As online retailers, you constantly struggle. You want your customers to have a great experience and avoid any hassles or unnecessary hurdles when visiting your site, but you also want them to be protected. We know that customers can find security protocols tedious. It’s frustrating to forget which password you used for a certain site, get locked out after a few login attempts, and then have to experience more obstacles to gain access. We live in a world with an ever-changing technology landscape, yet fraud continues to be a concern year after year. Despite occasional inconveniences, most consumers prefer to have some level of assurance that their personal data is safe when online.
The balance between convenience and security is one of the more difficult challenges faced by all online businesses, including retailers. According to our Global Fraud and Identity Report, 66% of consumers prefer security protocols when making transactions online because the extra steps make them feel protected. In fact, lack of visible security was the number one reason customers abandoned a transaction. While your customers may feel protected, these steps may also contribute to a lower frequency of customer logins and transactions due to unpleasant user experiences. Fewer logins and transactions mean less opportunities to engage with your customers. One-third of consumers we surveyed said they would conduct more transactions online if there weren't so many security hurdles to overcome.
Millennials are the same generation that grew up with more advanced technology at hand: the dreaded sound of dial-up Internet, AOL instant messenger and Motorola Razr phones. When the digital world evolved into high speed networks, flip phones turned into smartphones, and tablets and smart home devices started talking to one another, the terms data and security suddenly became even more prevalent. Communication methods evolved, and Millennials and older generations alike grew accustomed to the transformation of quicker transactions and faster correspondence, ultimately shaping the values of time and convenience.
Generally, consumers are willing to share their personal data with companies to improve their security and convenience. In an additional study, Delivering Value in the Digital Age, Experian UK found that out of 2,000 consumers surveyed, 41% said they were accepting, but not thrilled, with the amount of data they are asked to share, but do so with a level of concern. Approximately 22% were considered the “happy-go-lucky unaware” group. They are excited to use the product or service they desire, and click “accept” without really understanding what they are agreeing with.
The challenge is keeping all consumers equally engaged and safe, hence the common move toward tighter security controls that respect a user’s time, like CAPTCHA and two-factor authentication. CAPTCHA, an acronym for Completely Automated Public Turing test to tell Computers and Humans Apart, is designed to make sure the user is not a computer program trying to spam the site. A common form of a CAPTCHA response is when a box pops up on screen, and the user is asked to type the random letters and numbers correctly in front of him or her.
Two-factor authentication, on the other hand, is when a user must pass two forms of security rather than one. For example, logging into your email inbox on your home computer might only require the password you set previously, but when you attempt to log in to your email on an unfamiliar system, like your friend’s computer, you might be asked to answer a security question as your second factor of authorization.
Today, while consumers may tolerate the nuisance of common barriers to accessing their accounts, such as forgetting their password or having to enter answers to security questions, more friction doesn’t necessarily mean better security. These measures are still prone to targeted hacks, depending on the second authenticity factor. When the second factor is a knowledge-based question, this leaves room for persistent hackers to research the answers they need, or convince a customer service representative that they’re the rightful owner of the credentials. They don’t need to go far to gain access.
In the name of both security and convenience, businesses are using data-driven, analytics-powered customer identity and fraud prevention systems operating behind the scenes. One technology we are seeing become more mainstream that can help create a safer, more customer friendly approach as it pertains to data security and ease of transactions is biometrics. Most people associate biometrics with fingerprint verification or facial ID on their smartphones. It allows us to enter into our phones without having to remember and re-enter a passcode. Instead, by just placing your finger on the home button or glancing at the phone, you gain access.
Biometrics also create that extra layer of safety in two-factor authorization, in that one would need to have his or her device on hand to access personal data. Without a biometric feature, persistent hackers have an advantage if they try to access data remotely. Biometrics also can analyze behavioral patterns, such as how fast a consumer scrolls through a webpage, which is beneficial to retailers that want a better understanding of their customers’ shopping behaviors. Biometrics simplifies and speeds up this process of how retailers can identify their customers while creating an added layer of security for customers who are shopping online. And more importantly, all of this happens behind the scenes, resulting in a seamless experience for consumers.
Technology is a pivotal tool in building trust between institutions and their consumers, and it’s also a big responsibility for retailers. Organizations’ fraud prevention protocols often live under the jurisdiction of IT teams who continually evaluate an organization’s technology platforms and processes. While this is essential for keeping apprised of best practices in data security, organizations should also consider including other key departments in the conversation, particularly those most affected by a potential breach, such as fraud risk, marketing, customer experience, sales, and legal services.
According to our study, businesses are sensitive to costs associated with fraud, and over 67% say that a ‘fraudulent transaction not declined’ is costlier to the business than a ‘legitimate transaction that is declined.’ Additionally, 69% also are concerned with the number of incorrectly declined customer transactions from overzealous fraud detection. By bringing departments together and investing the time and resources needed, organizations are steps closer to understanding the impact of technology on customer experience, and fraud and marketing teams, and determining solutions for all.
For this to all work effectively, retailers need to gain and maintain the customer's trust by taking steps to address the common perception of security. In fact, the enthusiastic embrace by consumers of the digital marketplace, and their willingness to share personal data for increased security and convenience, is predicated on trust. Customers want to be recognized, and businesses want to address the growing fraud they are experiencing. By modifying how we design security capabilities, with more layers, more data and probabilistic approaches to creating an identity, companies will balance security and convenience, and ultimately be the winners in the competition for consumer engagement, trust and delight.
David Britton brings a wealth of experience and a unique insight into the criminal methodology behind cyber fraud to his current position as Vice President, Industry Solutions at Experian. As one of the very first Internet fraud investigators, Britton played a central role in the development of cutting edge fraud prevention technologies in the online space. He is often asked to help frame strategies for mitigating fraud while preserving the consumer experience. He also works closely with the global product team as a thought leader, helping to guide the vision of the Experian global product portfolio, and with the marketing and sales organization to help formulate go-to-market positioning and market intelligence. Prior to joining Experian, Britton was a private consultant to various fraud enterprises. He holds an M.M. from the San Francisco Conservatory of Music and a B.A. from Westmont College.