With greater personalisation comes greater security – CIO
It can often feel as though trust and authenticity are in short supply these days. As we all know, content is becoming easier to create, manipulate and disseminate. Technology, such as Generative AI, has given marketers the power to create more engaging and uniquely personal offerings. This has reinforced concerns around data privacy and security.
Today, anyone providing a digital experience has an increasingly tough job on their hands. In the midst of message and content overload, consumers demand personal, in the moment, experiences that feel safe and secure.
For retailers and brands, striking a balance between personalisation and security is the ultimate challenge. It all relies on a much needed value exchange to occur between brand and consumer – and for this to happen trust is key.
The trust game
It’s obvious that for brands and retailers, security and trust matter. If consumers don’t trust a brand or retailer’s digital offering, then they won’t interact or purchase from it. Research from Okta highlights that 85% of consumers are unlikely to purchase from a brand they don’t trust. Every time a consumer interacts or purchases from a brand online, they are essentially trusting them with their personal information. Whether it’s dates of birth, credit card details, or shoe sizes, the brand has a duty to keep this data safe and secure.
In an ideal world, businesses should only collect vital customer data, limit who has access to it, and implement a strong data management strategy around its storage. At every stage of the data sharing and storage process it should be encrypted. This is something we do at Sitecore. In fact we never actually see any external data that is shared with us. It is all encrypted. These steps all act to reduce the attack surface, limiting the risk of data breaches and keeping end-customers safe.
Putting in place the correct security controls not only keeps customer data safe, but it also builds the trust necessary to deliver the personalised experiences that consumers are looking for. In fact, from our own research, we know that 70% of consumers say brands should connect with them on a personal level.
The role of regulation
To help brands and retailers manage their approach to data gathering, we’ve seen a raft of regulations put in place, perhaps most famously (on infamously) is the European Union’s General Data Protection Regulation (GDPR).
Across Europe, GDPR was originally introduced five years ago to protect consumers from having their data shared and sold across the internet without their consent. By and large, GDPR has been a success. It has sparked significant improvements in governance, monitoring, awareness, and decision-making regarding the use of consumer data. Because of the regulation, businesses worldwide were forced to take a closer look at their approach to consumer data privacy and security.
However, many argue that the solution put in place to attain consumer approval for data sharing has led to a clunky experience, with disruptive pop-up banners greeting users upon their first visits to websites and asking them to opt into sharing cookie data.
These concerns, among others, are currently being debated as the UK seeks to amend its local version of GDPR and offer a more ‘business friendly’ approach. If these intended amends pass, we could see a reduction in the need for consent banners. In turn, this will improve the customer experience and give businesses more power to personalise their brand offerings.
The choice for brands
Regardless of what the regulators say, brands and retailers still need to take certain measures to ensure they can collect needed customer data in a safe and secure manner.
Broadly speaking, those looking to gather customer data currently have two options. Either they collect this data implicitly or explicitly. An explicit method could entail serving site visitors a questionnaire asking them about their age, gender, etc. An implicit method might rely on tracking social media behaviour and cross referencing with previous purchasing data.
However, with third party cookie data likely to soon be a thing of the past, implicit data collection may become a less valuable option. In a future scenario, brands and retailers would only be able to gather implicit data from their own online properties – more commonly referred to as first party cookie data. Apple’s Safari and Mozilla’s Firefox already block third party cookies as a default whereas Google’s Chrome continues to allow them, for now.
It’s likely that a combination of explicitly asking consumers a few simple questions, such as age and gender – and then combining this with first party data, sought from previous on-site purchases – will be the winning formula.
Regardless of what approach retailers and brands take, they will need to remain customer focused. Their offerings will need to take into consideration both customer concerns around security and their expectations for personalisation. Trust will need to be maintained throughout.
My advice to brands and retailers looking to personalise the online experience is to consider how they’d treat a customer who just walked into their physical store. For example, would you ignore them or immediately try to offer them a two-for-one on dungarees? The likely answer is neither, you’d greet them with a friendly smile and ask a few simple questions in order to understand their purchasing needs. If they made a purchase, you’d then log this information and use it to inform future recommendations. The online experience should emulate this.
In today’s crowded marketplace, security and some degree of personalisation should be a bare minimum. The key for brands and retailers is to find the sweet spot and offer a genuinely enjoyable experience that feels safe and leads to a worthwhile purchase. The experience should foster loyalty.
However, the key to having a consumer open up and share their information with you? Trust. And how do we build and maintain that trust? Yep, you guessed it, security, safety, and data privacy.
To learn more about establishing and maintaining security, safety, and data privacy, visit Sitecore.