December 5, 2018
November 29, 2018
Posted September 26, 2016
As we approach Digital Identity Summit in October, I want to highlight some key themes we’ll be discussing throughout the event – starting with how digital identity relates to the mobile experience.
“Mobile-first” is no longer so much a rallying cry as a necessity for modern business. Banks and retailers with extensive customer-facing processes innovated first because they had to. Their customers are mobile and readily vote with their wallets for premium service and ease of use. Online lending is another example where mobile has led the charge for digital transformation, as the need for convenience and speed undeniably trumps the traditional service model.
Following the first movers, many businesses are Web-enabling customer, partner and employee processes. Their constituents are just as mobile and digitally connected. They do nearly everything else on their mobile devices, and they want more than a digital on-ramp to the business. They want to be productive no matter where they are, be that a park bench, plane, or car (hopefully from the passenger seat). Their demands for productivity are driving the need for digital transformation.
Mobile Security Vs. Mobile Experience
The problem, of course, is that as mobile-engaged customers demand more advanced mobile services, cybercriminals are ready to pounce – and they have already. The cybercrime trends are particularly visible in EMEA which arguably leads North America in digital engagement. In fact, our recent Q2 2016 EMEA cybercrime report identified significant up-ticks throughout Europe.
In response, many companies scrambled to put counter measures in place. One familiar innovation became the all too familiar two-factor authentication. This effectively takes an “out of band” channel (e.g., mobile phone) and presumes the owner can properly recover a pass code via e-mail, voice or SMS sent to that device and then use it to verify their identity online. Digital “watchlists” and to some extent device ID and IP lookup followed to further online authentication.
These innovations proved valuable, but with critical limitations and in some cases, additional vulnerabilities. It’s not really my purpose here to explore these limitations or call them out as misguided. They serve a purpose. But I do want to focus on one common element for all of them: Their impact on the customer experience and on the challenge of growing the business internationally.
In one recent study that ThreatMetrix funded, First Annapolis Research found nearly $14.9B yearly losses attributable to customer friction. The costs are extensive, and they point to one inevitable conclusion. The real business challenge is neither enabling digital services or preventing fraud. It’s doing both while delivering a smooth customer experience that delivers competitive differentiation.
Treating customers as if they are cybercriminals is definitely no way to go about it, but this often happens when fraud prevention and security are bolted on to legacy applications, versus integrated into the platform. The result: businesses don’t recognize customers online. Imagine walking into a local business every few days only to be greeted by a face-blind receptionist who asks each time for basic proof of identity. In person or digitally, the clumsy experience is one telltale sign that the company and the brand are out of touch.
The reality businesses must all embrace is that the boundaries between off-line and on-line are disappearing. Customers simply expect to be recognized online just as they do at neighborhood businesses they frequent in person. Growing the business becomes a matter of delivering an elegant digital interaction and smooth, personalized service. This is easier said than done.
The Move to Global Digital Identities & Seamless Authentication
When customers travel and move about the globe, their lives don’t stop. They want, and more often than not expect, to conduct business as usual whether from their home office or on a multi-continent trip. If you want to grow the business by serving these customers, give them what they want – and that’s not a 6-digit authentication code just because they happened to hop an international flight to Bangkok.
This is the realization and the challenge of the modern business, and it is what is fueling the momentum behind global digital identities. To put it plainly, the realization is that recognizing the customer online matters, and that this has very little to do with email addresses, passwords and passcodes. To recognize means to offer personalized experiences to customers – while also pinpointing cybercriminals to get them out of your business before they can do harm or even realize they’ve been found. Most importantly, this needs to happen transparently.
When fraud control and risk management are built into the platform – even into the mobile applications built to support customers – the customer experience has a chance to meet this challenge. Integrating transparent and high-fidelity authentication takes fraud and threat protection to another level to deliver a simple and elegant customer experience, and it makes fraud and security subservient to the customer experience by eliminating the need for the customer to jump through hoops so they can focus on doing business with you. This was the thinking behind our SDK to protect native mobile applications, and we’ve been incredibly pleased to see so many great customers implement it into their mobile experience. (Here’s a case study explaining how a global bank did just that.)
We think this is an excellent way to drive revenue growth through online channels because it reduces friction to facilitate higher velocity, higher transaction volumes with less manual reviews for more revenue. It’s way more desirable than swimming against the current of an antiquated brand reputation. It’s more than mobile-first – more like customer-first. Which is what today’s digital citizens expect.