Consumers want a better way to verify their digital identity, a recent survey from Onfido shows. Its latest report Customer attitudes to digital identity (registration required) shows increasing concern from consumers over the data they are asked to hand over to open online accounts. The report comes at a time when lockdowns and work from home (WFH) have caused more people to go online than ever before.
Businesses are seeing both a surge in online use and abandoned signups. If those signups are linked to shopping carts, it means that consumers are going elsewhere to buy goods. That means retailers are losing business by asking for too much data.
Robert Humphrey, Chief Marketing Officer and Strategist for Onfido said: “We are not surprised that COVID lockdowns would increase the use of online accounts, but the rate of abandonment during account sign up due to security and privacy concerns was surprising to us.
“This shines a light on an opportunity for UK businesses to provide a more seamless, user-friendly process, while still engaging strong identity verification in order to improve account onboarding and authentication.”
The survey looked at 4,000 respondents across the UK, US, France and Germany in August 2020.
Why are shoppers abandoning signups?
In a word, trust. Consumers are concerned over five key issues, according to the report:
- Data will be passed on to third parties (53%)
- Security of the information provided (50%)
- Asking for too much information (37%)
- It takes too long (27%)
- It’s confusing (12%)
For many online businesses, the more data they have on customers, the better. It allows them to better target advertising at those customers and suggest things they might want to buy. Just as importantly, the sale of that data to data brokers and other companies is big business. However, the concerns above show that this data gravy train is beginning to run out of steam.
Current identity verification can be laborious
It is common for websites to ask a new user to create a username and password at onboarding. It often includes other questions such as a memorable word, location or date. 38.8% think this approach is inconvenient, and 36% believe it is not secure.
Some sites go further, requiring a lot more personal data such as date of birth, address history and government ID. This data is often entered through long forms on the screen, which is not only difficult on mobile devices but sometimes impossible. This approach is often where there is a risk of fraud, such as in financial services. 53.1% say this is inconvenient, and 55.6% believe it is not secure.
A third approach, that of visiting a branch to provide personal data and have an ID copied is very common in banking. 66.5% say this is inconvenient, and 53.4% believe it is not secure.
All of these are causes for people abandoning signups. On average, around 43% of signups are abandoned. Of particular interest is the age groups who are most likely to abandon signups due to them taking too long.
It also seems that the younger you are, the less tolerance you have for drawn-out, complicated processes. Those aged 18-24 years were most likely to abandon signup (59.4%) while those over 55 years were least likely (33.2%). Given the high levels of engagement with online services by those under 24 years, these numbers are concerning.
How to do identity better?
One solution seems to be the use of biometrics. A growing number of services allow the user to take a photo of a government-issued ID and then a selfie. The two are compared to establish identity. When asked, 75% said that they would be willing to use this approach if it reduced impersonation fraud. That rises to 80% when it comes to account takeover and 90% for those aged 35-44 years.
The only holdout here is those aged 55+. Only 22% were willing to do down this route. However, the report doesn’t seem to have done any qualitative research to uncover why.
This use of documents and biometrics also changed the perception of users towards an organisation. 45.6% said it shows the business cares about security while 31.1% said it shows they care about privacy. The problem is that neither is a guarantee.
For example, the use of forged documents to take over mobile phone accounts is on the rise. Criminals go into a phone shop with a fake passport. They use that and say they want to migrate their phone number to a new carrier. Shop staff are not trained in how to spot frauds, so often accept the ID. Once the number is migrated, the criminal can run up bills and takeover any account that uses SMS verification.
Another requirement is the effectiveness of the facial recognition software comparing the image and the selfie. There is well-documented bias in such solutions. Onfido uses its own AI but doesn’t publish details of bias, so how effective their route is for some groups, isn’t clear.
I want it now!
Ironically, one of the problems for many is being slowed when they authenticate or use a service. An increasing number of organisations are adopting multi-factor authentication when users reset passwords or login from a new device. The options are often either an SMS message or an email with a code. The problem with this is that it can take time for these to arrive, especially email messages and they assume the person has access, at that time, to the email account.
For those aged 18-24, this is intolerable. 73.4% feel it happens too often and are increasingly frustrated by it. Again, this is something that changes based on age. As people get older, they are less tolerant of the delay with just 48.2% of those 55+ seeing it as a problem.
Where this becomes a real problem, is getting permanently locked out of accounts. It seems that almost half of 18 24 year olds get permanently locked out of accounts. When that happens, they give up. Whether they then create new accounts or go elsewhere is not examined in this report. The likelihood is that many will initially create a new account if the service is valuable and it will let them. Retailers, however, cannot count on that and need to think about other ways to confirm identity.
Enterprise Times: What does this mean
2020 has seen people create online accounts in bigger numbers than before. Less than 2% of respondents have more than 51 online accounts. However, almost 20% have 11-24 accounts. These numbers are likely to be a significant understatement. Few people keep an accurate track of what accounts they have created and often forget those they don’t use often.
This explosion of accounts also leads to other issues such as reuse of passwords and security credentials. The more these are shared across accounts, the weaker the security becomes. Mechanisms such as multi-factor authentication can create delays in accessing an account, something that frustrates users.
What is clear is that we are still far from creating an acceptable solution to account creation, verification and authentication. Proving identity is still a complex process and often means providing large amounts of personal data that can be misused and stolen. Solutions such as Decentralised ID (DID) are beginning to appear but are far from being mainstream. We are years, if not more than a decade from that happening.
For now, Onfido believes that a mix of documents and biometrics is the best solution available.