5 Authentication Experiences That Drive Customers Away and Cost You Revenue

5 Authentication Experiences That Drive Customers Away and Cost You Revenue

April 9, 2020
Dustin Maxey
Director of Product Marketing

Your customers don’t visit your digital properties because they enjoy registration and sign-on experiences. They visit for your products and services—and ultimately to spend their money. Authentication (signing on to your digital property) is a necessary part of the user journey, however, and it’s often the first impression they’ll get. Make it too cumbersome and you needlessly drive traffic away from interacting with your brand. Delight customers with simple and secure access, on the other hand, and you keep them coming back for more. 

Are you engaging your customers by delivering the frictionless experiences they want? In this blog post, discover five common authentication mistakes and gain insight on how to fix them.

Mistake #1: Knowledge-based Authentication (KBA) 

When it first appeared on the scene, knowledge-based authentication held significant promise. An individual attempting to sign on had to supply answers to questions only they (in theory) would know, such as their mother’s maiden name or a street they lived on as a child, to be granted access to a digital account.

But KBA is undergoing a long, slow, painful death. As bad actors began to compromise accounts using easily recoverable personal information (e.g., the Sarah Palin incident), enterprises changed tack and began employing tougher questions—to the point where legitimate account holders themselves now have difficulty remembering KBA answers. What was my favorite band in high school? Do I have to capitalize the first letter? Did I choose my "other" favorite band the day I signed up for that account? 


You can make account access easier for your customers while simultaneously improving security by offering more convenient multi-factor authentication (MFA) methods or by enabling passwordless authentication. For example, Ping Identity’s modern multi-factor authentication solution includes additional factor and passwordless authentication methods. Passwordless authentication allows you to greatly reduce your password resets and improve successful logins to your digital properties, thereby improving product usage.


Mistake #2: Poor Authentication via Customer Service Phone Calls

Getting lost in automated voice systems is bad enough, but when you add authentication to the mix, it can push some customers over the edge. Consider the process your customers go through when trying to confirm their identity with a customer service representative (CSR) over the phone. Are they:


  • Required to authenticate on a phone/computer before they press the button to "contact support"?
  • Are they then required to re-authenticate with the automated service?
  • Once they get through to a live support rep, are they required to authenticate again (usually with KBA, compounding the irritation)?


Security doesn’t have to be painful. Identity solutions can help you streamline the CSR contact process and eliminate user frustration. With Ping, for example, you can automatically authenticate customers if they click "get support" from an app in which they have already been authenticated. And if the user calls your service desk directly via their mobile phone, your help desk can request a fingerprint, face scan or text message so the customer can authenticate right from their mobile app. 


Mistake #3: Confusing Password Policies

Here at Ping we often refer to registration and login as the front door to your digital property that can make or break the customer experience. It’s important that your website, app or other offering shines during registration. Otherwise, you risk customers abandoning their journey, which is costly and often puts them jumping into the arms of your competitors instead. So why, then, do so many businesses implement cumbersome password policies?


Consider what happens when a user is required to create a super long, super secure password but receives an incomprehensible error message like “Sorry, this 46-digit password composed of half unique symbols, lowercase, and capital letters is insecure because there are two ‘a’s in a row and you don’t have the correct symbol,” and the message doesn’t explain how to fix the problem. As a result, the user has to reset their password almost every time they try to log in, making it more and more unlikely that they’ll never remember it and your brand will suffer even if they do—or they’ll abandon your digital property altogether.


Mistake #4 Lengthy Registration Processes (i.e., Too Many Fields)

It’s tempting to include a large number of fields in the registration process so that you gather as much information about your customers as possible. But time and again, it has been demonstrated that having too many fields leads to decreased signups and lower revenue. (Just ask Expedia, which discovered that one unnecessary form field was costing them $12 million per year.)


Conventional wisdom is that three fields is often the magic number, but that will vary by industry, product, geography and many other factors. The key is to keep the process as simple as possible, and one proven way to do that is to enable social registration. Allowing customers to register via Facebook or other social platforms makes it easier to register with just one click. For example, the Ping Intelligent Identity platform comes with out-of-the-box options for social login, registration and account linking that allow users to connect or disconnect social accounts, even after they’ve registered. 


Mistake #5: Burdensome Account Recovery Processes

Merely receiving an account recovery notification is nerve-wracking enough for your customer (as thoughts like “Have I lost my access forever?!” or “How long will I have to wait to get into my account?” tumble around in their head), but unfortunately, some companies add to the stress by making the account recovery process unnecessarily complicated. 

We’ve seen some situations where to recover an account, you have to click a link, send an email, copy a unique code (which is really annoying with phone UI), open a new tab (in addition to the one you already have open where you requested the password reset), and paste in the code—and then they make you sign on again(!) after you’ve just reset your password. 


Ping Identity makes account recovery easy by allowing you to reset your password with a fingerprint or face scan. No emails, codes or new tabs required. 


Frictionless Authentication Experiences With Ping Identity

Don't let clunky registration and disjointed sign-on experiences stop you from acquiring or keeping customers. When you give your customers easy-to-use registration, sign-on and more, you complete the first step toward driving revenue and loyalty while building trust. Learn more about the Ping Customer360 solution and how customer identity and access management enables these key experiences.