Why passwordless authentication holds the key to smoother CX

The recent explosion of Software-as-a-Service (SaaS) tools and the rapid increase of digital services means we’re all dealing with more passwords than ever before. According to NordPass, the average person now uses 100 passwords and Statista reveals that more than half (56 per cent) of us changed ours at least once a month during 2022.

With such high volumes of passwords to manage (and, crucially, remember!), it’s no surprise that people run into problems. For example, despite regular security warnings, many of us still opt for easy-to-remember passwords and/or re-use the same ones across multiple accounts. The most used password in 2022 was ‘password’, which can be bypassed by hackers in less than a second. As the pressure of password management increases, more people could resort to practices that leave them open to possible cyber attacks.

Yet, the problem doesn’t only lie with individuals. Issues around forgotten passwords and password retrieval are also a potentially damaging issue for organisations. An estimated 50 per cent of IT helpdesk costs are taken up by password resets while 18 per cent of retail customers abandon checkouts as a result of having to reset their password.

A faster, smoother way to gain access

Switching to secure passwordless authentication could therefore have a huge impact–both on organisations’ own operations and their customer journey. By making it quick and easy for users to access their digital services via a secure sign-in method, companies can deliver a seamless customer experience (CX) without requiring people to recall which upper case letters they chose or how many special characters they included in their password.

Here are some of the most common methods of passwordless authentication available:

One-time code via SMS: Here, organisations send a one-time code to the user’s mobile phone. They then enter the code into the authentication system to confirm their identity. Since SMS is widely used on all types of mobile phones, this method of authentication is accessible to most people, including those without a smartphone.

Email notification using a ‘magic link’: A unique, time-sensitive URL, known as a ‘magic link’ is sent to the user’s email address. The link redirects them to the company’s website or application and signs them in without the need for a password. The link can only be used once and expires after a certain amount of time, offering an extra layer of security.

Push notifications: Push notifications are a fast and secure way to authenticate users because notifications can only be received on their own device. However, some people may still be concerned about security because if the device is stolen, push notifications could be intercepted.

QR code authentication: QR codes are quick and easy to use and can be both encrypted and unique. However, they do require the user to have a modern device with a camera and can sometimes be difficult to scan. This may exclude or put off some customers from using them.

Fingerprint and facial recognition: Biometric recognition is fast, convenient, and secure, with many modern devices now including biometric capabilities. Yet while biometrics can reduce friction in the customer journey, people without the latest smartphones may be unable to use them. Some may also be uncomfortable with organisations using their biometric data.

Multi-factor authentication: Multi-factor authentication uses a range of verification methods in combination, which can include biometric data, push notifications, and one-time codes. The aim is to provide extra security and give users a choice of sign-in options. However, it also creates an extra step in the customer journey, which could add too much friction for some.

Passwordless authentication: Enhancing CX and retaining customers

Given the customer challenges and business risks associated with passwords, many organisations are understandably getting excited about passwordless authentication. Used correctly, it can provide a whole new level of flexibility and security for both company and customer alike, allowing them to choose the sign-in method that suits them best.

Crucially, Zendesk’s CX Trends 2023 Report reveals that businesses that choose to provide passwordless authentication can reduce sign-in time for customers and improve CX, both of which are key elements in gaining and retaining a competitive edge. The report found that in EMEA:

• 73 per cent of business leaders agree CX is key to staying competitive
• 46 per cent of consumers would switch to a company’s competitor due to one bad customer experience
• 68 per cent of consumers would switch to a company’s competitor due to multiple bad customer experiences

It’s also worth noting that big tech is solidly behind going passwordless. The Fast Identity Online (FIDO) Alliance was formed in 2013 to promote the development and adoption of secure, passwordless authentication. And in 2022, Apple, Google, and Microsoft committed to expand their support for FIDO.

Empowering everyone with passwordless authentication

It’s highly likely that passwordless authentication will become the norm in the not-too-distant future, with experts predicting that the market will be worth $53.6 billion by 2030. For customers, it frees them from the burden of creating, remembering, and resetting passwords while cutting their risk of falling victim to a cyberattack due to poor password management.

Meanwhile for businesses, it reduces the costs associated with forgotten passwords and strengthens the security of their systems and data. Crucially, by removing friction in CX, passwordless authentication can have a powerful positive impact on customer satisfaction, retention, and growth. With ongoing investment from multinationals and tech organisations, we can expect to see exciting things in the future.