Secure UX based on customer data can be a big advantage in a recession

It’s not exactly a secret that a recession is very likely. Signs, unfortunately, do point to a tough road ahead. For B2C companies, especially ones that sell products that likely fall under discretionary spending labels, it’s going to hit hard.

Each sale will be harder to come by and will require more effort and resources to close as shoppers become pickier with purchasing decisions. This means that companies will have to work harder than ever to secure a sale or risk losing even more profits. Not ideal in a recession.

But there are improvements that companies can make to grease the skids a bit and encourage more favorable buyer behavior without a heavy hand. In particular, improving the shopping experience will go a long way when customers are looking for a reason to go elsewhere.

Good customer experience (CX) isn’t just a nice thing to have; it’s becoming table stakes. Shoppers expect a simple, intuitive experience in finding and purchasing a product, and the data bears that out: We’ve seen faster sales cycles, repeat purchases and increased customer retention at companies that score high marks on CX.

But one area we need to address is security getting in the way of CX, and how we can overcome that problem to keep revenue coming in during leaner times.

Customers hate passwords (so you should too)

I don’t think it’ll be too shocking for me to state here that passwords kind of stink. Consumers don’t like remembering them and inputting them, and when they have to multiple times during a shopping session or across multiple sessions, it can lead to frustration that costs a company sales.

It’s normal for sites to tweak security protocols depending on traffic — for instance, on Black Friday when security is most lax to keep avid shoppers from bouncing elsewhere — or due to current events, but we can’t lose sight of user experience.

Asking a customer to repeatedly enter their password or navigate through several different checks before making it through checkout will greatly increase the chances the buyer throws their hands in the air and walks away. In fact, the FIDO Alliance says that password management difficulties have caused 58% of consumers to abandon their cart.

This might actually be worse for business than the bad actors being kept out by this tight security. Businesses need to be able to quickly ascertain if a site visitor is legitimately trying to make a new account or log in to make a purchase, or is actually intending to defraud or steal money or data.

And, it needs to do so without putting up roadblocks for loyal customers. Those known and trusted customers need a kind of “fast lane” from site arrival to check out — like the transponder-based electronic tolls that allow drivers to not even need to slow down — while those whose identity or motives can’t be identified can be slowed down for a necessary check.

Better data: Creating the customer “fast lane”

This kind of fast lane can only work if sites and apps can effectively determine up front if the visitor is who they say they are. It can eliminate an extraneous sign-on when they return to a site, or the need to verify contact information during account setup if the user is trusted. And each of these things you can remove, the higher likelihood of a sale.

The right processes will need to be in place in the background to make this work. We’ve seen success with UX and fraud teams collaborating to smooth out the customer journey without softening security. Continuous authentication is used by big retailers like Amazon and leverages data from a broad range of sources to confirm a user’s identity.

This can mean location, biometrics, geographic data, behavioral insights and more. With this data, after a single authentication event, a customer’s digital identity will have a marker attached to it that will allow them to bypass other check-in events during that session — so long as they continue to act normally while there.

That verification can then be extended to a predetermined time period, so if the customer leaves the site or app but returns within that window, they won’t be required to reauthenticate. If you frequent any sites where you can’t recall the last time you entered your password, continuous authentication is the reason why. You’re a trusted user in their system, so there’s nothing between you spending more money. And for most customers, that’s exactly what will happen.

Finding the balance

This balance between security and user experience is a tricky one. Nefarious actors could do considerable damage to a company, so intense and effective security measures are warranted — but they shouldn’t be inflicted on the average user. Most people online aren’t engaging in fraudulent activities.

That’s what the fast lane is for, and it is why companies like Amazon — who have been awash in customer data for years — can put continuous authentication procedures in place. They’ve seen just about everyone on their site, and collected enough data that they can reliably sniff out sketchy behavior and trust the average user to stay logged in until something seems amiss.

Most companies aren’t Amazon, though, nor do they have the reach or data on hand to handle continuous authentication on their own. Organizations at a smaller scale can still remove the need to re-authenticate visitors after a session window closes, but the main obstacle is a lack of data.

With reliable data on hand, companies can reduce the friction in the user experience while maintaining ability to detect risky behavior and slam gates closed when a suspicious person comes by.

That’s good news for the difficult road ahead — with a recession incoming, businesses can’t afford to scare off loyal customers with the usual security roadblocks.

Ari Jacoby is CEO at Deduce.