Consumers are losing faith in digital identity security and retailers are on the front line of this trust crisis. Ping Identity’s 2025 Consumer Survey revealed that 76% of Brits worry about identity theft or fraud, and 41% would rather quit social media than risk having their identity stolen. Only 17% fully trust organisations managing their identity data.
For retailers, this means identity security is no longer a back-office issue but is central to the entire customer experience. “Ping Identity is a cybersecurity company, and our focus is really on identity and access management,” says Alex Laurie, senior VP at Ping Identity.
“In retail, when someone is shopping online or on mobile, there’s usually an element you must do, which is to log in and understand who the customer is. It sounds simple, but it’s quite complex.”
Retailers rely on Customer Identity and Access Management (CIAM) systems to capture details like usernames, passwords, and even biometrics. However, although customers want to be safe and know their profiles can’t be hacked, it’s still vital the customer journey – including all security aspects – is as seamless as possible.
Research from Ping Identity’s 2025 consumer survey shows that 61% of British consumers have abandoned an account or provider (including retailers) entirely due to not being able to remember their password or not being given the option to reset it.
This is something Laurie has experienced himself. “I once tried to buy a new barbecue online, and before I could buy anything, I had to fill out these huge forms,” he says. “It got so frustrating, I just couldn’t be bothered. That’s the challenge in retail: how do you make the customer journey as efficient and painless as possible? But you still have to balance that with actual security.”
The stakes are high. Ping’s survey shows financial identity fraud (26%) and account takeovers (23%) are common, and trust in online banking has plummeted from 61% in 2023 to 24% today. Social media (36%) and online banking are now among the least trusted sectors for protecting personal identity.
AI: retail’s double-edged sword
AI is reshaping the threat landscape. “On the negative side, it makes it easier for hackers,” Laurie says. “We’ve seen a massive increase in more accurate phishing exercises because AI writes emails and SMS messages that are realistic, which helps with social engineering attacks. Also, there are more scams, like fake websites, that look like real delivery companies.”
It’s also disrupting the customer journey. “On the other side, AI can disintermediate the retailer from the consumer. Using things like ChatGPT, people can send agents to shop for them, and if retailers don’t adapt, they could lose direct customer relationships,” Laurie states.
Another significant issue is that AI-driven bots are also targeting retail supply chains. “In terms of Black Friday we see AI-driven agents trying to buy up hot stock like PS5s and limited-edition trainers to resell at huge markups,” Laurie says. “Retailers need to be able to tell who’s a real customer and who’s a bot. The brand reputation risk is huge – if you can’t buy at retail, but see markups online, that damages the brand.”
He adds that threat actors are increasingly gaining access to systems then choosing their moment to strike when it’s likely to hit retailers hardest. “Sometimes attacks happen months before, with attackers waiting for just the right moment, say, ahead of Black Friday, to strike,’ he says.
“Disruption seems to be the goal in many recent cases. Ransom demands are sometimes added afterwards, but the main point appears to be causing as much disruption as possible. Getting inside systems, causing trouble at peak times, then maybe asking for ransom.”
The challenge for retailers
For retailers and their security providers there’s a huge challenge: to offer customers the stronger safeguards they want, like biometric authentication or one-time login prompts, while also ensuring their own systems are protected from hackers and bots. And of course, at all times, providing a seamless and smooth customer journey.
“Retailers have to stay ahead, be aware of supply chain vulnerabilities and make sure they’re prepared not just for the next wave of cyber threats, but also for changes in how their customers are shopping and engaging,” Laurie says.
As AI accelerates both innovation and risk, retailers who make trust their top priority through identity-first security and transparent practices will be the ones that thrive.
“Security, customer experience and adapting to emerging tech have to go hand in hand,” concludes Laurie.
Originally published on InternetRetailing