At the height of the pandemic, it’s thought that both consumers and businesses took a 5-year leap in digital adoption in around 8 weeks. It’s also clear that consumers are now using more online services and are less forgiving of poor online experiences than before Covid hit.
With so much of our lives moving online, it’s no surprise that security has become more of a focus. For example, many consumers have turned to managing their finances online as bank branches across the country have closed their doors amid the lockdowns.
It’s natural to be security aware when banking online but the pandemic has given rise to an alarming spike in cyber-criminals playing on people's trust and targeting vulnerable individuals in situations where security might not be front of mind. A friend’s son recently tried to book his DVLA theory test online, only to discover as the date approached, that he had inadvertently been diverted to a counterfeit site, booked a bogus test date and paid twice the going rate.
Consumers want to feel safe online. And rightly so. But they also want a frictionless and speedy experience. In fact, we believe many would likely stop interacting with a brand altogether when confronted with a slow website.
Being faced with too many hurdles could have a similar impact. So how do organizations and brands go about balancing performance and frictionless access with the demand to feel safe and protected? At the end of the day, businesses have a responsibility to protect their customers and ensure they feel secure when interacting with them online.
Good friction
Security hurdles in the customer experience give consumers confidence that their safety is something a service provider or retailer takes seriously, but careful consideration needs to be given to how much friction is necessary and which mechanisms are used.
To avoid too many additional hurdles, some organizations adopt the concept of a ‘soft login’ from consumer’s known devices. After initially registering or entering their login credentials, a customer can access most of the experience, such as personalized content, the ability to add items to wish lists and shopping carts, without re-entering details. Login credentials only then need to be submitted at the point that a consumer wants to perform a transaction.
Ocado is a good example of this. You can do pretty much everything, except place orders, without having to submit credentials. Amazon go further by allowing their customers, as an option in their purchase preferences, to switch on 1-click purchasing, allowing you to purchase items through a single click for delivery to an address that already has a payment method paired with it.
Authentication measures
Some friction is necessary to secure transactions, but the level of friction is determined by the authentication methods that organizations choose to use. The username / password pair is the classic example, which now often has secondary security measures, such as two-factor authentication, where you are typically sent a code via SMS to your mobile device and are required to enter it in addition to your username and password.
More recently, we’ve seen fingerprint and face recognition-based technologies, such as Apple Pay and Google Pay, that limit friction to the bare minimum by effectively removing traditional order purchase steps and the need for keyboard or keypad entry.
Determining risk
Customers are increasingly aware these days of the importance of security, as a result of media coverage of a number of high-profile cases that have exposed significant breaches. So it’s important for all businesses to get the balance right between a streamlined customer experience and the need for some friction based on the level of risk associated with their customers’ different types of activities. In broad terms, these fall into non-transactional (browsing, adding items to wish lists and shopping carts) and transactional (purchases, service sign-ups).
Going back to our previous examples, Ocado gets that balance right, whilst Amazon effectively lets consumers decide on their desired level of friction when purchasing items on its site, determined by how private the device they use to make Amazon purchases is.
Technologies that inspire confidence
Apple and Google have had great success at reducing friction without compromising security through the introduction of fingerprint and face recognition-based technologies. These have been well accepted and adopted as a safe means of authentication, although fingerprint recognition may well have the upper hand as we all adopt mask-wearing to combat Covid.
We’re seeing more organizations allowing consumers to use Apple Pay or Google Pay to transact with them, which reduces friction in their checkout processes and reduces the amount of data organizations themselves need to hold on consumers. It’s also not just fingerprint and face recognition-based technologies that offer consumer confidence. The fact that such technology is more prevalent on mobile devices, which we generally do not share with others and are private to us, is also a contributing factor.
Whilst it’s the basics such as bad performance and non-intuitive navigation that cause the biggest frustrations for consumers when dealing with brands online, security is another fundamental that organizations can’t afford to fall down on. Not least because they risk regulatory comeback, but it’s also of utmost importance to maintain consumer trust.
A non-invasive audit using a tool like Sitebulb will give your sites a security score and allow you to assess where best to invest to give your consumers confidence and keep them coming back. While we live our lives out online, ensuring that security is a priority is a must.
James Squires, Lead Consultant, Tech Strategy, Wunderman Thompson Technology