Ari Jacoby
Anyone who travels frequently will tell you that one of the greatest innovations of the past decade has been the TSA PreCheck.
It’s so simple and effective that it makes you wonder why no one thought of it before. This example can serve as adequate inspiration for businesses, especially as the markets show no signs of recovery: How can companies, hoping to retain revenue during the recession, do something similar?
Companies should be offering an express lane when times are tight so customers can get into the online store, check out and be done without any roadblocks or friction to mar their experience.
How do we create customer experiences that are equivalent to the TSA PreCheck to help us retain revenue?
Know thy customer: A password-less future
It is critical to understand if a visitor to your site is a new customer trying to create an account, a returning customer or a fraudster trying to steal your customer data. If you can determine whether someone is a legitimate customer up front, you won’t have to verify their email addresses or phone numbers during the account creation workflow — friction that security teams introduce to keep things secure.
I read a sobering statistic recently: While U.S. businesses will lose $95 billion to fraud this year, incorrectly identifying prospective and returning customers will cost those businesses almost $1.8 trillion.
About 58% of U.S. consumers abandon their cart due to difficulties managing their password, according to the FIDO Alliance. This shows us that you should grease the wheels of the sale in any way possible. In times of recession, you have to make things easier, not more difficult.
A business can very likely calculate the cost it incurs to get each new individual to create an account on their site or app. It should also know what the lifetime value (LTV) of a customer is and what impact its brand reputation has when things don’t go right. In other words, a company should be aware of how many potential new customers complete the sign-up form but are then challenged to “verify their email” and never do so.
| Parameter | Calculated values |
| Number of monthly accounts created | 50,000 |
| Percentage of incomplete account creations | 9.00 |
| Number of accounts incomplete or churned | 4,500 |
| Customer LTV | $50 |
| Lost LTV due to churn | $225,000 |
| Percentage of LTV attributed to cost of acquisition | 10 |
| Monthly cost of acquisition lost | $22,500 |
| Percentage of LTV attributed to brand reputation damage | 1 |
| Total monthly brand reputation damage | $2,250 |
| Total loss per month | $249,750 |
| Annual loss due to account churn | $2,997,000 |
Let’s say you see 50,000 accounts created per month, and 9% (the industry average) never complete the sign-up process due to the authentication step. If your LTV is $50 and your cost of acquisition is 10% of LTV ($5), and your brand reputation damage was 1% of LTV ($0.50), then your security measures are costing you nearly $2.5 million per year.
Both the UX and security teams need to work together to find a solution for preventing those losses. Creating that “fast lane,” like a TSA PreCheck, can go a long way in spurring customers along the purchase journey. But to create that fast lane, companies will need to put the right processes in place.
The Amazon shopping model
Many companies lean on continuous authentication, which pulls data from a number of sources (such as digital identity verification, biometrics, location, machine learning and behavioral insights) to verify a user’s identity throughout the session.
If a customer is asked to authenticate and completes the task successfully, this should be attached to their digital identity. Assuming they act normally on your site or app, they should be granted a logged-in session extension so that if they return within a predetermined time period, they won’t have to re-authenticate themselves. This lets them get straight down to business. Amazon employs continuous authentication to extend log-in sessions, which is why unless you have set up your system to log yourself off periodically, it is unlikely you remember the last time you had to enter a username or password.
But what happens when a site authenticates a user and then they jump off the site to do something else? Many companies would require re-authentication when the customer returns. Depending on the back end, this could happen in the background, but it might need additional user input, which is more friction we’re trying to avoid. In some cases, that gap between visits might be days, weeks or even longer.
The way forward for secure user experiences is to take full advantage of network effects. That is, letting different sites and applications linked with a network see when someone else has authenticated that user, signaling they’re likely to be a trusted entity. Thanks to real-time data becoming more and more readily available and anonymized, these identity networks have been gaining traction.
Importantly, if identity theft occurs, the online behavior of that identity is going to change. Aspects of their digital identity may appear different, and risk signals can be triggered so that even a previously authenticated user will have their extension token revoked.
However, if the user re-validates their identity on another site or app on the network, they can continue to enjoy a logged-in session at the original site. Now we’re getting closer to a secure, password-less user experience.
Treat CX as a budget item you can’t cut
These days, a good sales experience is a requirement, not just a nice-to-have. Customers expect to have a personalized, easy, enjoyable time buying your product.
Does the product itself need to be great? Of course. But if we’re being honest, the experience is a major component. Companies that get this right have faster sales cycles, better customer retention and more repeat purchases. Everything counts, from how a customer is treated when they arrive at the site and how easy it is for them to check out, to the delivery speed and customer support if something goes awry.
In a recession, it’s a major deal.
Remove any hurdles
The biggest stumbling block for repeat customers and retained revenue might come from an unlikely place — your security protocols. While most companies tune their safeguards higher or lower depending on customer flow (for instance, retailers often scale down fraud prevention measures during peak sales days), asking someone to repeatedly enter their password or navigate seven different windows is a surefire way to decrease the likelihood of the sale.
The coming months, and perhaps years, will test companies on all fronts — tighter margins, depressed revenues and increased activity from malicious actors. Businesses would do well to take every step they can to not leave any sale on the table, especially ones that have gotten as far as your digital front door, or frustrate returning customers by treating them like strangers.
Comment