Author:  Taira Sabo

Passwords, despite their bad reputation, are still in use throughout most industries. With no alternative available, customers are left to deal with poor customer experiences and companies with an immense loss of revenue. However, that’s all about to change as the online world shifts to biometric authentication.

Now that passwordless biometric authentication is available it’s time to uncover and understand the direct relationship between password use and business

We know that passwords are a security threat. However, through a Transmit Security study conducted in the U.S with 600 customers, it was also found that passwords impact your business in the following ways:  

• Directly hit your top line revenue.
• Negatively affects customer experience and loyalty.
• When shared, cause more security issues and revenue implications. 

By getting rid of passwords all together, businesses can eliminate all the customer frustration and unnecessary friction. Plus, all the costs associated with password-related issues like password resets. 

It’s clear that customer experience has a direct impact on business. According to the Temkin Group, companies that earn $1 billion annually can expect to earn an additional $700 million to $1 billion within 3 years of investing in customer experience. If businesses take the time to focus on improving their identity experience, their entire customer experience and customer loyalty will benefit — which in turn improves revenue.

Read on to find out why passwords are to blame for loss of revenue, identity attrition and poor customer experiences. And, why passwordless biometric authentication is the answer to our password woes.

Customers face inconvenient login experiences 

The first area where the issue of passwords is apparent is during sign up or registration processes. Complicated account opening experiences are a surefire way to scare potential customers away. This is evident when you consider that 66% of consumers will leave a website if the registration process is too complex (Transmit Security). 

Think of all the marketing and sales efforts put in to generate leads to your site. It’s a shame that once you do capture potential customers they flee. Not because of your product or service but because you asked them to create a username and password. Transmit Security found that a staggering 64.5% of consumers will abandon a website if asked to create a username and password. After that, the damage is done. You’ve lost that potential customer for good because they have gone on to find an alternative vendor who could accommodate them with a similar product or service and a smooth customer experience. This concludes that any account registration process with passwords leads to loss of revenue.

Customer authentication is too complex 

At one point in time, a password with just letters was sufficient enough to protect an account. But, as online security attacks increased the methods and workarounds evolved as well. Leading customers to have complex requirements for a password. Complicated passwords that are difficult to remember. That, coupled with the multitude of online accounts that customers have has led to an authentication process that’s full of complexity and roadblocks such as password resets, having to call into a contact center and locked accounts. 

87.5% of consumers found themselves locked out of an online account due to too many failed login attempts. Transmit Security’s CEO, Mickey Boodaei attributes the the high frequency rate of failed logins to the following factors: 

Technical issues

– Customers unknowingly use caps lock or the wrong language keyboard.

– Complex password requirements, in the name of security, such as the use of a symbol or capital letter.

Too many passwords

– With too many passwords to remember, customers resort to guessing until they are locked out.

– With some sites forcing users to update their passwords regularly, customers don’t remember the most recently updated password for an account.

Attackers failed attempts

– Hackers know that customers re-use passwords across multiple accounts. When hackers unsuccessfully try multiple passwords, via guessing, during an attack the account is blocked.

The fact that customers have multiple devices has only compounded the problem. If a customer signs up to a service on their laptop and then wants to access that same service through their phone they are forced to sign in again regardless of the fact that the user has already signed up and registered on their other device.

This leads to lost potential revenue and even abandonment because customers either can’t remember the password off the top of their head or they don’t want to go through the entire authentication process again.

Password sharing impacts business, revenue and security

Customers share their passwords. A lot. In our survey we found that 52% of consumers said they have shared their password to an online account with someone else.

Since passwords are a pain for users to remember, keep track of and maintain, many consumers rarely update their passwords. Meaning, if their password is shared once the likelihood of someone abusing one or more of their accounts is high. And once a password is shared with just one other person there is very little control on how it’s used further. This can implicate businesses directly in the following ways:

Licensing abuse: If users have access to a password for an already paid account they are effectively avoiding paying for a second account (which means less revenue for you as a service provider). Users of services like Netflix or MasterClass, which offer on demand viewing, share passwords freely knowing their experience will be somewhat jeopardized in order to avoid additional payment.

Usage monitoring and personalization: If accounts are being shared by multiple users, service providers are less likely to accurately monitor usage and are unable to correctly personalize their offerings – which means their user experience can’t be optimized. The inability to understand their customer directly impacts potential revenue.

With incorrect data, effective targeting becomes impossible as there is no clear picture as to who the actual account holder is. Questions like, what do they like? When are they active? And how can you upsell them all become hidden mysteries. The loss of potential revenue here is enormous (and unfortunate).

Security: Given that 65% of users re-use the same password across multiple accounts (Google) once users share that one password with someone else they are essentially handing over access to multiple accounts they own. Hackers know (and use) this too which is why they are able to successfully hack into multiple accounts of the same user.

The future of authentication

From the information above, a key takeaway is that organizations are losing potential customers and therefore substantial amounts of money due to passwords and complex authentication methods. So what’s the alternative? Passwordless, biometric authentication.

According to the FIDO Alliance, 92% of consumers believe retailers offering on-device authentication care more about their customer experience. This shows that customers are receptive to new, more modern methods of authentication.

As the identity experience company, Transmit security set out to create a solution that enables frictionless identity experiences for customers. Our user-centric solution, BindID, is the industry’s first app-less mobile authenticator — which means no additional software or authenticator apps needed. By integrating FIDO2 certified built-in device biometrics, customers can enjoy reliable and consistent authentication across every device and channel.

By eliminating passwords and replacing them with biometric technology, such as BindID, customers will be able to seamlessly and effortlessly access all their online accounts. Due to this improved identity experience, vendors will benefit from increased customer loyalty which naturally leads to more revenue. With no passwords in sight, the move to biometrics also ends password sharing, account opening frustration and reduces any password-related attacks as there is nothing to ‘steal’.

BindID welcomes the end of poor customer experience and the beginning of seamless and secure online identity experiences.