Advertisement

Use Social Login At Your Own Risk

By Ori
Eisen, Trusona

There’s a reason why social
media profiles have become a popular means of logging in across the Internet.
As recently as 2015, we saw more than 58 million logins using social
media credentials across 700+ other apps and services. I can’t take credit for
even a single instance, but I certainly understand why the numbers are so high.

It’s all about convenience. It’s why so many of
us use our credentials on Facebook (which has the lion’s share), alongside
Twitter, Google and also Yahoo to log in to other applications — and why so
many retailers offer that service to get customers registered on their sites.

Advertisement

Is There An End In Sight?

I’m convinced if there were to be a moment to
reconsider our willingness to trust Facebook enough to share credentials with
other sites, it would be happening now. If headlines about Cambridge Analytica
gaining access to private data on millions of Facebook users didn’t call that
into question, Facebook’s quarterly
report
stating that Cambridge
Analytica isn’t alone and that they expect to “discover and announce additional
incidents of misuse of user data or other undesirable activity by third parties,”
certainly should.

But if my recent informal survey of colleagues,
friends and family is any indication, I’m completely wrong. The practice of
using social logins hasn’t taken even the slightest of hits, which means we’ll
continue to see the most popular online sites — starting with social media, but
now including companies like PayPal and Amazon — be the means by which many
access other online services.

If people continue to use them, retailers will
continue to offer them. And while it may be convenient for retailers to
outsource this service, it’s hardly in their best interest (nor their
customers’) to do so.

Convenience Can’t Trump Security

Social login is the epitome of convenience.
Among the benefits are simplifying web and mobile registration, eliminating the
need to remember another new username and password friction, and offering the
ability to use stored payment information. That first one, in particular, is
not small potatoes when you think about customer acquisition. It turns out that
creating a new account can be incredibly taxing for users and can turn them off
from a site entirely. (A 2014 Business Insider study found that 28% of consumers abandoned a
purchase because they didn’t want to create an account. It’s also why so many
brands now offer “guest checkout” options.)

But what do retailers put at risk in relying on
another company for customers to gain access to their site? Giving a third party
control over such an important part of your business is a risky move. Do you
really trust another company to create, maintain and care for your users’
identity as you would — and what will they do with that personal data? Not to
mention, if they suffer an outage with their servers or decide to change their
terms of service, your users will be cut off from your service. Or if a
customer decides to cancel their social media accounts, they’ve also cancelled
theirs with you, too.

Protect Your Customers

Using social login, specifically Facebook, may
also carry added security risks, according to new research from Princeton
published recently.

New research suggests you’re not just granting
permission to Facebook. According to WIRED, researchers found that when users grant
permission for a web site to access their Facebook profile, third-party
trackers embedded on the site accessed that data, too — ranging from a user’s
name and email address to age, birthday and other information, depending on
what information the original site requested to access.

When you jeopardize the trust you’ve worked so
hard to build with your customers, it’s tough to regain that footing. When you
hear brand names like Experian, Yahoo or even Target, they’re inextricably
linked to security fiascos. And while large corporations can handle the fallout
and pay off the legal fees associated, not all companies are so lucky.
Scrutinizing and vetting the kinds of companies you partner with and trust with
customer data reflects more than just your views on security.

First Impressions Matter

Let’s talk about real estate for a moment. As
MailChimp so bluntly put it, who wants their app to be veritable
advertisements for social media brands?

In many fields, the login page is a company’s
first impression, the small period when a person first makes up his or her mind
to learn more or close the tab. We’ve all become extremely selective online,
sparing maybe a few seconds for something before jumping ship. For retail
brands, these precious few seconds are essential to making a good impression
and gaining a customer. With people only capable of absorbing so much
information at once, why offer up a cluttered page that potentially overwhelms?

Research shows that first impressions online are
94% design-related and that judgments on a web site’s credibility are based
significantly on aesthetics. And while in many ways, it’s true that a home page
makes or breaks a customer’s experience, the act of creating an account or
logging in — when you’re formally building that relationship with a brand — is
a very close second.

The
short version? Use social login at your own risk.


Ori Eisen is founder and CEO and of identity authentication technology
company 
Trusona. He has spent the last two decades building technology to fight online
crime and to secure the Internet, previously founding fraud prevention and
detection technology company 41st Parameter, as well as serving as worldwide
fraud director for American Express.

Advertisement

Advertisement

Upcoming Events

Access The Media Kit

Interests:

Access Our Editorial Calendar




If you are downloading this on behalf of a client, please provide the company name and website information below: