When it comes to online commerce, secure authentication is vital. Businesses need to confirm each customer’s identity and those customers need to be confident they are dealing with a legitimate organisation.
However, while authentication is a critical step in every online transaction, many businesses are failing to get it right. Some are making the process so complex or unwieldy that they risk driving customers away.
There are five key authentication mistakes many businesses are making and which need to be addressed to improve the online experience for customers. Those mistakes are:
Relying on Knowledge-Based Authentication:
When initially devised, Knowledge-Based Authentication (KBA) processes appeared to be an elegant answer to the question of online security. When signing into an e-commerce site, a customer had to answer questions to which only they should know the answers: their first pet’s name, the street in which they lived as a child, or the model of their first car.
However, as cybercriminals became more effective at stealing personal details, businesses had to increase security by making the questions tougher. The problem, however, was that this made remembering the answers annoyingly difficult. Which favourite band did the customer nominate or who was their favourite friend in primary school?
Rather than relying on KBA, it is far better to adopt more convenient multi-factor authentication (MFA) methods or enable password-less authentication such as facial or fingerprint recognition. This will improve the customer experience while also maintaining strong security.
Using poor phone-based authentication:
Automated call management systems can be frustrating enough to use, but if you add an additional layer of authentication, they can drive customers to distraction. Some systems require such authentication to be done even before a customer can talk to a human operator to have an issue resolved.
Select an identity solution that can automatically authenticate a customer if they have click “get support” from within an application where they have already been authenticated. Also, if the user calls via their mobile phone, simply request a fingerprint, face scan or text message response for easy and swift identification.
Demanding complex passwords:
Many businesses attempt to boost security by requiring customers to have long and complex passwords, often containing numbers, uppercase letters and symbols. The problem, however, is that such passwords tend to be difficult to remember.
As a result, many users find they have to reset their password almost every time they visit a site. This increases frustration and makes it likely they will instead visit your competition. Relying on long passwords is not the best approach to authentication.
Requiring a lengthy registration process:
Customers often find they need to enter details into lots of different fields when first registering on an e-commerce site. However, having too many fields can discourage customers and lead to them abandoning their transactions.
Industry experience shows that three fields tends to be the magic number, however this will vary by industry, product and geography. The important thing is to make the process as simple as possible.
One way this can be achieved is by enabling social registration and allowing customers to authenticate via Facebook or other social platforms with just one click. This streamlines the entire process and makes it much more user friendly.
Having a burdensome account recovery process:
When customers forget their login credentials, having a tedious recovery process will make them even more frustrated. Some businesses require customers to click a link, send an email, copy a unique code and then log in all over again.
Consider deploying an ID solution that can allow customers to recover or reset their password using just a fingerprint or face scan, thereby improving the experience greatly.
By avoiding these mistakes, businesses can significantly streamline the way in which customers identify themselves and undertake transactions. As a growing proportion of commerce shifts online, those businesses that can offer a user-friendly experience are more likely to capture a larger slice of the e-commerce pie. Taking the time now to review your IT processes will pay dividends in coming years.
Ashley Diffey is country manager for ANZ and Japan at Ping Identity