Marc Power, regional vice president of UKI-MENA at Auth0, discusses what online services should take away from a recent YouGov report about consumers login experience
We know that the COVID-19 pandemic increased the rate of digital transformation and the number of digital services. How people access these services, however, continues to be an afterthought for most organisations. At least that’s what consumers are saying.
A new research report conducted by YouGov reveals that consumer expectations for their login and sign-up experiences don’t match reality. According to the survey, nearly half (49%) of consumers are more likely to sign up to an online service if it offers multi-factor authentication (MFA), biometrics (46%), or passwordless (34%) login options.
Yet fewer than a third of businesses offer these technologies: MFA (28%), biometrics (21%), passwordless (20%). Consumer demand for biometric authentication rises to 48% in the UK, while the percentage of biometrics on offer falls to 14%.
To understand why consumers want these options, the research also looks at their frustrations with the login and sign-up experience. Among the top cited were Having to fill in long login or sign-up forms (49%), Creating a password that has to meet certain requirements (47%), and Entering private information (46%). A full 85% of consumers abandon their shopping cart or registration attempt due to an arduous login process.
Public sector perspective
The industry term for login and sign-up experiences is identity and access management. Identity in the public sector is all about providing better access to digital services for citizens. Creating easy to use and trusted digital experiences helps public sector organisations deliver on their digital promises to patients, citizens, and constituents.
Identity can also help governments improve the way they work internally. When employees or citizens can access multiple services with a single username and password (read more about Single Sign-On here), it’s easier to identify that it’s the same person signing in. This means a more consistent and joined-up experience for citizens. At the same time, personal information isn’t spread across many disparate systems, making it easier for governments to secure the data and comply with privacy regulations.
Gov.uk for example has millions of users, over 300 transactional services, and thousands of websites linked to it, many of which require an account to access. If you’re reading this, it’s likely you’ve accessed one or more of these services, and you have a certain expectation for that experience.
This is where government and the survey data collide. We now expect the same simple and secure experience of ordering groceries or pet food when paying our council tax. Government must mind the gap not only in their number of digital services relative to the private sector but the authentication experience for those services as well.
A holistic approach to identity
Complexity is the greatest challenge with identity. Any one government department will have multiple types of users, with many devices, accessing several different applications, some based in the cloud, and others on-premise.
To put this into perspective, consider the NHS. As people are encouraged to use online services, rather than visit a practice in person, the number of digital identities to be managed increases. Combine that with the general trend toward telemedicine, and patients seeking convenient access to care. Then you have NHS staff, who must access internal and external applications securely, from devices on-site, at home, or from remote locations. NHS Trusts must also coordinate and communicate with one another to help manage patient care.
When complexity is high, and there are several possible places to start, fixing just one piece can create interoperability issues and inconsistent experiences. In other words, it’s not as simple as adding the MFA or biometrics that citizens want.
Instead, public sector organisations should approach identity holistically. Often this involves gathering all the relevant stakeholders and identity needs in one place. Conversations about balancing user experience and security are inevitable, but modern solutions help solve both. This may include engaging MFA only when an interaction is deemed risky or using biometrics for identity verification.
With more people accessing online services than ever before, providing simple and secure login and sign-up experiences is in focus. This data serves to open the conversation about identity management as part of the public sector’s ongoing digital transformation, and delivering better services to citizens.
Editor's Recommended Articles
Must Read >> Is the future of cybersecurity passwordless?