Attackers can use malware or a phishing campaign to capture account credentials from users. Mobile malware is less likely to be a serious threat, but those surveyed by Ponemon said it was a serious concern. Sixty-six percent of respondents said it is more likely to occur during the holiday season. The study found that many firms hardened their identity and authentication systems to reduce the risk of a successful attack.
System monitoring can detect attempts to gain unauthorized access, password requirements can be strengthened and two-factor authentication can validate a user's identity, but a fine balance takes place between security controls and customer usability, say IT security pros. Retailers want to ensure the buying experience is disrupted as little as possible with security controls or the customer could turn elsewhere.