Retail security and the consumers’ journey is the main priority for retailers today. As customers engage in more diverse online shopping experiences, retailers are improving many areas on their websites or apps. From product listing to the checkout experience, any digital shortcomings and hindrances will only have customers moving away towards a competitor.
While creating the perfect customer experience is key, securing customers is also a prerogative. Today, cybercriminals are waiting to pounce on retailers and customers who do not take cybersecurity seriously. And the best period for cybercriminals to wreak havoc is always during the sales season.
According to ACI Worldwide, e-Commerce transactions during the holiday season are expected to rise 23% from Thanksgiving to Cyber Monday. In fact, global e-Commerce transactions for the whole holiday season (October – December 2021) are expected to rise 14%, with ticketing (a whopping 414%), travel (113%), telco (11%), and gaming (7%) sectors expecting the highest gains.
ACI e-Commerce intelligence also shows that new payment methods and channels continue to grow, with a projected 98% increase in e-Commerce transactions through the buy online, pick up in-store (BOPIS) delivery channel during the 2021 holiday season compared to the 2020 holiday season.
At the same time, the Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI) issued a cybersecurity reminder for public and private sector organizations to remain vigilant and take appropriate precautions to reduce their risk to ransomware and other cyber attacks leading up to and during the holiday season.
With payment providers improving their security features by adding more authentication methods and such, rising e-Commerce transactions will only mean more opportunities for cybercriminals. For consumers, the robust authentication requirements are becoming a mundane task, and in some cases, disrupting the customer experience.
Invoking frictionless retail security experience
Jim Taylor, Chief Product Officer for the trusted identity platform SecureID, believes that businesses can take advantage of customer authentication best practices to allow for a safe and seamless customer experience this holiday season.
“The balance between flexibility and security has always been a challenge the industry has strived to achieve. It is more apparent in retail and consumer interactions. The challenge for retail is they want to establish a digital relationship and trust with their consumers. But at the same time, they need to balance flexibility. Consumers want a simple straightforward experience,” he said.
Taylor explained that people are beginning to realize that passwords are not the only option anymore. They may have worked in the past, but if a consumer is made to input multiple passwords to buy a product, they may just move to a competitor. Authentication is a means by which that bond of digital trust is formed. It has to be secure and also frictionless at the same time.
“Going passwordless is a good step in the journey and is the right direction. What we really need to do is get to a situation where the right security is being applied at the right time. Consumers shouldn’t need to have to log in every time they used a platform or service. The behavioral patterns can help determine where and when passwords are needed. Everyone uses smart devices. And these devices can create an ecosystem of trust,” added Taylor.
With cyberattacks expected to surge during the holiday season, there is definitely an increased risk for consumers as well. Taylor pointed out that a lot of consumers, who may be shopping online due to the sales, may have forgotten their logins and passwords. Many would look to create new accounts or reset passwords.
“All these things will create stress and regress in the system that exposes weaknesses. Unfortunately, cybercriminals will take advantage of these situations,” he continued. “You’re more likely to get phished, scams, and such. Clicking on a malicious sales advertisement on social media or email could lead to problems. Two-thirds of users use the same passwords. If you have 100 accounts, two-thirds would have the same password. And it only takes less than a second to crack. It’s a recipe for disaster.”
Taylor also highlighted that retailers are trying to balance the flexibility of trust. Retailers study a lot of data, such as the rate of abandonment and how much friction can they put on consumers’ purchasing journey when it comes to security. And surprisingly, some consumers are willing to put up with a bit more friction, as long they enjoy a more secure shopping experience. Consumers trust retailers with their information and retailers have a big responsibility in ensuring they do not compromise their customers.
“Good retail security does not need to be difficult security. If you apply too much security, you are encouraging users to not participate in that service or find a way around it – which is using the same passwords everywhere. Retailers have to think about how to provide a compelling but secure experience because they all want to trust. The damage to brands today is significant. If customers can’t trust a retailer, they will not shop there.”
“We are now at a point whereby we need to evolve. We have learned the lesson that easy can also be secure. Things will get easier and better as we move towards a more compelling experience. There is a lot of innovation happening in identity security and authentication. We have to create a compelling frictionless experience to enable digital transactions and it has to be centered around identity,” concluded Taylor.