Digital Identity Friction: How the Move to Passwordless Can Help and Hurt Your Omnichannel Experience

May 17, 2022
IT LeadershipSecurity

Customers increasingly expect seamless digital omnichannel experiences, and a clunky authentication process may turn them away. Here’s what you can do about it.

Credit: Transmit Security

Customer loyalty has always started with a positive experience as evidenced by the old saying, “the customer is always right.” Increasingly, customers want digital omnichannel experiences and companies are providing them. According to Omnisend[1] marketing campaigns using three or more channels increased order rates by 494% over those using a single channel. With a thoughtful, well-planned passwordless deployment, organizations can build security and privacy into streamlined customer experiences.

The value of passwordless solutions in a digital world

As organizations increasingly adopt cloud-based technologies, they need to incorporate solutions that protect the security and privacy of sensitive data. Knowing this, cybercriminals focus on exploiting weak authentication methods as part of their attacks. For example, one study by SpyCloud[2] found a 64% password reuse rate for users with more than one password exposed in the last year.

Passwordless overcomes the innate security issues associated with reusable passwords and provides a better consumer experience. Customers no longer need to create, memorize and manage a password for every individual online service they use. Passwordless solutions allow customers to create new accounts and easily access them again later from any device or channel.

Additionally, when implemented correctly, Customer Identity and Access Management (CIAM) passwordless solutions enable companies to build multi-factor authentication into their digital experiences. This gives them an additional layer of security for more robust data protection.

Why aren’t more organizations adopting passwordless?

Passwordless is a newer technology and often, organizations are unsure how to implement it effectively. Currently, many organizations are implementing one of the following:

  • Magic links
  • One-time passwords (OTPs)
  • Authentication apps

These can help with authentication, but they’re clunky. These methods force users to leave one application, open another and then go back to the first one. Further, many organizations implement passwordless technologies in ways that fail to support omnichannel experiences which makes managing identity more complex than it already is.

Planning a passwordless deployment

When organizations begin their passwordless customer experience journey, they need to make sure that they choose a CIAM solution that responds to different use cases and provides the expected outcomes. Here are three key factors to consider when planning the deployment of a passwordless solution:

1. Choose a FIDO-based CIAM solution: The FIDO standards connect biometric readers embedded in devices, like mobile phones, tablets, laptops and PCs. However, they can also rely on a security pin or physical token.

This means that a passwordless solution leveraging FIDO-based authentication gives consumers the ability to engage with the brand from anywhere on any device, even ones that don’t support FIDO or that have biometrics disabled.

Finally, FIDO-based passwordless services make it easier to log in to accounts after consumers introduce a new device. They bind the new device to their account during the first login, then use it across all channels.

2. Address digital channels first: Digital channels typically require an internet or cellular connection. Some examples of digital channels include:

  • Website
  • Mobile app
  • Social media messaging service
  • Online chat for customer support
  • In-store or physical kiosks

Starting with digital channels enables organizations to accelerate time to market. FIDO-based passwordless solutions that use WebAuthn work across all digital channels when designed and implemented properly.

The implementation should link customers’ accounts across all digital channels. By doing this, customers can use the same device to authenticate to all accounts and services. Linking accounts makes subsequent logins seamless. The user’s device and the authentication do all the hard work in the background, so the user has a unified identity across all channels.

3. Connect with non-digital channels: Once the digital channels are implemented, the organization can add non-digital channels to the deployment. In the case of call centers where customers first need to be authenticated before responding to service requests, passwordless solutions help to streamline this process. Customers never need to share their password or PIN over the phone, reducing the risk of an eavesdropping attack.

Customers use the device’s biometric reader to authenticate via a web page, possibly from the mobile device they’re using for the call. The passwordless solution streamlines the entire process, eliminating OTPs, verification codes and frustrating multi-step processes.

Identity professionals and digital product leaders evaluating passwordless solutions should look for FIDO and WebAuthn-based solutions that will simplify rather than complicate their authentication journey. These solutions will enhance customer security and privacy while delivering the desired omnichannel experience.

Ready to say goodbye to passwords? Learn more about Transmit Security’s BindID solution today!

[1] Source

[2] Source