The emergence of zero trust consumers

A survey report from Daon shows 92% of consumers believe that cybersecurity threats will continue to outpace cybersecurity technology, with 91% willing to take extra security measures to prove their identity on an ongoing basis to protect their information and accounts.

These and other findings in the report reveal that consumers are acknowledging a high-risk environment when conducting different aspects of their lives online. These attitudes signal an emergence of zero trust consumers.

The report, The Era of the Zero Trust Consumer, is based on a survey of over 2,000 U.S. and over 1,000 U.K. consumers conducted in October 2022. It shows that consumers may be accepting the reality of ongoing cybersecurity threats in the same way that businesses are adopting a zero trust architecture.

In the enterprise, a zero trust architecture acknowledges constant and ever-changing cybersecurity risks and requires user identity, in and outside organizations, to be authenticated and continuously verified before the user is given access to networks, applications, or data.

“As online breaches, hacks, and fraud targeting businesses, governments and consumers continue to escalate both in frequency and sophistication, consumers are showing a growing awareness of these threats and a determination to do what is necessary to secure their accounts and information,” said Tom Grissen, CEO at Daon.

“This emerging state of consumer awareness is what we’re calling zero trust consumers. The lack of trust is primarily about cybercriminals, but it doesn’t need to apply to businesses. Businesses that deploy advanced technology to prove and continually authenticate identities at every trust point across the customer lifecycle will ensure a trust relationship with their customers.”

Passwords both most used and least trusted

Despite mounting industry and consumer pressure to move beyond vulnerable passwords, the report shows that passwords persist as the industry standard, with 68% of consumers saying they are both their most used and least trusted security measure. The findings show consumers are ready to embrace stronger security measures and expect the businesses they hold accounts with to meet them halfway in securing their identities.

This expectation holds especially true for their digital financial accounts, where increasing reliance on financial technology has left consumers concerned for the safety of financial information and money – 93% expect stronger security measures, but passwords with one-time codes and simple passwords are still the most used methods of protecting this vital information.

48% of respondents have experienced a breach or hack of an online account in the past 5 years, and 44% have experienced financial fraud, leading to a greater understanding of the reality of security threats and a strong willingness to embrace more advanced, passwordless technology. 81% say they would be willing to use facial or voice recognition when accessing accounts to better ensure security.

But consumers who are looking for a more secure digital future expect companies to meet them halfway on securing their accounts and information, with 54% saying companies and consumers hold an equal responsibility for protecting their identity.

“The report findings overwhelmingly show that reliance on outdated security technology betrays the trust of consumers who both understand and embrace the reality of security threats. We’ve seen many major industry players already pushing for higher standards of security through initiatives like passkeys, and it shows businesses are now at an inflection point, where they must understand that the path to trust with their customers is through understanding their customers’ views of threats,” concluded Grissen.