Jason Lane-Sellers, Director of Market Planning at LexisNexis Risk Solutions, explores how Gen Z’s overly trusting nature towards streaming sites could be a grand folly.
Gen Z (16-24-year-olds) trust TV streaming companies more than they trust their bank, according to new research from LexisNexis Risk Solutions and Censuswide UK. Messaging apps and social media platforms also rank highly in young people’s assessment of which digital services they can be most confident in using.
This is in stark contrast to those aged 55+, just 68% of whom trust the media streaming services and less than half who trust social media companies, compared to nearly 90% that say they trust their bank.
The research highlights clear generational differences in attitudes to newer and digital-only brands, with younger people far more willing to trust them to act in their best interests than their parents and more comfortable using mobile and tablet devices when making high-value transactions.
Older generations, on the other hand, show more affinity with desktop PCs for big transactions and are more likely to trust established brands over new ones. They value face-to-face discussions over digital interactions and prefer people over technology.
This is perhaps not entirely surprising. Gen Z is, after all, the first truly digitally native group, having grown up online with social media, and using multiple wireless devices. They spend the most time of any generation online, averaging 10.6 hours a day compared to 8.5 for Millennials, according to Adobe.
In contrast, their Baby Boomer and Generation X parents and grandparents remember a world before the internet, first accessed the internet via desktop and received their TV programmes through an aerial or dish.
Building trust
This new research is certainly positive news for media companies and demonstrates the extent to which these brands have, over a relatively short time frame, gone from start-ups to trusted household names.
However, it also suggests Gen Z’s confidence is translating into a somewhat too liberal approach to managing personal data security online. For example, a worrying 79% of 16-24-year-olds admitted to sharing their passwords to subscription streaming services with family and friends. That compares with only 54% of 35-44-year-olds and just 20% of those aged 55+.
This may seem harmless but combined with the tendency for people to use the same password across multiple online accounts – which a 2019 Google study found that over half of people admit to doing – leaves Gen Z and others wide open to all kinds of fraud and social engineering scams.
The latest fraud statistics from UK Finance show almost 200,000 Authorised Push Payment (APP) scams were reported last year, with net losses up 39%. APP fraud now represents close to half of all fraud, driven in large part by social engineering scams.
Beating the fraudsters
Impersonation fraud – a leading form of APP scam – combines misappropriated personal information and a strong serving of bravado to manipulate victims into making online transfers or giving up control of their accounts. It’s the hardest fraud to detect and prevent, because it’s perpetrated through the genuine customer themselves, using their normal device – to all intents and purposes, nothing looks suspicious.
Fraudsters only need a few key details to commit APP fraud, for example, the name of the bank, the last four digits of a card and the date of a Direct Debit payment. And they don’t have to infiltrate bank-level security to obtain them.
The scam starts around five steps back from the financial sector. Phishing or smishing attacks harvest victims’ login credentials – username and password combinations – before mass testing them using bot attacks.
Our Cybercrime Report shows around 1.6 billion high-velocity bot attacks took place globally in just the second half of 2021, specifically targeting sectors with less robust controls, including the communications, mobile and media services (CMM) sector, which saw attack volumes soar by 894%.
Password reset attempts are another route with one in eight reset requests now a suspected fraud attempt, our analysis shows. Once the credentials are validated, it’s an open door for fraudsters to harvest the details they need. The logical solution for fighting back against these dreadful crimes must therefore be to starve the fraudsters of the supply of information that gives them the advantage.
This can be achieved with some relatively easy measures: first, by better educating the market and consumers on the techniques used to steal and validate the information; second, by applying technology-driven protocols akin to PSD2, combined with market-leading UX design, to significantly improve account integrity, without reducing the experience for customers.
Combine this with more effective cross-industry collaboration and information exchange and we could realistically see a quantum leap forward in fraud prevention. Cross-institutional intelligence sharing of fraud risk indicators and alerting mechanisms is already proven via our own Digital Identity Network.
Be a network to fight a network
The challenge is to work hand in hand with the regulators and government to loosen the restraints and open up collaboration even further. This would help create a truly watertight online ecosystem that keeps the door firmly shut to fraudsters.
The incentive for the communications, mobile and media sectors, and many others besides, is clear. No sector or organisation wants to deal with the reputational fall-out of being identified as a third-party enabler of fraud, due to failing to suitably protect the integrity of its customers’ accounts and allowing a flow of misappropriated information upstream towards the financial services sector. It’s time for all sectors operating online services to take collective responsibility and recognise that fraud is a problem we all share.
As we say at LexisNexis Risk Solutions, you have to be a network to fight a network. So, let’s be a network that benefits from global shared intelligence and work together to keep these pernicious scams in all their forms, at bay.
