As consumers, we are fickle folks with high expectations of the providers with whom we choose to do business. This is especially true when we are conducting business online, whether shopping, banking, paying bills, managing our health, or sharing the latest status on social media.
The online experience is entirely different compared to an in-person one, and with each, we have certain expectations. Let's take shopping as an example. When we go into a store, we expect the staff to be helpful, the premises to be clean and the lines to be short. When we are buying something online, the expectations are completely different. We expect the website to be organized and easy to navigate, the checkout process to be quick, and our information to be secure.
Oh yes, that crazy little thing called cybersecurity. It is an expectation that is not top of mind when we are standing in line at our local retailer, but it is a critical one as we proceed to checkout on that same retailer's website. We expect our account to be protected from unauthorized access and our personal and payment information to be secure. However, we also just expect it to happen without actually causing us any disruption.
This dilemma is at the heart of every business' digital strategy. How do we keep our customers safe without adding friction to the user experience? This is even more difficult to address as consumers choose to transact more often from their mobile device.
What does this mean for consumer security? It means that security solutions have to be adaptable to a 'customer first' strategy and offer consumers choice in how their account is protected. For example, in the case of a high-risk transaction where additional identity verification is required, a consumer transacting from their laptop may prefer to receive a one-time passcode via email or SMS whereas the same consumer conducting the same transaction from their mobile device may prefer to use fingerprint biometrics.
The concept of consumer choice was a sentiment I heard repeated over and over again among many of our top customers at our recent RSA Charge event. As organizations look to attract business, especially among the millennial generation, choice in authentication is a key consideration to their digital strategy. A consumer survey conducted earlier this year by RSA found that millennials are much more likely to use their mobile device compared to those in other age groups. For example, millennials are three times more likely to shop and four times more likely to pay bills from their mobile device than those over 55.
Biometrics continue to gain popularity, and consumers are more willing to use them. A recent study by Visa found that 68% of consumers are willing to use biometrics and 79% want more biometrics choice.
Despite changing attitudes, many organizations are still slow in moving beyond simple username and password. A transformation is being helped along by initiatives and mandates such as 3D Secure 2.0 and the EU's Payment Services Directive II (PSD2) and will ultimately push more organizations to revisit their digital strategy.
Ready to revisit security in your digital channels?
RSA has developed a handy guide to help organizations navigate the key questions to ask consumer authentication providers, including how well their solutions are positioned to support consumer choice.