense of privacy is not nearly so strong in the digital world – over one in ten (11%) of us admit to taking a peek at a friends or family member’s ‘logged-in’ online accounts, for example email, Facebook and WhatsApp – without their permission.
Digital identities and security boundaries
This is particularly true of the 18-24 age group. Just 9% of this group say they always log out of online accounts, compared to the average of 29%. Within this group, 26% have posted content (a photo, status, or tweet) on someone else’s behalf, 18% have changed personal details, and 13% have sent a message to a contact – all without their permission.
This behaviour is not malicious – 75% of those who have done so explain their actions as “thinking it would be funny”, or in simple retaliation, with 43% reporting that it was payback for a friend that had done it to them in the past. Interestingly, 22% report that they thought their friend would not mind, highlighting how embedded this culture of digital sharing is for today’s internet users.
Consumers overlook the value of their personal data
The details we are most likely to share are email passwords (23%), mobile phone passcodes (21%), social media logins (13%) and digital media account log-in details (e.g. Netflix, Spotify). 10% even admit to sharing their online banking details.
In today’s evolving threat landscape, fraudsters are able to build up detailed pictures of their victims based on everyday interactions and seemingly innocuous personal details. Worryingly, 12% of those who have shared this type of information report that they do not consider the details to be of value to anyone else.
“The ‘password problem’ isn’t that the security mechanism is broken, it’s the fact that we as consumers are expected to follow strict guidelines to keep them secure. This simply doesn’t fit with the way we choose to operate online,” said Neil Costigan, CEO of BehavioSec.
“Our lax attitude to online security will be increasingly significant as services like Facebook and other social media sites become ID providers. With the rise of social media buy buttons and ‘Log-in with X’, access to these platforms can offer a passport to our personal identity.”