Though Facebook members generally reveal much about their private lives in what amounts to an open forum when posting information on the social media site, they are not as trusting when it comes to spending money on the site.
In fact, a new survey reveals only 24% of 722 U.S. adult respondents active on the Internet felt safe making a purchase through a Facebook storefront or merchant page.
That low percentage came as a surprise to Alisdair Faulkner, chief product officer at ThreatMetrix Inc. The San Jose, Calif.-based cybersecurity software provider joined security think tank Ponemon Institute LLC in late December to release the "Mobile Payments and Online Shopping" survey report, which assesses trust in social media and other online-payments sites during 2011.
"I just felt that because people are so trusting with other information on Facebook, it would be a natural extension to trust making a purchase," Faulkner says.
Security threats aside, the survey data indicate consumers have yet to adopt online shopping habits through social networks, with only 32% of respondents saying they had browsed a merchant's Facebook page and then bought something on the company website. In turn, only 20% of consumers indicated they had purchased a product directly through a Facebook storefront, according to report.
Part of the mistrust for Facebook security stems from what users hear or see about other scams affecting the social-media site, Faulkner says.
"With slamming and phishing [scams] increasing dramatically, Facebook users really notice it when a top celebrity like Lady Gaga is hit with fake information on her fan page," Faulkner says.
Facebook fears spiked last month when a fake offer for free Lady Gaga Apple Inc. iPads turned up on her fan page, encouraging fans to sign up for the product. Published reports indicated Facebook closed the link within an hour, but more than 12,000 fans had clicked on a rogue link within the fake message, potentially exposing personal information if they had filled out an online form to obtain the fake iPad.
Even more likely, survey respondents distrusted Facebook because of a personal experience or from hearing about a friend who had a problem instead of from understanding how cybercriminals develop malicious software for data theft, Faulkner notes. "Bad news travels faster on Facebook than good news," he contends.
In other cases, consumer distrust may have nothing to do with their fears of potential data theft. Instead, the consumer could fear something as simple as the purchase information spreading to other Facebook friends, Faulkner adds.
"It could be someone being concerned that the bride-to-be would find out what was purchased as her wedding gift because the information is out there," Faulkner explains.
Survey respondents expressed more confidence in Google Inc., as 51% felt Google was more effective at keeping customers safe from online criminals.
Faulkner fears that percentage could change if Google stubs its toe with security measures related to its recent announcement about potentially offering next-day product delivery of goods purchased through its online store.
"Google understands the digital world very well, but not necessarily the shipping industry," Faulkner notes.
Shipping goods represents a whole new area of potential fraud, with the criminals placing orders with stolen card data and then reselling the items on other sites, he adds.
Both Facebook and Google drew payments-industry attention last April for their desire to create new services for online payments. For its part, Facebook created Facebook Credits, a form of virtual money, and established Facebook Payments Inc. as a new subsidiary.
Sixty-one percent of respondents chose PayPal Inc. when making a mobile or online payment, while 53% favored credit cards and 26% preferred the Google Wallet, according to the survey.
More than 50 % of respondents said they use only mobile-banking applications, mobile devices and websites they trust. But cybercriminals deploy complicated fraud schemes that can undermine consumers who feel they are taking proper precautionary steps, Faulkner says.
Yet companies offering online payments or overnight shipping could aid consumers with more "real-time" fraud protections at the moment a transaction is being made, Faulkner suggests.
Companies deploying device-identification software that identifies the Internet protocol address and other attributes of the computer of the purchaser allows the merchant to be immediately alerted if that address does not fit the billing or shipping address of the buyer, he adds.
