Discover the event trusted by industry leaders for almost twenty years. VB Transform unites individuals shaping authentic enterprise AI strategies. Find out more
From passwords to passkeys to a variety of other options like second-factor authentication (2FA)/one-time passwords (OTP), multi-factor authentication (MFA), single sign-on (SSO), and silent network authentication (SNA), businesses and customers lack consensus on the most effective identity authentication methods.
However, there is unanimous agreement on the importance of these tools. According to the FIDO Alliance, more than half of customers (53%) reported an increase in suspicious messages and online scams in 2024, mostly through SMS, email, and phone calls, exacerbated by advancements in AI.
Despite the rising incidents of fraud and related losses — with the Federal Trade Commission receiving over 1.1 million reports of identity theft in the previous year — businesses must navigate a delicate balance between robust security and seamless user experience. Striking the right balance is crucial as an excess of security measures can alienate customers, while too little can compromise security.
So, how can businesses achieve this delicate equilibrium and implement effective authentication solutions?
Prioritizing Customer Preferences
In the realm of authentication, what works for employees may not necessarily align with customer preferences. While transitioning to WebAuthn as the sole form of 2FA for employees was feasible through a company-wide mandate, customers require more flexibility in their choices.
For instance, during a recent attempt to book a hotel for a family vacation, I encountered repeated CAPTCHA issues on a travel site, leading me to switch to a competitor’s platform for a seamless booking experience. This highlights the significance of eliminating friction in the user journey, particularly during authentication, to ensure conversion rates and customer satisfaction. Many businesses struggle to strike a balance between security and user experience, with 40% citing reducing signup friction as a key challenge.
Changing customer behavior, especially regarding new technologies, poses a significant challenge. Despite the enhanced security offered by biometrics or public-key cryptography, customer adoption lags if the user experience is not equally intuitive. The onus is on businesses to understand and cater to the needs and preferences of their customers, acknowledging that a one-size-fits-all approach to authentication is ineffective.
The Future of Signal-Driven Authentication
In the evolving landscape of authentication, continuous signals will drive the future, replacing traditional identity checkpoints with dynamic authentication based on user behavior. Authentication will function akin to a brake system, allowing businesses to adjust friction levels based on customer actions.
For example, receiving a promotional offer from a familiar auto shop would warrant a seamless login process, while logging in from a new location may trigger additional identity verification measures. Businesses across various sectors must embrace a zero-trust approach, where authentication is an ongoing risk-based process that adapts to user activities.
The integration of AI further complicates authentication methods, with enterprises pioneering solutions to differentiate between human and automated behaviors. As AI assistants and autonomous agents handle more tasks on behalf of users, distinguishing between legitimate and malicious activities becomes paramount in shaping the future of authentication.
Balancing Authentication Methods
Despite the continuous development of new authentication technologies and the emergence of regional mandates like Singapore’s Singpass and the EU’s Digital Identity Wallet, no single tool will dominate the market entirely. Customers will continue to prefer a range of authentication methods, from OTPs to stringent passkeys, necessitating businesses to offer diverse options while ensuring the security of each method against identity-based threats.
Success in the authentication landscape lies in businesses that can navigate the delicate balance between user experience and security, guiding customers towards seamless yet secure interactions.
Anurag Dodeja serves as the head of product, user authentication, and identity at Twilio.