Consumer authentication - An online organisation's view vs their customer's view
So this post is aimed at pointing out something that affects every online organisation who has account based relationships. I believe there is a disconnect between what the sites think their consumers want and what they actually want...anyway, here goes...
When looking at consumer authentication for online accounts there are three things an organisation usually considers:
Security: How much security should I apply to protect that account?
Cost: How much can I afford to spend to prevent accounts being taken over?
Usability: How can I minimise the impact on the consumer?
This diagram summarises the debate form an online organisations point of view:
As you can see the online bank might take security as the primary consideration. I am not saying they would not be concerned about cost or usability, just that they would likely put security first.
An online social networking site might look at it differently. The account is unlikely to be targeted by a fraudster so security is not the biggest concern, instead because their business model means they are effectively giving the service away for free the social networking site will probably be more worried about cost.
Similarly, the online retailer would probably worry most about usability for the consumer, reasoning that the more "clicks" that a consumer has to make the more unlikely they are to make it to the checkout basket.
These are generalisations and as such are generally true but not every consumer thinks the way an online organisation does.
Some consumers who go to online social networking sites are worried about security.
Some online banking customers are more worried about the usability than the security
Some online retailing customers are happy to sacrifice an element of usability for more security...you get the picture.
So how do consumers actually think? Well this diagram summarises the debate from a consumer's point of view:
If online organisations approach their consumer relationships from their own viewpoint they are not servicing all their customer needs. By offering security to those that want it, and not mandating it for everyone, they will be making their online relationships stronger and more profitable.
