Transmit Security coined the term identity experience to define the convergence of two domains: 1) identity management and 2) customer experience. Employees in different roles typically lead these areas within a company. Even if stakeholders collaborate, the division of priorities leaves gaps and blind spots. The results may be the single largest cause of customer attrition and lost revenue.
By shining a spotlight on the identity experience, business leaders are now more aware of its vital importance. The primary question we encourage every company to ask is: how does identity management impact your customer experience? Based on customer surveys, the business impact is detrimental—costing some companies more than any other single issue. I’ll explain later in this article.
But first, let’s break it down.
What is Identity Management?
Identity management is the process by which customers (or employees) access their personal accounts, web or mobile apps, customer support and other resources. This requires authentication, typically a login, to verify the user’s identity. It’s a security check, like asking to see your ID at the airport. TechTarget defines identity management as “an important part of the enterprise security plan… linked to both the security and productivity of the organization.
What About the Customer Experience?
Customers are funneled through your identity management process, but their desire for simplicity and ease seems blatantly ignored. Need proof? Passwords, one-time passcodes (OTPs), CAPTCHA, security questions, lockouts and resets. Each step may seem like a minor nuisance, but the combined effect is killing off customers, death by a thousand paper cuts. I’ll share stats on customer loss, but let’s gain perspective first.
“There is a huge gap between how companies perceive user experience on their websites and apps and what the users actually experience. The desire for higher levels of security is increasingly hurting the user experience. The poorer the user’s experience, the worse it is for business.” —Mickey Boodaei, Transmit Security CEO and Co-founder
How Did We Get Here?
Outdated authentication methods are at the heart of the problem. Most companies still rely on passwords, which were first created 70 years ago when a massive computer with a tiny fraction of today’s processing power filled a room. It’s stunning in light of how far we’ve come with other technologies.
That raises my next point: passwords are not a technology. They’re a flawed human construct, chosen to be memorable. But according to our survey, we’re so bad at remembering that most of us reuse the same password up to 14 times. This gives criminals a distinct advantage.
The Weak Link
Hackers have thoroughly proven passwords are an easy target. Brute force attacks, phishing, keyloggers and password spraying are just a few of their tricks. It only takes 10 minutes to crack a lowercase 6-character password, according to Avast. It’s no surprise that 80% of breaches are linked to passwords.
Our stern defense? Passphrases with upper and lower case letters, symbols and numbers. This does help. We’ve also added multi-factor authentication (MFA) like OTPs delivered via text. This makes it harder for cybercriminals, but they still succeed with techniques like SMS intercepts, network session hijacking, and password reset tricks.
It’s easy to make the case that passwords carry more risk than benefit. So in exchange for flawed security, companies are paying a high price on two fronts: costly breaches and customer loss. MasterCard data shows 33% of online sales are abandoned at checkout when consumers forget their passwords. And according to our survey, 92% would rather leave a website than reset their logins.
Prioritize the Identity Experience
There’s no need to sacrifice the customer’s identity experience on the altar of broken security. We now have the technology to eliminate passwords completely. Passwordless authentication minimizes the risks, friction and costs—improving the identity experience while fortifying security.
FIDO2 (Fast ID Online) authentication, the second generation of open standard protocols from the FIDO Alliance, enables us to more easily and securely replace password logins with biometric authentication (FaceID and fingerprint scans). Fast and simple validation gives customers quick and seamless access to their accounts, websites, apps or call centers.
The Identity Experience Solution
Transmit Security BindID is the industry’s only app-less biometric authenticator, and it’s designed from the ground up to deliver seamless identity experiences. Strong FIDO2 biometric authentication resolves the security-versus-experience conundrum. Instead of using multiple tools to validate users at multiple layers, BindID authenticates customers using a single tool or smart device: a mobile phone, PC, laptop or tablet.
Smooth Identity Experiences
Identity experiences encompass the customer’s entire identity journey, from the first account registration to logins from any device, on any channel, including the call center. When the identity experience feels effortless and consistent, customers spend more, return frequently and tell their friends. Companies can expect business to grow, with a rapid 33% gain in sales, previously lost due to password issues.
Discover more. Read our blog: Why Identity Experiences Should Be a Strategic Priority in Your Business.