A while ago we wrote an evolving story about what financial institutions could learn from Target’s response to its 2013 holiday season data breach in which the personal information of upwards of 70M customers and 40M credit or debit card records were stolen by hackers.
Theoretically affecting 34 percent of the U.S. adult population, the Target breach certainly captured consumer attention and, driven by the news, still does months later.
In looking back, one can measure the impact on purchase behavior and cardholder confidence by assessing cardholder payment choice in the wake of a data breach. Recent Associated Press and GfK Public Affairs & Corporate Communications research found that 37 percent of Americans have expressed a preference to use cash in lieu of credit or debit cards to pay for purchases because of the thefts. Understandably, financial institutions have withheld proprietary corroborating data, but anecdotal articles share stories of consumers limiting their card spend or adjusting to cash when it is convenient. A recent breach-related article in the New York Times quoted a shopper as “…starting the week with $100 [in cash] and when the money in her wallet is low, has found herself forgoing purchases she wouldn’t have hesitated to buy with a card.”
A different survey published by Ipsos/Reuters measured roughly the same period following the Target breach. That poll seems to confirm the Associated Press/GfK findings and indicated 64 percent of breach victims claim they still use their credit and debit cards.
For financial services marketers, it is an imperative to restore eroded confidences quickly as a short-term marketing goal, while continuously managing your long-term communication efforts to educate and remind cardholders of your card’s security and liability benefits. Due to the on-going sensitivity surrounding the breach, right now is a strategically critical time to audit your current and future messaging strategies with an eye on really looking at “what you are saying” to whom and to ask yourself if you are really doing everything possible to refocus your card product messaging to increase emphasis on its security features.
Here’s a quick list of questions that you can refer to when reviewing your security messaging:
1. Does your content provide assurances?
Financial institutions cannot eliminate fraud or breaches – and data losses will likely continue to occur. If you do a good job of reassuring your cardholders that you take security seriously – and convey and reinforce those product benefits that are in place to protect the cardholder in the event of a breach – you may lessen any adverse consumer response and protect card volume and loyalty. The hierarchy of your messaging should not downplay your product’s security features in exchange for highlighting promotional offers or other benefits. Design and layout of your materials should work to strategically “weight” and draw attention to all your important points.
2. How does your message resonate with your various audience segments and product offering?
Knowing how your marketing and product offering plays out among differing products, perspectives, and cardholder behaviors may make a big difference in your customer’s understanding and receptivity of your content. Versioning your message to emphasize security benefits by product (credit vs. debit) and by audience segment is essential. Debit requires far more effort in terms of education and reassurance given that consumers feel increased vulnerability using debit vs. credit. Additionally, older audience segments, heavy credit users, etc. are prone to greater security concerns even under normal circumstances.
3. Is your copy alarmist in tone? Does it strike a defensive posture?
Inviting worry or fear-mongering sends the wrong message. Consumers will focus on what could go wrong rather than the benefit that would otherwise make your product attractive. Remain focused on the positive attributes of your card products, clarify your benefits – and be deliberate in your messaging.
4. Are you taking advantage of the full product lifecycle?
New prospects need assurances, just the same as long-term cardholders. Reviewing and refining your message for consistency and appropriateness at various lifecycle stages – from acquisition, onboarding, activation, and routine communication is critical.
5. Are you effectively using all of your channels?
Cardholders may tune into or be responsive to select channels and could miss your message if you limit the outlets through which you reach out to them. Not everyone has the same level of technological prowess or connectivity (i.e. older audiences may not have a smartphone to receive texted fraud alert notifications.) Be sure to review and utilize all of the resources at your disposal, such as SMS messages, email, direct mail, statement inserts, websites notices, post-login account messages, electronic fraud alerts, in-branch signage, employee training and scripting, public relations, etc.
Being prepared to immediately emphasize and reiterate your security benefits is one of the most important marketing objectives you can reach for in the event of a data breach. If you and your cardholders should fall victim to a breach, it is also critical to tell cardholders exactly what you’re doing, what they should do and what they should expect. Your job, as a financial institution marketer, is to use your product’s benefits to reassure your cardholders that they are safe and that you are ready and capable to actively address a data breach incident.