Frictionless Authentication in Practice and Benefits for Business
Companies are competing based on customer experience more than ever. According to one of the Gartner reports in 2020, 86% of companies are competing based on customer experience. Customer experience is identified as the top competitive differentiation across all industries.
As business undergo digital transformation, authentication experience has a direct impact on customer experience. And a great digital experience is built upon knowing who the user (customer) is.
Frictionless authentication is an authentication experience that is seamless for the user. Typically, it reduces the password entering, and includes social logins and progressive profiling. A report from Accenture in 2019 revealed that 83% of customers were willing to share data to enable a personalised experience. However, the personalisation offer, and experience must be balanced with respect for privacy.
Looking to improve the customer experience around authentication is crucial. Top three benefits of password-less authentication for businesses can be but not limited to:
- Increase user and customer experience.
- Reduce IT support queries such as help desk queries related to lost or forgotten passwords. As a result, it can cut down IT help desk backlogs/cost for business.
- Strengthen security and protection around company’s applications.
Authentication Methods to Meet Your Customer’s Needs
When managing multiple global sites, one of the options companies can take to reduce the use of passwords is to implement SSO (Single Sign-On) for both cloud and web-based accounts. An SSO with password-less multi-factor authentication can not only achieve the purpose of eliminating multiple passwords key-in requirements but also gain dramatic security benefits.
- SSO is an authentication technique that allows users frictionless access to password protected websites and platforms. When the platforms and/or websites are linked within an SSO mechanism, users only need to authenticate themselves once while accessing various sites. SSO is a way of centralising a user’s authentication credentials in a single place.
- Password-less SSO: a user can log in using authentication as biometric scan to verify his/her identity to the SSO identity provider.
Frictionless Authentication in Practice
No matter what industry you’re in, your customers will both benefit and respond to a simpler and quicker authentication experience. Here we take three industries as examples to illustrate the scenarios as well as benefits of adopting frictionless authentication: eCommerce, Media, and Travel.
Each of those sectors has its own set of needs surrounding authentication.
The key to success in Ecommerce business is the customer experience. From converting website traffic to account registration, to the seamless shopping cart checkout flow.
Reduction of password-based authentication on customer experience shall be applied across entire customer lifecycle phases and stages: customer acquisition, adaption (conversation), retention and expansion. And the benefits of offering a smooth authentication process is obvious: frictionless authentication such as password-less authentication option can lead into more account and email newsletter registrations, allowing the business to personalise product and service recommendations and build long term brand loyalty.
Ecommerce websites must also protect themselves as they store highly personal financial data on their customers. Some identity theft incidents trace their origins back to data breaches on Ecommerce websites, and these breaches are extremely costly to organisations.
Frictionless authentication for media companies means customers can flexibly extend their password-less credentials across multiple devices so they can access content everywhere and not have their experience disrupted.
A typical use case in Media sector of adopting frictionless authentication is at registration – a password-less credential is created and every time the user wants to login after the initial registration a true, zero-friction password-less authentication takes seconds without the need for second devices, codes, or push notifications. This means single frictionless authentication should support all applications across every device.
In travel industry, tickets and bookings are mostly going digitally nowadays. From a user perspective, frictionless authentication means the travellers can pull up their reservations and booking details when they need to view and access to it.
The traveller can be identified themselves through biometric authentication (facial recognition, fingerprint, etc.) on the device and with device-based credentials, there’s no need for going through a password entering step.
Furthermore, password-less authentication that completely deprecates the password, including for recovery, allows businesses to completely protect travellers and guests from credential-based account takeover fraud.
Context-based authentication factors in other variables, such as user behaviour, the device used, and geographical location, and controls access based on this information. This authentication method can be configured in many business scenarios:
- Associate the registered devices with user credentials and require users to register devices that they commonly use.
- Present a challenge or request additional authentication if the user attempts to authenticate with the same credentials from another unregistered device.
- Enforce specific authentication mechanisms to access a particular protected resource.
- Use the behavioural patterns of the user as a factor in risk score calculation. For example, a user might attempt to access a protected resource at a time outside of normal business hours. Business can configure the context-based access policy to deny access or force the user access to authenticate with a secondary challenge.
Hope you find this post insightful and enjoy the reading.
CX Intelligent Adoption & Consumption Team
SAP Customer and Identity Access Management
SAP Customer Data Cloud offers many options for authenticating users, that includes out-of-the-box mechanisms for site visitors to log in and create an identity on your site.
- Social Login: Offer users the ease of identifying with their social networks, saving them the hassle of remembering passwords.
- Federation: consists of both SAML and Open ID Connect single sign-on. Create custom login and authentication options with OpenID Connect and SAML.
- Password-less: Enable easy and secure access to your platform without the hassle of remembering complex passwords. Password-less options include:
- Phone number login: one-time code sent to user’s mobile phones.
- Push authentication: Users approve a pop-up notification on their phones to log in, instead of entering their passwords.
- FIDO Authentication: FIDO supports on all mobile devices and common desktop web browsers. Its strong authentication concept ensures secure keys and biometrics never leaves the authentication device, increasing resilience in face of common attacks and phishing attempts.
- Email OTP and Magic Link:Email OTP and Magic Link are forms of password-less login, which allow a user to receive a one-time code or an HTML link to their email address on file, which allows them to login to your site. To use either of these options your site Policies must be configured to use Email as the Login Identifier.