Should Merchants be Encrypting their Customers’ Email Addresses?
Which would you rather have to change, your email address or your credit card account?
In today’s MarketingSherpa, we pointed out that the list of opt-in email addresses that you have collected from site visitors is most vulnerable when it is sitting on your list host’s (or your own) server.
I’ve given this a bit more thought, and it occurs to me that while most merchants encrypt the credit cards of the customers who make purchases from them (if you’re not, you should be), none that I know of encrypt the email addresses of customers. An encrypted field makes the database far less valuable to a hacker, and protects your customers even from an employee who is in a position to take a backup of your database home with him.
Yet, upon further reflection, it’s obvious to me that (at least in the United States), most email users who have had their email addresses for more than a year and are in the addressbooks of other professionals *at that address* would be far more willing to have to get a new credit card number (and update any companies that directly debit their accounts) than get a new email address, and try to reach everyone who might have contacted them at their current email addresses. Yes, I know there are services that will handle email forwarding, but between finding an infinite number of people from whom I *want* to hear via email, and contacting the handful of companies that charge my credit card monthly, it’s a no-brainer. I AM my email address in a way that I am not my credit card account.
Then, why is it that email vendors (A.K.A. List Hosts) don’t generally encrypt email addresses of subscribers on their servers?
What, you know of someone who does? Please tell us and we’ll blog it here.
In the meantime, we’d like you to take our very brief survey about your answer to my first question above and your perception of list security in general. Click here (only 5 brief multiple-choice questions).
Categories: Marketing