Securing Frictionless Customer Experiences

Consumers expect a quick and frictionless experience in today's digital-first world when accessing any product or service. If it's a website, it should load quickly and make the relevant feature accessible within the least amount of clicks. If it's an onboarding process, it should start and finish on the same day, if not the same hour. If it's a point of sale, it should be digital and shouldn't require a lot of physical contact, if at all. However, while delivering these frictionless experiences, it's also essential to consider their security ramifications.  

How are you implementing frictionless experiences?

An executive said that they recently launched a program known as modern device. Under this program, devices (e.g., laptops) get shipped to their employees, directly from the manufacturer, without any need for official processing and/or inspection. This led to people getting their devices many days, if not weeks, earlier than before.

Another speaker mentioned how they started using a video calling application for password self-service. It has made passwords and identity management a much seamless affair, especially as most of their workforce, over 1200 people, are currently working remotely.

A CISO at a healthcare organization shared that they are currently trying to reduce the number of required clicks to access features on their mobile and web applications. Since most of their customers are unwell and need quick access to healthcare, increasing their apps' usability will make their experience much faster and frictionless. They are also actively making security and privacy considerations while revamping the UI. How to make it as easy as possible for a user to get to their desired place without disrupting any security controls?

A VP of digital transformation told the audience that they just went password-less for their employees instead of relying on biometrics like fingerprint and facial recognition. Another thing they did was automate VPN connections; whenever someone logs in to their laptop, the connection is made automatically if a VPN connection is available. Previously, a secondary login was required.

An exec spoke about a digitized billing approach that they introduced, post-pandemic. People would come up to a gas station, unlock the pump using biometrics without requiring any contact, pump the gas, and then drive away. A few moments later, they will receive a digital receipt informing them about the charge - no need to use cash or cards. They are also revamping their mobile applications and loyalty program to make them more frictionless. Down the line, they will migrate all these experiences into their identity management solution. Customers will have a preference and consent management feature which will personalize their experience based on the type and extent of personal information they are willing to share.

Cybersecurity concerns while implementing frictionless

One participant shed light on the fact that different countries have different privacy rules and customer preferences. E.g., People in Ireland are much more likely to allow access to their personal information than Norwegians. This makes it relatively easy to personalize and digitize customer touchpoints for some customers but a lot harder for others. Moreover, some countries, like Norway, have stringent data privacy laws that extend far beyond what the GDPR dictates.

A single identity across multiple business units

An attendee said that they have 12 business units spread across North America. Currently, identities are managed separately across all the units. They are trying to build a centralized identity solution, where a single customer identity can be used across multiple business units (e.g., different stores or casinos).

‍