Around two million Australians are risking data breaches each day doing their banking and conducting other financial transactions on unsecured public Wi-Fi networks, a study has found.
As public WiFi becomes a key part Australia’s communications system, little is known about how consumers understand and use the technology or their expectations of service providers.
An RMIT University report has for the first time analysed survey data from a nationally representative sample of 1200 Australians to uncover what public WiFi networks are used for, and what consumers know about network security.
Lead author Dr Ian McShane, from the RMIT Centre for Urban Research, said that in the three months before the survey was undertaken, at least 10 million people logged on to public networks in Australia, but the data showed there was limited awareness of data security risks and the measures people could take to minimise risk.
“Australia ranks sixth highest on an international scale of cyber attacks which means we should be highly attentive to security issues,” McShane said.
“Yet we found that almost two million Australians were conducting financial transactions, and around one million performing work-related tasks, including email and file sharing, on insecure networks.
“Unsecured networks are easy pickings for hackers and cyber criminals but we found that even where users are familiar with security options, many chose to forgo them, preferring convenience over security.
“This not only exposes public Wi-Fi users, but also puts businesses at significant risk.”
Funded by the auDA Foundation, the Practicing safe public WiFi: Assessing and managing data-security risks (PDF) report also takes aim at the long and overly-complex terms and conditions to which consumers must agree to access some public WiFi networks.
“Many of these agreements are overly complex and often bury security advice and alerts at the end, which raises the question of whether consumers are making informed choices,” McShane said.
Co-author Associate Professor Mark Gregory, from the RMIT School of Engineering, says network providers and policy-makers must prioritise consumer education on security.
“If Australia is to implement a successful roll-out of public WiFi, then governmental, industry and consumer bodies must consider developing a public awareness campaign on public WiFi security,” Gregory said.
“Businesses and employers should actively develop protocols and procedures relating to public WiFi use.
“Given the level of financial transactions conducted over insecure public networks, financial institutions too have a strong incentive to take part in such campaigns.”
Story: Chanel Bearder