September 19, 2016 -
This is a guest post by Ryan Wilk, vice president of customer success at NuData Security.
According to the 2016 Verizon Data Breach Investigations report, hacking using legitimate user credentials was associated in most of last year’s data breaches, and more than 60 percent of confirmed breaches involved weak, default or stolen passwords. When it comes to data breaches, the biggest impact typically isn’t in the immediate financial sense. Instead, the biggest impact is on customer loyalty.
In fact, a recent study found that 85 percent of U.S. consumers said that if significant personal consequences resulted from their information being stolen, they’d take their business elsewhere. Nearly 70 percent said they would cut ties with the victimized brand if money was actually removed from their checking accounts, and another 62 percent said they’d do so if their credit cards were charged for fraudulent purchases.
What does this mean for organizations? Put simply, the true business differentiator in today’s economy is protecting the lifetime customers. These are the loyal customers who make frequent purchases from your ecommerce site, the longtime users of your bank or other financial institution – the people whose opinion of your company matters most the most when push comes to shove.
To successfully avoid the fallout from breaches, organizations must focus on understanding who their customers are early on. There has to be trust built up on both sides. Not only must you know who your customer really is, but you also want them to understand that you know who they are. To do so requires a new approach to authentication, one that focuses on protecting these vital customers rather than just looking to weed out the bad guys. Passwords alone aren’t cutting it, and single point security solutions aren’t enough, either.
A multifaceted approach that involves behavioral analysis, passive biometrics and historical data is key. Through the power of behavioral and biometric analysis, companies can accurately identify the human behind the device by “observing” their subconscious behaviors (tracking scroll speed, typing, etc.), creating unique identifiers to verify a user. This allows companies to verify users before a critical decision point, stop automation, reduce customer insult and investigate bad actors efficiently.
It’s not enough to just look at how a user or account is interacting with a website in one moment of time – that behavior analysis must be compared to how that user’s account has behaved in the past and continues to behave across the lifecycle. The process of continuous behavior analytics spans the whole lifecycle of the user, starting from the moment that they first touch a customer’s website. Knowing the customer behind the device might sound tricky, but it can be done and it will pay off.
One of the ways behavioral biometrics and analytics pay off is that they protect accounts and provide trust at the authentication, while still prediction fraud with extreme accuracy, without introducing any friction to the good customers, and prevent unauthorized transactions from fraudulent or stolen accounts while speeding up the checkout process for known good users. This creates a better user experience by working behind the scenes to reduce false positives; the customer never sees or experiences the security working on their behalf.
In an age in which online identities have become so coveted and so insecure, customer trust is golden. Consumers have a myriad of choices when it comes to where they spend and where they store their hard-earned dollars. When they choose your organization, they place their trust in you to keep their personal information safe. A breach breaks that trust. And when you lose a customer from a breach, you aren’t just losing a transaction or two, but the lifetime transactions of that customer. The key to customer trust is to truly know your customer.
DISCLAIMER: BiometricUpdate.com blogs are submitted content. The views expressed in this blog are that of the author, and don’t necessarily reflect the views of BiometricUpdate.com.