Transmit Security coined the term “identity experience” to define the convergence of two domains:
1) identity management and 2) customer experience. Employees in different roles typically lead these areas within a company. Even if stakeholders collaborate, the division of priorities leaves gaps and blind spots. The results may be the single largest cause of customer attrition and lost revenue.
By shining a spotlight on the identity experience, business leaders are now more aware of its vital importance. The primary question we encourage every company to ask is: how does identity management impact your customer experience? Based on customer surveys, the business impact is detrimental—costing some companies more than any other single issue. I’ll explain in this article.
But first, let’s break it down.
Identity management is the process by which customers (or employees) access their personal accounts, web or mobile apps, customer support and other resources. It is sometimes called Identity and Access Management (or IAM). It provides authentication, typically with a user ID and password, to verify the user’s identity. It’s a security check, like asking to see your ID at the airport. TechTarget defines identity management as “an important part of the enterprise security plan… linked to both the security and productivity of the organization.”
Customers are funneled through your identity management process, but their desire for simplicity and ease seems blatantly ignored. Need proof? Passwords, one-time passcodes (OTPs), CAPTCHA, security questions, lockouts and resets. Each step may seem like a minor nuisance, but the combined effect is killing off customers, death by a thousand paper cuts. I’ll share stats on customer loss, but let’s gain perspective first.
“There is a huge gap between how companies perceive user experience on their websites and apps and what the users actually experience. The desire for higher levels of security is increasingly hurting the user experience. The poorer the user’s experience, the worse it is for business,” explains Mickey Boodaei, Transmit Security CEO and Co-founder
Outdated authentication methods are at the heart of the problem. Most companies still rely on passwords, which were first created 70 years ago when a massive computer — with a tiny fraction of today’s processing power — filled a room. It’s stunning in light of how far we’ve come with other technologies.
That raises my next point: passwords can hardly be described as a technology. They’re a flawed human construct, intended to be memorable. But according to our survey, we’re so bad at remembering them that most of us reuse the same password up to 14 times. This gives criminals a distinct advantage.
Hackers have thoroughly proven passwords are an easy target. Brute force attacks, phishing, keyloggers and password spraying are just a few of their tricks. It only takes 10 minutes to crack a lowercase 6-character password, according to Avast. It’s no surprise that 80% of breaches are linked to passwords.
Our stern defense? Passphrases with upper and lower case letters, symbols and numbers. This does help. We’ve also added multi-factor authentication (MFA) like OTPs delivered via text. These added layers form a reactionary patchwork of security on top of your passwords. This makes it harder for cybercriminals, but they still succeed with techniques like SMS intercepts, network session hijacking, and password reset tricks.
It’s easy to make the case that passwords carry more risk than benefit. So in exchange for flawed security, companies are paying a high price on two fronts: costly breaches and customer loss. Mastercard data shows 33% of online sales are abandoned at checkout when consumers forget their passwords. Other consumer surveys reveal more than half would rather leave a website than reset their logins. It shows how much a simple password-related issue can impact your business.
There’s no need to sacrifice the customer’s identity experience on the altar of broken security. We now have the technology to eliminate passwords completely. Passwordless authentication minimizes the risks, friction and costs—improving the identity experience while fortifying security.
FIDO2 (Fast ID Online) authentication, the second generation of open standard protocols from the FIDO Alliance, enables us to more easily and securely replace password logins with biometric authentication (FaceID and fingerprint scans). Fast and simple validation gives customers quick and seamless access to their accounts, websites, apps or call centers.
The Transmit Security passwordless customer authentication service is the industry’s first app-less biometric authenticator, and it’s designed from the ground up to deliver seamless identity experiences. Strong FIDO2 biometric authentication resolves the security-versus-experience conundrum. Instead of using multiple tools to validate users at multiple layers, Transmit Security authenticates customers using a single tool or smart device: a mobile phone, PC, laptop or tablet.
Identity experiences encompass the customer’s entire identity journey, from the first account registration to logins from any device, on any channel, including the call center. When the identity experience feels effortless and consistent, customers spend more, return frequently and tell their friends. Companies can expect business to grow, with a rapid 33% gain in sales, previously lost due to password issues.
Discover more. Read our blog: Why Identity Experiences Should Be a Strategic Priority in Your Business.
¹ Verizon, “2020 Data Breach Investigations Report.”