BLOG

A New Approach to Login Authentication—Without Fire Hydrant Puzzles

James Jackson Thumbnail
James Jackson
Published March 06, 2023

Secure friction-free login for trusted customers will become competitive differentiator

Since the start of the pandemic, e-commerce and online services have become increasingly popular, with the global e-commerce growth rate for 2023 expected to surge more than 10% over last year. But as business is increasingly transacted online, both consumers and online merchants face growing threats from cybercriminals seeking to steal data, take over accounts, and commit fraud.

In response, organizations have put in place mechanisms and controls to safeguard both customers and their infrastructure from attacks by bad actors. But these protections—such as CAPTCHA challenges, multi-factor authentication (MFA), and user session time limits—come at a cost, interrupting the user experience and raising the possibility that frustrated consumers will abandon the login attempt or shopping cart completely and spend their money elsewhere.

That’s because CAPTCHA and MFA defenses are inserted into login processes and introduce substantial friction into the customer journey, which cuts into business revenue and irritates users. As consumers increasingly expect fast, seamless interactions and experiences, e-commerce merchants need to find a smarter, more personalized approach to allow customers to login to their accounts safely.

There’s good news: A solution to login authentication has arrived, offering friction-free logins to legitimate consumers and improved revenues for digital channels.

Seamless authentication matters

Consumers who are able to login without hassle are happy customers, more likely to buy or transact business. Users who can login successfully are 40% more likely to convert than users who initially had trouble logging in.

However, common login defenses such as CAPTCHA and MFA can have the opposite impact, frustrating regular customers with confusing traffic-light-identification challenges, silly puzzles, time-consuming MFA procedures, or short user sessions that can automatically log customers off while in the process of completing an order.

These authentication methods increase user friction, as these processes can be challenging to complete correctly and can lead to account lockout for legitimate customers. CAPTCHA and MFA are also no longer effective for deterring automated attacks or fraud as they can be easily sidestepped by bots or bypass services, or by employing human fraud farms to solve CAPTCHA challenges.

When previously logged in customers attempt to return to a website, roughly 70% login successfully on the first attempt, while 20% will eventually login after multiple attempts or after having to reset their password. The remaining 10% will fail to login and abandon the login attempt, even though the majority of these are legitimate returning users.

The cost of online transaction friction to business is estimated at $200 billion in the U.S., due to loss of revenue when locked-out consumers make their purchases elsewhere, or due to customer attrition when returning customers face repeated login frustrations and abandon the annoying login protocols of once-preferred vendors.

Brand loyalty also suffers, impacting reputation and future growth potential. Login difficulty is the #1 reason given for contacting call center support, which drives substantial operational costs.

A smarter approach to login authentication – Stop wasting consumers’ time asking them to make security decisions

Instead of subjecting all users to irritating puzzles and complex MFA requirements as part of login authentication, a more intelligent authentication solution would simply recognize legitimate returning users via machine learning and behavioral analysis. Leveraging comprehensive data compiled about both known good users and fraudsters, this superior authentication solution would identify the overwhelming majority of returning users and automatically reauthenticate legitimate customers based on known biometrics, behavioral analytics, artificial intelligence, and other sophisticated data modeling techniques.

Visa and F5 are joining forces to deliver a secure, seamless, and personalized online experience, with an innovative solution that reduces authentication friction at login for returning good customers and protects against fraud threats throughout the e-commerce journey.

This solution moves authentication beyond the hassle of outdated security puzzles and MFA to enable seamless login for trusted returning customers. The offering is powered by F5 Distributed Cloud Authentication Intelligence, which employs artificial intelligence and behavior analytics to securely and accurately identify both returning customers and fraudsters.

When combined with F5 Distributed Cloud Bot Defense, merchants can also now easily extend bot detection and fraud protections across the entire customer journey. This is good news to both merchants and consumers. Known and trusted customers will be able to login and transact seamlessly, without the need to remember and enter usernames and passwords, or navigate one-time password authentication requests.

This innovative approach to login authentication will be a game-changer for consumers and e-commerce vendors. Frictionless authentication is set to become a competitive differentiator, improving the customer journey by offering trusted users hassle-free logins and higher revenues for online vendors.

To learn more about how Visa and F5 can empower merchants to create a secure, personalized, and seamless online experience that offers frictionless authentication, read the press release, and visit F5 at Booth #409 during MRC Vegas.