Securityhasn't kept pace with technology and there is widespread concernthat new payment technology such as virtual currencies, mobile payments and e-wallets increase a breach risk, accordingto a new study.

The survey, “Data Security in the Evolving Payments Ecosystem,”from Dublin, Ireland based-Experian and Traverse City, Mich.-basedPonemon Institute, used the responses of 748 U.S-based individualsin IT/IT security, risk management, product development and othersinvolved in their organization's payments systems.

The study found that emerging payments technologies coming inthe wake of 2014's mega retail breaches are threatening a landscapein which financial institutions, retailers, payment processors andcredit card brands are facing more scrutiny than ever before.

“While risk and security concerns loom, large and newtechnologies are being deployed because they offer vastly improvedcustomer convenience. Throughout our study, we found a largepercentage of companies are likely to keep moving forward withdeployment of new technologies despite concerns about security.More than half of respondents say customer convenience was a higherpriority to their organization than security,” the studyrevealed.

Despite the perils, security hasn't kept pace with technologyand, even with mitigation efforts including adoption of chip andpin payment cards, companies lack confidence in their currentsecurity measures. More than two-thirds of respondents (68%) saidpressure to migrate to new payment systems puts customer data atrisk.

Fifty-nine percent cited EMV chip and PIN cards as an importantpart of their organization's payment strategy. But, only 53% ofrespondents believed chip and PIN cards will decrease orsignificantly decrease the risk of a data breach.

Respondents believed their companies face new threats posed bycontinued innovation in payment technologies. In fact, 59% ofrespondents expected data breach risk to increase through the useof mobile payments at point of sale in stores, and 54% believednear field communications technology will increase the risk ofsuffering a breach. According to the study, the most likelyinnovations to increase the risk of a data breach are: Virtualcurrencies (65%), mobile payments in stores (59%), e-Wallets forretailers (58%), mobile payments on devices/apps (57%) and nearfield communications (54%).

In addition to concerns over the ability to secure the nextgeneration of payments technologies, there was also uncertaintyabout the ability of breached companies to properly manage asecurity response. Throughout the industry, organizations continuedto be deficient in governance and security.

With security threats increasing, the payments sectoracknowledged the need to improve: only 16% felt companies wereeffective in breach response and 50% reported minimal to noindustry collaboration amongst key stakeholders despite effortsfrom the National Retail Federation and The Retail Industry LeadersAssociation.

How did payment card companies respond to highly publicized databreaches? Sixty-nine percent said highly publicized data breachesdid increase their awareness about securing their paymentprocesses. In response to these well-publicized breaches, mostrespondents (56%) said one of the first steps their organizationtook was risk assessment of personal information in their systems,followed by investments in enabling technologies (53%) andallocating more money for security (45%).

The two stakeholders most responsible for ensuring the securityof payments systems, according to the survey respondents, werefinancial institutions (45%) and credit card companies (40%). Only21% said conventional or Internet retailers should be responsiblefor ensuring the security of payment systems. Respondentsconsidered payment technology providers the least responsible.

While 67% of respondents said these high profile breaches madetheir organization's C-level executives more supportive of enhancedsecurity measures over payments, 49% of respondents were unsure,disagreed or strongly disagreed that the security of electronicpayments was a top priority issue for their organization.

The Identity Theft Resource Center reported that as of April 21,256 data breach incidents took place in 2015 with more than 102million records exposed. This represents a drop of approximately 4%in the number of breaches from last year's total for the same timeperiod. The Business (39.5%) and Medical/Healthcare (345) sectorsaccounted for the majority of incidents withBanking/Credit/Financial next (10.2%).