The Application Security Division of NTT Ltd. released The State of Secure Online Holiday Shopping, an analysis examining more than 1,000 online shoppers’ thoughts and behaviors related to cybersecurity and online holiday shopping. The results suggest that although a significant majority of consumers generally understand the risks associated with shopping online during the holiday season, they ultimately prioritize the benefits of e-commerce over cybersecurity — even following a breach that exposed their personal information.

According to the survey, 35% of consumers indicated that they would continue shopping with a retailer that experienced a security breach, while only 25% said they would begin taking their business elsewhere. Additionally, less than half of respondents (46%) said they would stop shopping with a retailer altogether if their own credit card or personal information was leaked by the company in a security breach.

Despite Breaches, Consumer Trust Remains High — Especially When Using Mobile Apps

Even though 26% of respondents have already experienced credit card or identity theft as a direct result of shopping online — with 10% of those instances having occurred during the COVID-19 pandemic — most consumers still feel that their personal information is protected.

  • 58% of respondents feel that their data is protected when shopping online.
  • 40% said they feel more secure when shopping online with a large retailer versus a small business.
  • Online shoppers feel significantly more secure storing their credit card information in retail mobile apps (57%) compared to e-commerce sites (19%).

 Online Shoppers Already Taking Measures to Protect Their Information

94% of survey respondents — of which more than half conduct the majority of their shopping online — claim that they are knowledgable of cybersecurity risks and take the following precautions:

  • 63% do not shop online when connected to a public Wi-Fi network.
  • 76% check to make sure an e-commerce website has a secure HTTPS connection.
  • 73% rarely or never click on links when offered a deal through an advertisement, email or social media promotion.
  • 51% use two-factor authentication.

“Even before the pandemic, companies in the retail and wholesale industry were already among the most targeted by hackers,” said Craig Hinkley, chief executive officer at NTT Application Security. “Unfortunately, the urgent demand for merchants large and small to accelerate their shift to e-commerce has ultimately led to an extremely dangerous threat landscape in the retail sector that consumers need to be mindful of while shopping online this holiday season and beyond.”

These figures indicate a sense of trust between consumers and online retailers, a recent study from Juniper Research projects fraudulent activities to cost merchants more than $20 billion by the end of 2021. With the onus falling on retailers to secure their online storefront or potentially risk paying settlements that can result from a breach, it is now critical for merchants to invest in application security testing that scans for exploitable vulnerabilities without interrupting their business during the holiday shopping season.

For more information on NTT Application Security’s survey results, please visit