The global COVID-19 pandemic has accelerated the rise of e-commerce. In April, U.S. e-commerce orders leapt 49% as consumers stayed home to protect their health and help flatten the infection rate. One-quarter of U.S. consumers went online to shop for the first time due to COVID-19. Buy-Online-Pickup-In-Store (BOPIS) transactions surged over 200% YoY in the first three weeks of April.
Only one-third of current online shoppers plan to return to physical stores when they re-open. Risk of a second peak or wave of COVID-19 illness will keep some consumers loyal to e-commerce. Loyalty to brands is driven by other factors, such as the ease of the buying experience. In fact, 39 percent of consumers put experience at or near the top of their retail priorities.
Authentication sets the tone for customers’ digital experiences and their feelings toward the retailer. That’s important according to Forrester’s 2019 U.S. Customer Experience Index, which shows "emotionally positive experiences" may be the primary means by which brands can differentiate their customer experience today. Companies that balance experience with security may boost their customer satisfaction scores by as much as 35 percent.
Retailers have a delicate opportunity to earn loyalty while authenticating customers’ identities over digital channels. "Delicate" because undue friction or a detour into a manual review queue (i.e., false positives) frustrates customers and jeopardizes their lifetime value. More than one in three consumers have abandoned a new account opening over a digital channel due to the time required or difficulty in the process. Nearly 40 percent of consumers abandon a credit card after suffering a false positive, while another 25 percent decrease usage of the declined card.
Retailers can’t afford the status quo
Unfortunately for many retailers, the most common digital authentication practices inflict friction and false positives without providing security. Challenge questions based on personally identifying information (PII) are inadequate; this data has been breached and divulged on social media for years. Likewise, email accounts and phone numbers, once useful signals on their own, are not nearly as powerful or reliable without additional datapoints for corroboration. More advanced authentication, such as requiring consumers to submit selfie images or videos of themselves holding government identification, is intrusive for some consumers, potentially exclusive, and provides no increase in security.
Fraudsters would love for these methods to remain in place. Account takeover (ATO) was surging before the pandemic because it’s so easy to access accounts guarded by challenge questions. The current environment of confusion is likely to create even more opportunity for ATO. The damage to the merchant extends beyond chargebacks and lost inventory. Over 60% of customers said they would likely abandon a merchant associated with a compromised account.
Few retailers can afford the risk of a digital authentication process that frustrates consumers and enables fraudsters. Given the historic decline in consumer spending, it’s essential that retailers do everything possible to provide superior customer experience, beginning with authentication. Quickly identifying and letting through consumers, while putting additional verification steps in place only for high-risk transactions, will only help in offering that high standard.
Fraudster or consumer? It pays to know the difference
Retailers can minimize false positives and customer friction by basing digital authentication on signals broadcast from customers’ devices. This approach, device-based authentication, determines the identity of the device’s user by analyzing the strength of linkages between three sources: the user’s offline data—identifiers such as name, home address, phone number, and email; the user’s online data—such as IP address, cookie ID, and a mobile advertising ID; and data from the user’s device—such as prepaid status, IP behavior, and the presence of a VPN or the Tor browser in the IP address. Device-based data is much, much more difficult to steal or manipulate than online or offline data.
Device-based authentication defines the gold standard for security and convenience. Consumers’ devices are uniquely attached to their owners and are likely to be replaced quickly if lost or stolen. They are trustworthy proxies for their owners’ digital identities. Device-based authentication is imperceptible to customers and minimizes false positives by establishing high confidence in customers’ identities.
Surpass customers’ expectations
If a user’s offline and online identity data corroborates data associated with the user’s device, then her identity can be verified and she can be served faster than is possible with other approaches. This process supports the current surge in e-commerce volume and reduces the number of customers at risk for a false positive or undue friction.
Authentication, "the highest-volume customer journey by far," plays an essential role in customer experience. Retailers that use digital authentication not just as a security measure, but also as an opportunity to embrace changes in consumer behavior, will be rewarded with happier and more loyal customers.