The three elements to getting customer authentication right

89% of consumers began doing business with a competitor following a poor customer experience, according to Oracle’s Customer Experience Impact Report. Consumers generally still accept traditional registration processes, but increasingly expect less friction and more options, like the ability to log in using their existing social network credentials.

Today’s highly selective and mobile customers know that when they register with businesses, they are trading information for value. If they don’t perceive that value with the experience a brand provides, rest assured they’ll find it elsewhere.

This contrasts greatly, for example, with the internal authentication of employees by a business’s IT department. When was the last time you heard of an employee leaving a company because he or she couldn’t remember his or her password to an operating system, HR portal or some other internal application?

Traditional authentication has been designed around the idea that employees, contractors, partners and vendors will generally accept the user experience that’s provided. But when authenticating customers, it is critical that their experience is both seamless and secure.

> See also: It's convenient and effective: so why aren't more businesses using two-factor authentication?

Here are three key elements businesses should consider when developing or upgrading a customer authentication solution:


A brand’s digital strategy should ensure that new authentication methods can be leveraged as they gain mainstream adoption. Therefore, it’s important to have a flexible authentication solution in place that can accommodate these methods and respond to the trends driving changes in authentication such as:

A mobile customer base: With more than 18 million UK consumers now estimated to regularly shop with a mobile device, the pressure has never been greater for organisations to offer a fluid ominchannel experience. To be competitive, enterprises must enable their customers to make decisions – and purchases – from any device or touchpoint.

Advanced authentication methods: Passwordless forms of authentication, such as biometrics, are rising in popularity, as they streamline the user experience and are more difficult to compromise.

Currently associated mostly with fingerprints and smartphones, new forms of bio-authentication are on the horizon, including facial, iris, voice and palm vein recognition.

The Internet of Things (IoT): In the near future, 'systems of systems' – groups of machines that interact with each other – will be the norm for everything from shopping malls to family homes. To support smart, connected products, secure machine-to-machine (M2M) authentication must be enabled for high-volume environments.

Security and compliance

An organisation’s customer authentication strategy should be driven by user experience, but that doesn’t mean security should take a backseat. The variety and scale of attacks and breaches is a key reason that businesses should offload rather than assume all risk for customer authentication.

For example, best-of-breed, cloud-based authentication solutions maintain industry certifications such as ISO27001 and comply with regulations like Children’s Online Privacy Protection (COPPA) for data safety.

By adhering to these standards and practices, a dedicated provider can ensure that personally identifiably information (PII) and other sensitive information is safe at all stages, and can also guarantee that companies remain in compliance with privacy and regional regulations.


Building custom solutions or extending internal identity and access management (IAM) systems to replace or update an outdated customer authentication solution can be expensive and risky. First, there are up-front hardware expenditures and mounting costs for licensing and maintenance.

Also, custom code and connectors are required to unify various systems, and then additional development resources are needed to integrate services that support business efforts for marketing, sales and services.

> See also: Secure authentication is the only solution to vulnerable public Wi-Fi

For large B2C enterprises, the resultant system must scale elastically to support consistently reliable experiences for millions of users. It’s possible to mitigate many of these costs, as well as offload significant risk, by going with a specialised customer authentication provider that is focused on delivering smooth user experiences.

Adopting the right authentication system can be the difference between enhancing customer engagement and sales, or turning visitors away to a competitor. With the development of more flexible and advanced authentication technologies, it has never been more appropriate to use systems that make logging in effortless rather than a chore.

Sourced from Richard Lack, director of sales, EMEA, Gigya

Avatar photo

Ben Rossi

Ben was Vitesse Media's editorial director, leading content creation and editorial strategy across all Vitesse products, including its market-leading B2B and consumer magazines, websites, research and...

Related Topics