What is a disjointed digital experience costing your business—and how do you fix it?
In today’s digital-first economy, consumers expect to transact whenever, wherever and however they want. But how can businesses serve their digital constituents in a consistent way if they can’t always recognize them at every point on their digital journey? Let’s take a closer look.
For many businesses, customer onboarding is the first step along the journey. It’s here where trust is initially established. But it’s also where an organization can be tricked into setting up access to a fraudster using legitimate, but compromised credentials. Generally, if a fraudulent account is detected at all, it happens downstream. That’s because many organizations find it difficult to accurately assess the legitimacy of an individual if the credentials they enter online appear to be valid.
This is usually the case with a stolen identity as well as with something called a “synthetic identity.”
According to SplashData, the two most popular passwords used by individuals online during the past six years were “password” and “123456”.
A stolen identity can include all the typical information needed to set up a financial account, such as name, social security number (SSN), address and birth date. In some cases, a credit profile number, or CPN, can be used in place of a SSN. These are easily available online and sometimes purchased legally to help repair credit. But, in the wrong hands, they can be used to perpetrate fraud.
A synthetic identity takes fraud to a higher level. Vulnerable individuals, such as the underbanked, people with poor credit history and senior citizens, are often targeted. In this case, a fraudulent account is opened and, depending on the motives, maintained for weeks, months or even years. This can include purchases and loans that are repaid, but in the end, the business will be hit by fraud when the scheme has matured.
Whenever a new account is created, businesses assume the risk associated with that trust decision. But many more trust decisions happen every day at login. Some research suggests that users themselves are often the weakest link when it comes to security. They may use easily guessable passwords. Others get tricked into disclosing confidential information online. Or, a data breach provides criminals with a password that a customer uses for multiple accounts simply because it is easy to remember.
The attack rate for cross-border transactions is 6.2 times higher than for domestic transactions, according to the Q2 2017 Cybercrime Report by ThreatMetrix.
At login, many businesses struggle to recognize returning visitors. As we’ve discussed, they are often forced to rely on static credentials, which are no longer reliable on the web. For organizations, this creates two daunting challenges: 1) Assess the validity of an identity at new account creation, and 2) authenticate that identity with each new login. This is complicated because the decision-making criteria and systems used for onboarding and login are entirely separate. There is usually no way for these two different teams to collaborate or share information. Typically, this results in adding friction to the digital experience and in slow process cycle times.
It’s also common for retailers, for example, to struggle with payment fraud. Stolen credit cards represent a key challenge. If retailers can’t detect bad payments, chargebacks increase and manual fraud reviews further aggravate matters.
Cross-border transactions in particular can have high densities of payment fraud. Often the entire geography is simply blocked from transacting, or antiquated authentication makes transactions very difficult to execute. Good customers in those regions can’t be serviced, nor can existing customers traveling to those regions.
Through the lens of the financial services industry, this research study explores the challenges that fraud and friction present along the customer journey.
This also happens for customers traveling to countries that have been embargoed. One common example – members of the military traveling to hostile regions of the world sometimes have difficultly performing online financial transactions simply because the location from which the transaction originates is blocked. In these and many other cases, good customers are treated like cybercriminals based on static rules that cannot differentiate good user from bad.
For digital businesses, the stakes are high. Poor, disjointed identity assessment and authentication leads to a poor, disjointed digital experience, inconsistent decisions and, ultimately, lost profits.
Digital identity was developed to provide organizations full and dynamic context for each and every trust decision. Implemented across key authentication points of the customer journey, it enables consistent decisions across the enterprise.
Whether it’s a customer first setting up a new account, logging in to do business, or making a digital payment, digital identity enables businesses to unify the entire digital journey through consistent and accurate trust decisions.
Next up: What is a Digital Identity?