Striking a balance between security with frictionless experience in 2021

It is timely to reflect on how the dramatic shift online will only widen in 2021 and what that means for how marketers strike the right balance between security and customer experience, writes Richard Marr.

While the year 2020 has all but upended society and economies, it would have been far worse if not for the speed with which many companies were able to accelerate digitisation efforts and transition online securely.

A mobile or desktop user interface, and more specifically the log-in screen, is now most likely a customer’s first interaction with a brand. Brands need to ensure that their users can securely access the correct content at the correct time while managing the complexity of the number of platforms, devices and user interfaces.

Digital identity, which consists of the credentials necessary to gain access to resources in a network or online, and identity management to protect those elements of digital identity, has played a central role in the shift online by enabling businesses and their increasingly distributed employees, partners and customers to get up and running at light speed while ensuring that data and applications remain accessible and secure.

Greater vulnerabilities ahead with the proliferation of technology

The continued explosion of data and traffic online means a greater risk of cyber fraud. We can expect an array of wireless connectivity options to become available in Australia. Most notably, the government has declared 2021 the ‘Year of 5G’ with plans to allocate high band 5G spectrum in April.

The allocation will enable extremely fast, high-capacity services and accelerate the digitisation of activities that have become indispensable during the pandemic – working and studying from home, shopping for goods and services, among many others.

As connectivity becomes faster and more reliable, attacks too, are growing in complexity and sophistication. The strong growth and adoption in IoT devices unfortunately also give rise to the threat of bad actors online. Cybercriminals have the ability to access sensitive financial and health records, photographs of your loved ones, hold devices hostage.

For businesses and consumers of these new technologies, the emphasis on security is critical. Yet, in the VMWare Carbon Black Global Threat Report 2020, one third of Australian respondents recounted the inability to institute multi-factor authentication as the biggest threat to their company.

Customer experience matters when it comes to security

Businesses have had most of 2020 to shape up the experience they offer online and come 2021, consumers will expect a low friction, personalised and seamless experience online.

There will be an enhanced need for applications in architecture and greater investment in the digital experience to make it more human and reassuring. While the log-in functionality is only one cog in the wheel of the secure digital experience, it’s unavoidable, has a huge impact on CX and cybersecurity and is vital to get it right. Passwords are much less secure than we think. 65 percent of people reuse passwords across multiple accounts, and most of us tend to be rather uncreative with our choice of log-in information.

Building modern authentication goes beyond usernames and passwords. Customer Identity and Access Management (CIAM) provides a framework for managing identity and enabling the right individuals to access the right resources at the right times for the right reasons. As the number of devices per user increases, as does continual demand for information access from any or every device (including IoT), businesses require a more holistic CIAM strategy, that can scale to any number of users, devices and APIs to keep data secure.

Some solutions that will address customer experience and security in tandem.

  • Using social media log-ins is one way to avoid your customers’ needing to remember another email/password combo, in turn making your service easier and more appealing. A big plus is these social providers have some of the most world’s most sophisticated security teams working in your court, with all eyes on them from a compliance perspective.
  • Unique SMS or email codes, also known as One Time Passwords (OTPs) is another way to eliminate the need for recall. OTPs are quick and highly effective for low-frequency yet important accounts. This is exactly the solution the aforementioned energy company could implement, creating a much better experience and heightening security at the same time.
  • Biometrics such as fingerprint scanning and facial recognition, which many will be familiar with via their smartphones, are also on the rise and offer a frictionless and secure experience for the end-user.

One thing is clear: in 2021, more human activity will take place online – from working to staying connected with friends and families, to shopping for groceries and financial services. For brands in Australia, the challenge will be to understand how customer behaviours are evolving in response to what is essentially the sophomoric phase of the pandemic, while ensuring they shore up their defences against the increasing threats online.

Richard Marr is general manager, APAC at Auth0, the identity platform for development teams. 

Photo by Philipp Katzenberger on Unsplash.