By Sarah Munro, Head of Biometrics, Onfido
The deadlock between customer experience and security is not new, as digital companies are often forced to prioritise one over the other. In the past companies found themselves floating somewhere along the spectrum – either excessively increasing security to the point they lose customers or compromising security completely for the sake of a seamless customer experience.
But with digital identity fraud on the rise, increasing as much as 41% YoY, the need for businesses to strike the balance between these two priorities is more apparent than ever. Recent research by Onfido revealed that up to 43% of customers will abandon the digital ‘sign-up’ process if expectations on both security and experience aren’t met.
The reality is that there are growing opportunities for organisations to view the two as friends, rather than enemies.
The old tug of war
Ensuring your business and customers are safe from fraudsters is naturally a priority, and especially important as malicious actors increase the volume and sophistication of their exploits. With rates of identity fraud on the rise, a failure to defend against these attacks can have significant consequences, leading to mass revenue losses and damage to your company’s brand reputation.
Yet, the user experience is also where revenue is won or lost. Cumbersome verification methods and sign-up forms can deter new users, and lead to issues with trust and loyalty. This puts an added focus on desktop and mobile interfaces as it is the first interaction users have, so it must be seamless and user-friendly.
Businesses have traditionally had to prioritise either security or user experience, but attitudes are changing – not least because the standard of competition is so high.
A formula for digital trust
Digital trust is the beating heart of the modern world. As such, maintaining and building that trust is integral to ensuring that businesses are safeguarded against fraudulent attempts and users feel confident using their digital services and products. Making customers feel secure is precisely what is needed to strike the perfect balance between seamless experience and security. In short – great customer experience and robust security leads to digital trust.
But establishing digital trust also requires organisations to determine the “friendly friction” for each interaction. This isn’t a one-size-fits all approach. It should adapt to the risk involved, striking the right balance between customer drop-offs and fraud detection. For example, reauthenticating to reset a password to an account might only require a biometric verification which matches the biometric data provided when the account owner’s real identity was established at registration. But if a higher-value transaction is taking place, for instance a large bank transfer, the business may want to step-up the security process in line with the potential risk, so might require an identity document check alongside the biometric verification.
But when adding additional friction to the user journey in line with the security risk, as our examples indicate, the authentication process should still be optimised to ensure that the overall experience remains seamless. We must never forget that the digital verification processes should be about enabling people to more conveniently, yet securely access a service. So, for user experience designers and security professionals, the priority is therefore understanding the risk profile of each customer journey and adapting the process with digital trust at its core.
Harmonising security and user experience
If the ultimate goal for businesses is to meet customer expectations, they must start seeing user experience and security as complementary rather than combative priorities. Below are some tips on how to achieve this delicate balance:
- Adopt a tailored approach: Achieving the right balance wholly depends on your specific business. For instance, even if you’re in a regulated industry, you can take a risk-based approach by verifying identities at the account creation stage, then performing additional security checks for large transactions. But the location of the business or the type of product will also influence the balance between security and user experience.
- Change attitudes around security: While you can’t remove the friction of security entirely, you can change how customers think about it. Make it as simple as possible and communicate effectively why processes such as biometric multi-factor authentication are in place.
- Double down on purpose: Remember that security exists for a reason. It is key that users are onboarded quickly, but make this a completely frictionless experience and they will not feel secure – particularly when it comes to high-value services like accessing or changing personal financial information. Adding friendly friction can help build trust with your customers.
Keeping your finger on the pulse around the shifting customer expectations of security and user experience is crucial for building and maintaining trust for the future. What is now needed is for businesses to figure out how to marry these two priorities in a way that benefits both customers and employees alike.