As people give more of their personal information away online, protecting this data and user credentials remains more important than ever, particularly for those involved in digital commerce who look to achieve the optimal balance between providing a strong and secure customer experience. This is no longer an either/or proposition, and increasingly, a practice called Customer Identity and Access Management (CIAM) is core to meeting this business challenge.
CIAM is a system that sits under the identity and access management (IAM) umbrella, and is how companies give their end users access to their digital properties as well as how they govern, collect, analyze, and securely store data for those users. CIAM sits at the intersection of security, customer experience, and analytics. It provides a seamless, secure, and frictionless way for customers to onboard and log in to an app or website and is critical for driving conversions and building customer loyalty. Protecting sensitive data from malicious intrusion and taking steps to prevent data breaches is central to both establishing a comprehensive security policy and ensuring compliance with data privacy laws. And compiling user data into a single source of truth is essential to understanding your customers.
As the pandemic-induced increase in online commerce continues, our team sees five immediate priorities for businesses:
Fine-tune security and user experience
Most online businesses today continue to carefully consider the often-delicate relationship between security and user experience. Shaping the customer experience often means exploring tradeoffs between security and user experience, and finding that unique balance for a particular use case is part of why extensibility—the ability of expanding solutions to meet specific needs—is more important than ever. With the increase of online activity due to the pandemic, the number of bad actors coming for customer data has also increased. In fact, according to Auth0’s State of Secure Identity report, the retail industry is one of the top industries hit by credential stuffing and brute attack activities. Given options, consumers will naturally migrate to the business who is more protective.
Deeply understand your customer
It’s no secret that the companies who know their customers best will succeed. They do so by truly understanding their customer in a meaningful way to consistently deliver experiences to keep them returning to your brand. With increasing data privacy laws, that means securing customer consent to share information. PwC research found that providing great experiences means access to more information—63% of respondents said positive experiences made them more willing to share information.
Take for example Jersey Mike’s, who introduced an online loyalty program to offer perks and online ordering features to their customer base. After reaching more than six million members on their program, they turned to a secure sign-on authentication process to boost protections for their booming customer base.
Uncomplicate logins
Providing customers with a login experience they want has never been more critical to maintain and retain customers. According to our recent CIAM survey, 83% of global consumers have abandoned a purchase or registration attempt entirely due to an arduous login experience. Only those brands that can simplify onboarding or logins will be successful at retaining customers. This means truly understanding the customer.
With COVID-19’s acceleration of business’ digital transformation initiatives, customers have similarly increased expectations and want convenience and control: they want to choose which authentication method to use. Our survey also revealed that consumers are more likely to sign up for an app/online service if they are able to log in with Multi-factor Authentication (MFA) (49%), Single Sign-On (SSO) (48%), biometrics (44%), social login (40%), or passwordless (35%) authentication options, and companies across the globe are falling short of consumer expectations for all login technologies..
As companies expand partnerships, they’re drawing data from multiple sources and often asking customers to traverse multiple brands during their buying journey. Partnering with other businesses often means introducing legacy challenges at a time when it’s increasingly important to get your product to market faster to deliver seamless experiences across brands and loyalty programs. Customers expect your solution to suit their needs in real-time.
Prioritize protecting privacy
The ironic silver lining of data breaches is that they have raised awareness among the average consumer that their personal data is valuable and deserves to be protected. For organizations, this means starting to think of data as a liability. But at the same time, customers expect organizations to recognize them and only pause their interactions during key moments—like when they need to make a payment or share sensitive information.
There’s a lot of complexity around how much data to gather, how long to store it, and when you might need to ask your customer to interrupt their experiences with additional verification. Data privacy laws, in effect, shift the power back to the consumer because breaches aren’t just about accidentally letting someone into the database, but neglectful care of the consumer data and trust. Figuring out the right mix of security, privacy, and convenience that provides the ideal experiences for current and future customers isn’t easy, but it certainly is critical.
Build the proper foundation
With very few exceptions, no one would build a customer database from scratch. Or re-invent a new communications protocol. And this is true for the vast majority of applications that online retailers need to satisfy the security, privacy, and convenience requirements that make it possible to rapidly scale for the future.
CIAM delivers an invisible, but incredibly valuable benefit. Like the very best CRM systems, which operate completely behind-the-scenes, CIAM is most successful at supporting a great customer experience when it pretends not to exist. In this way, your customer doesn’t have an annoying interaction with a login box but signs in directly to your brand—quickly, safely, and enjoyably. Without thinking about anything but their purchases and the quality of their experience.
DICK’s Sporting Goods, for instance, following an increase in e-commerce demand, implemented a number of changes to their digital services to benefit overall customer experience. These changes, which included implementing Single Sign On (SSO) to create a frictionless sign-in experience for loyal customers, positively impacted customer retention while continuing to advance customer security, allowing customers to access information and merchandise with even more ease and security than before.
As we continue to accelerate into a digitally-charged commerce, online retailers need to understand what customers really want, and prioritize the importance of security and customer experience in order to not only ensure a strong security policy and data compliance strategy, but to reap the business benefits of truly understanding customer needs. And those who do not, will significantly fall behind.
