Master the Balancing Act of Online Security and User Experience
In today's digital world, balancing fraud and security without sacrificing customer experience is a challenge.
Over the holidays, I attempted to buy several digital gift cards for $200; pretty average spending on my usual credit card. But immediately after placing my order, I got an email: "Sorry, we take your security very seriously. Looks like there's something wrong and your transaction was canceled."
I tried processing the transaction two more times, double-checking all the info. Still, I got the same failed attempt. To add icing on the cake, my bank account was flagged for suspicious behavior and frozen.
I appreciate the security, but talk about a poor user experience (UX) and an hour's worth of time wasted. Ultimately, the online retailer lost my business due to an inadequate fraud prevention system.
Customers today want speed and convenience, but they also want to know their identities are safe, their payment data is private and their personal information stays personal. Businesses trying to provide this for their customers have to perform a balancing act, all while playing a game of chess against more sophisticated fraud vectors, complying with anti-money laundering and know-your-customer (KYC) regulations, and protecting consumer privacy.
To navigate this chess game and be secure without damaging customer experience, companies need a risk-based, data-rich approach that leverages modern technology.
Invest in Data-rich Technology
Fraud prevention and identity verification solutions driven by AI and machine learning allow companies to leverage millions of data points to cut down on lengthy decision-making processes and, instead, make real-time, accurate decisions.
Smart investments in fraud mitigation technologyinclude some type of data orchestration layer. A more comprehensive and holistic view of data will give organizations a stronger decisioning engine.
For example, when verifying an identity, data-rich decisions may include: An authentication of a government issued-ID, an address validation, a scan of a person's digital footprint and even a live selfie face match to a supplied identity document. With this bigger data picture in mind, we can reduce both the false rejection of legitimate people and the false acceptance of fake identities.
The key here is to collect and analyze data in a matter that is as friction-free as possible for the user. It may not seem like much of a big deal, but with how busy people are today rushing through everything, anything that can help automate processes for a more seamless experience is an important investment that can help retain users.
Take a Risk-based Approach to Authentication
Look at security and UX from different user workflows and channels — interactions online, through a customer service channel or in-store — and treat each one differently with fraud mitigation and identity verification methods that are matched with the level of risk that is at stake.
When I tried to spend $200 on gift cards from my home base during the peak holiday season, it should hardly have warranted suspicion. With a risk-based approach to verifications and fraud detection, both the online retailer and my bank could have considered the time of year, the IP address and the dollar amount of the transaction and scored this as low-risk. As an alternative, it could have been triggered as suspicious but allowed me to perform another authentication method to verify my identity. Instead, it canceled the transaction and lost my business.
A multi-layered approach is a risk-based approach that balances the need for security with the need for easy and convenient UX. Take Venmo: setting up an account today is a largely frictionless process. However, once I try to make a $1,000 transfer, the platform will prompt me to authenticate myself. This makes more sense than asking a million questions up front and creating a high-friction experience that might turn people away. Especially when onboarding or considering new customers, failing to make their experience as easy as possible from the start could be reason enough for them to abandon a company.
Walk the Walk and Talk About It
Once companies have truly gone through these best practices to improve UX and make their company and customer secure, talk about it. Consumers today want to feel comfortable with businesses without fear that their information is being taken. Caring enough to implement fraud mitigation technologies, have multi-layered processes and protocols in place, or obtain security certifications shows consumers that businesses value their security. Having good fraud prevention security in place without making it a high-friction environment can build trust and loyalty and make people feel more comfortable working with you.
Companies can market their efforts at fraud mitigation, not only to build customer trust but also to deter fraudsters. I recently read about a car loan company that adopted a new fraud mitigation technology and talked all about how great they were at tracking fraudsters. They were so vocal about it on their digital channels, fraudsters were deterred simply because they saw the company had a legitimate plan in place and knew it would be harder to break their systems.
In today's digital world, balancing fraud and security without sacrificing customer experience is a challenge, but not one we can't tackle with the right technology. Security products that worked five to 10 years ago are already outdated in both user experience and fraudster sophistication, but new technology is coming out all the time with better security and less cumbersome user experiences. Match technology to the ways fraudsters are infiltrating today's digitally transformed world without sacrificing a high-quality user experience by investing in the latest and greatest tools.
