Reliance on online for shopping and social media means many are sharing and storing personal details
Six in ten post full name on social media while more than four in ten include date of birth and home town
New industry efforts come into play in September to make online shopping more secure for customers
We're urging members to register their mobile numbers with their bank or building society in time for new legislation designed to make online shopping and digital banking safer.
Our research* shows more than two fifths (42%) of shoppers who store card details on online shopping sites forget where they have saved their card details – from online marketplaces and department stores to everything in between.
To further improve fraud protection for our members, we will be extending our Strong Customer Authentication from September – this requires our members to complete an extra step to confirm it’s really them when making certain payments online.
It comes as ‘card-not-present fraud’, where someone uses your personal information and details from your card to shop online or over the phone, remains the most prevalent type of fraud.
Just under a quarter (24%) of Brits have had their personal details stolen online, according to our research, with people shopping online more than once a week on average.
Fraudsters will often access people’s information from data breaches at the places where they shop or from sources of public information available online, such as social media profiles.
The rise of social media has led to people sharing more of their personal information online, making it easier for fraudsters succeed in their deception - seven in ten (71%) Facebook users said they used their full name on the site, while 53 per cent confessed to putting their full date of birth. More than half (54%) include their home town, while eight per cent use their address.
In addition to securing online payments, Strong Customer Authentication will also add an additional security layer when accessing the Internet Bank or Banking app.
Members will be sent a one-time passcode by SMS that they will need to enter to prove it is them and, for our Banking App, they can use fingerprint or facial recognition, as they do today. This extra step will make it more difficult for fraudsters to impersonate customers as it does not rely on personal information that is widely shared.
Jag Bassi, Head of Digital Products at Nationwide Building Society, said:
“Increasingly more of our lives are being managed online as consumers want access to goods and services 24/7. However, we need to be mindful of the information we put in the public domain and that, if it gets in the wrong hands, we could become a victim of fraud.
We're working hard to protect our members from online fraud by adding further security, particularly when they shop or bank online. People will be required to enter a one-time code sent to their mobile, which will further confirm it is really them making the transaction.
We will continue to introduce more options for our members, such as using codes generated by our card readers or by sending approval requests directly to users’ Banking apps.
It is essential that members ensure their personal details are up-to-date, especially email addresses and phone numbers, otherwise they may find they won’t be able to make purchases online."
We already ask members to use their card readers when logging in to the Internet Bank, and enable fingerprint or facial recognition to access the Banking app. To help protect members and their money, they may now be asked to input a one-time passcode, card reader code or to authenticate their payment via the Banking app when shopping online.
Members can update their contact details via the Banking app, Internet Bank, by calling or by visiting their local branch.
Find out more information on Strong Customer Authentication.
*Research completed by Censuswide of 2,004 UK consumers between 23-26 April 2019.