Digital identities sit at the crossroads of security and revenue growth. This blog series explores how to mitigate account takeover (ATO) and other fraud risks while improving customer experience and brand loyalty.
Digital Identity Friction: How the Move to Passwordless Can Help and Hurt Your Omnichannel Experience
Customers increasingly expect seamless digital omnichannel experiences, and a clunky authentication process may turn them away. Here’s what you can do about it.
BrandPosts are written and edited by members of our sponsor community. BrandPosts create an opportunity for an individual sponsor to provide insight and commentary from their point-of-view directly to our audience. The editorial team does not participate in the writing or editing of BrandPosts.
Customer loyalty has always started with a positive experience as evidenced by the old saying, “the customer is always right.” Increasingly, customers want digital omnichannel experiences and companies are providing them. According to Omnisend marketing campaigns using three or more channels increased order rates by 494% over those using a single channel. With a thoughtful, well-planned passwordless deployment, organizations can build security and privacy into streamlined customer experiences.
The value of passwordless solutions in a digital world
As organizations increasingly adopt cloud-based technologies, they need to incorporate solutions that protect the security and privacy of sensitive data. Knowing this, cybercriminals focus on exploiting weak authentication methods as part of their attacks. For example, one study by SpyCloud found a 64% password reuse rate for users with more than one password exposed in the last year.
Passwordless overcomes the innate security issues associated with reusable passwords and provides a better consumer experience. Customers no longer need to create, memorize and manage a password for every individual online service they use. Passwordless solutions allow customers to create new accounts and easily access them again later from any device or channel.
Additionally, when implemented correctly, Customer Identity and Access Management (CIAM) passwordless solutions enable companies to build multi-factor authentication into their digital experiences. This gives them an additional layer of security for more robust data protection.
Why aren’t more organizations adopting passwordless?
Passwordless is a newer technology and often, organizations are unsure how to implement it effectively. Currently, many organizations are implementing one of the following:
One-time passwords (OTPs)
These can help with authentication, but they’re clunky. These methods force users to leave one application, open another and then go back to the first one. Further, many organizations implement passwordless technologies in ways that fail to support omnichannel experiences which makes managing identity more complex than it already is.
Planning a passwordless deployment
When organizations begin their passwordless customer experience journey, they need to make sure that they choose a CIAM solution that responds to different use cases and provides the expected outcomes. Here are three key factors to consider when planning the deployment of a passwordless solution:
1. Choose a FIDO-based CIAM solution: The FIDO standards connect biometric readers embedded in devices, like mobile phones, tablets, laptops and PCs. However, they can also rely on a security pin or physical token.
This means that a passwordless solution leveraging FIDO-based authentication gives consumers the ability to engage with the brand from anywhere on any device, even ones that don’t support FIDO or that have biometrics disabled.
Finally, FIDO-based passwordless services make it easier to log in to accounts after consumers introduce a new device. They bind the new device to their account during the first login, then use it across all channels.
2. Address digital channels first: Digital channels typically require an internet or cellular connection. Some examples of digital channels include:
Social media messaging service
Online chat for customer support
In-store or physical kiosks
Starting with digital channels enables organizations to accelerate time to market. FIDO-based passwordless solutions that use WebAuthn work across all digital channels when designed and implemented properly.
The implementation should link customers’ accounts across all digital channels. By doing this, customers can use the same device to authenticate to all accounts and services. Linking accounts makes subsequent logins seamless. The user’s device and the authentication do all the hard work in the background, so the user has a unified identity across all channels.
3. Connect with non-digital channels: Once the digital channels are implemented, the organization can add non-digital channels to the deployment. In the case of call centers where customers first need to be authenticated before responding to service requests, passwordless solutions help to streamline this process. Customers never need to share their password or PIN over the phone, reducing the risk of an eavesdropping attack.
Customers use the device’s biometric reader to authenticate via a web page, possibly from the mobile device they’re using for the call. The passwordless solution streamlines the entire process, eliminating OTPs, verification codes and frustrating multi-step processes.
Identity professionals and digital product leaders evaluating passwordless solutions should look for FIDO and WebAuthn-based solutions that will simplify rather than complicate their authentication journey. These solutions will enhance customer security and privacy while delivering the desired omnichannel experience.