An odd question, I know. Of course, from a security stand point you can never have too much. But often when working with merchants within the Foregenix forensic lab we receive feedback such as "Implementing a redirected payment method will lose customers" or "3D secure is affecting sales because customers can't remember their credentials."
So are we, as users, putting our own data security at risk? Through our own laziness and inability to appreciate the security layers that merchants and financial service providers put in place, are we leaving ourselves vulnerable?
No single security measure can keep all our data safe, and it is security in layers that offers the best protection. Many financial service providers are working to develop other ways that we can verify our identity, such as biometrics, so that we don't have to remember reams of complex passwords and answers to security questions. Ultimately, security is user-driven. The challenge is finding that balance between providing sufficient security and maintaining usability. We as users/customers must be willing to accept and appreciate the measures that are being provided for us.
the challenge for financial service providers is that if they impose too many layers, we customers get annoyed.