Did COVID-19's rapid digital shift mean data collection was left behind?
The global pandemic created a major shift in shopping habits across CEMEA, pushing many consumers online. In the rush to develop a digital offering, the collection, analysis and security of data may have been overlooked by many companies, which could have repercussions down the line.
When national lockdowns were brought in across the world in response to the COVID-19 crisis, businesses scrambled to survive. Those that could move online rapidly pivoted to focus on eCommerce. Visa's Back to Business study1 found that nearly four in five (78%) consumers surveyed have made changes to the way they pay for items due to COVID-19, including shopping online whenever possible (49%). According to the global consulting giant McKinsey, organisations leapfrogged five years' worth of digital adoption in just eight weeks2.
Data takes a back seat
Many of the companies that began building new online platforms and applications in response to the pandemic were – understandably - wholly focused on staying afloat and making sales. This meant that some apps may have been created without the functionality to protect data.
This is a major departure from the 'intelligence by design' trend that has become prominent in recent years. Intelligence by design or 'data privacy by design' refers to the built-in ability to track, analyse and protect multiple data points.
Michelle Gervais, Vice President of Data Science, CEMEA, at Visa, explains: "You need to build this in from day one. Otherwise you'll find yourself playing catch up in the future when someone in the organisation wants to know who is clicking in from where, or why an app is being abandoned."
The consequences of neglecting data
Without a data-first approach, many businesses may experience issues down the line. Everything that a business wants to track must be written into the "guts" of the app, explains Gervais. "The data won't be there unless you design for it."
It can be costly and time-consuming to retrofit platforms and apps to track important data – and it's not always possible to make certain changes. "It might not be possible to join up your customers across your app and your online web presence, for example, because the two systems can be run on different rails," says Gervais. "But you need to bridge the two environments together to get a full 360-degree view." Without data, you are relying on guesswork to make improvements to the customer experience, which can have a direct impact on revenue and profitability.
A gaping hole in security
The world's most valuable resource is no longer oil, but data, according to an agenda-setting feature in The Economist published in 20173. If data security is not baked into an eCommerce platform or app, hackers will extract this value.
"In CEMEA, we have had historically very low fraud rates," says Hector Rodriguez, Senior Vice President and Regional Risk Officer, CEMEA, at Visa.
"Overall, we have done a terrific job of protecting the ecosystem, adopting new technologies and staying ahead of the fraudsters but COVID-19 has opened up a number of new fronts in fraud, with fraudsters increasingly tricking customers into purchasing non-existent products, as well as conducting eCommerce skimming attacks with the purpose of harvesting customer data, including billing and personal information," Rodriguez highlighted.
Global businesses reported an average of 4,000 cyberattacks on average per day since COVID-19, representing a 400% increase from what was reported pre-pandemic4. Consequent to the emergence of these new threat methodologies, Visa's Payment Fraud Disruption team has expeditiously worked with issuers, acquirers and merchants to identify and remediate potential vulnerabilities.
Solving the data conundrum
In early 2020, many businesses were forced to choose between going online fast or going out of business entirely. "The businesses that haven't prioritized data have been accumulating what is called 'technical debt'," says Gervais. "Data is a long-term investment, with massive maintenance costs. If you have to make a pragmatic decision that delays this investment, you must commit the time and resources to pay down that technical debt over time."
Data security must be considered when looking at business continuity. If your business trades solely on Instagram and that account is hacked, how will the organisations continue to operate? If data is being collected, where is it stored and backed up? Businesses must ensure their data strategy is robust and updated regularly.
One way to ensure that the ownership of data becomes a business priority in the future is to consider appointing a Chief Data Officer. This role became increasingly important following the 2008 financial crisis but is now vital in our digital-first world5.
"Education is vital," says Rodriguez. "At Visa, we spend a lot of time talking about data, best practice, cyber security and fraud. We doubled down on that over the past year. Small businesses are critical to every economy. Education and awareness are important, and we will continue to work with merchants, as well as partners and governments, to ensure we continue to anticipate and counter new threats to the ecosystem."
All brand names, logos and/or trademarks are the property of their respective owners, are used for identification purposes only, and do not necessarily imply product endorsement or affiliation with Visa.