Why I trust Microsoft more than my bank
A new Gartner study comes to the not-so-staggering conclusion that Mr. and Mrs. America don't like online authentication services such as Microsoft's Passport and AOL's Screen Name service. The reason: They don't trust the two companies to keep their personal information safe.
Given how the two companies are forcing their respective user name and authentication schemes down people's throats, it doesn't surprise me that consumers are choking on them. And given that consumers have a hard enough time trusting the Internet as a whole, I can certainly understand why they're unwilling to trust AOL and Microsoft.
What I don't understand is why these same consumers are so willing to trust their banks and other financial services companies with the same personal information. According to Gartner, 47 percent of consumers surveyed said they would trust banks to handle e-wallet services safely. Only 12 percent said the same thing about Microsoft.
That makes no sense to me. I think that if people really knew about all the security gaps and gaffes that financial services companies routinely hide, they'd either find it easier to trust Microsoft and AOL (like I do), or they wouldn't trust anyone (also a reasonable response).
Identity theft is largely a by-product of the casual ways financial services companies now handle information and transactions--the way they promote the use of Social Security numbers as universal IDs, for example, and hand out credit cards like popcorn. I find such lapses much more troubling than worms and viruses. Sure, having a worm trash your e-mail is a pain. But at least I can buy software to protect myself.
Yet financial services companies hardly take a hit for their complicity in identity theft. It's just considered the work of criminal minds doing what criminal minds will do. Why isn't Microsoft similarly seen as the victim of criminal hackers?
A year ago, when Microsoft first introduced its .Net My Services (then code-named Hailstorm), I asked Bill Gates if he was concerned that people might be unwilling to entrust their personal data to a company that has yet to solve security holes in a Web browser.
At the time, he didn't seem to understand why I'd ask such a question. His trustworthy computing initiative suggests he understands now: People don't trust computers, the Internet, software, and by extension, Microsoft. Or maybe I've got the order reversed. In either case, the effect is the same. Browser security problems may have little to do with keeping a database of personal information safe. But from a consumer perspective, they are one and the same.
The problem to me is that the financial services business has been abusing consumer data forever. Ever have to live with the consequences of a mistake on your credit report? Ever try to get that mistake fixed? That's the real reason people should worry about the security of their personal data: This is just how these companies do business.
Microsoft, on the other hand, has fewer real uses for your personal information and can make plenty of money without misusing it. In fact, Microsoft could probably make even more money by giving consumers real control over their personal data.
Furthermore, if Microsoft was caught misusing personal data, the negative impact would be much more severe than it would be on financial services companies. Unlike most of those businesses, which exist largely hidden from public view, Microsoft is out there front-and-center every day.
So, while I am not sure it's such a great idea to have all that personal information sitting on someone's server (My Services would include your financial data, contact lists, calendars, documents, and other personal information), I know I'd trust Microsoft with it before I trusted my bank or credit card companies.
What do you think? Would you trust a bank with your personal information rather than Microsoft or AOL? TalkBack below.