Finding the balance between customer experience and security

Through Sarah Munro, Head of Biometrics, Onfido

The deadlock between customer experience and security is not new, as digital businesses are often forced to prioritize one over the other. In the past, businesses have found themselves floating somewhere along the spectrum – either excessively increasing security to the point of losing customers, or completely compromising security in the name of a seamless customer experience.

But with the increase in digital identity fraud, increasing as much as 41% year-on-year, the need for companies to strike a balance between these two priorities is more evident than ever. Recent research by Onfido found that up to 43% of clients will abandon the digital “sign-up” process if the expectations for security and experience are not met.

The reality is that there are more and more opportunities for organizations to view the two as friends rather than enemies.

The old standoff

Ensuring that your business and your customers are safe from fraudsters is naturally a priority, and all the more important as malicious actors increase the volume and sophistication of their exploits. With identity fraud rates on the rise, the inability to defend against these attacks can have serious consequences, leading to massive revenue losses and damaging your company’s brand reputation.

Yet user experience is also where revenue is earned or lost. Cumbersome verification methods and registration forms can deter new users and lead to trust and loyalty issues. This puts more emphasis on the desktop and mobile interfaces, as this is the first user interaction, so it needs to be seamless and user-friendly.

Companies have traditionally had to prioritize security or user experience, but attitudes are changing, not least because the level of competition is so high.

A formula for digital trust

Digital trust is the beating heart of the modern world. As such, maintaining and strengthening that trust is essential to ensure that businesses are protected against fraudulent attempts and that users feel confident when using their digital products and services. Making customers feel safe is precisely what is needed to strike the perfect balance between seamless experience and security. In short, a great customer experience and robust security lead to digital trust.

But to build digital trust, organizations must also determine the “friendly friction“for each interaction. This is not a one-size-fits-all approach. It must adapt to the risk involved, finding the right balance between customer withdrawals and fraud detection. For example, reauthentication to reset a password on an account may only require biometric verification which matches the biometric data provided when the true identity of the account owner was established during registration. But if a transaction of greater value takes place, for example a wire transfer Importantly, the business may want to strengthen the security process depending on the potential risk, and therefore may require verification of identity documents alongside biometric verification.

But when adding additional friction to the user journey based on security risk, as our examples show, the authentication process should always be optimized to ensure that the overall experience remains transparent. We must never forget that digital verification processes should make it easier and more secure for people to access a service. Thus, for user experience designers and security professionals, the priority is therefore to understand the risk profile of each customer journey and to adapt the process with digital trust at its heart.

Harmonize security and user experience

If the ultimate goal of businesses is to meet customer expectations, they must begin to view user experience and security as complementary rather than combative priorities. Here are some tips for achieving this delicate balance:

1. Adopt a tailor-made approach: Achieving the right balance depends entirely on your specific activity. For example, even if you are in a regulated industry, you can take a risk-based approach by verifying identities at the account creation stage and then performing additional security checks for large transactions. But the location of the business or the type of product will also influence the balance between security and user experience.
2. Changing attitudes around safety: While you can’t remove the friction from security completely, you can change the way customers think about it. Make it as simple as possible and effectively communicate why processes like biometric multi-factor authentication are in place.
3. Voluntarily doubling: Remember that security exists for a reason. It is essential that users get on board quickly, but make it a frictionless experience and they will not feel secure, especially when it comes to high value services like accessing or modifying financial information. personal. Adding some friendly friction can help build trust with your customers.

Keeping your finger on the pulse of changing customer expectations for security and user experience is crucial to building and maintaining trust for the future. What is needed now is for companies to figure out how to marry these two priorities in a way that benefits both customers and employees.