{"id":5353,"date":"2018-11-02T11:00:47","date_gmt":"2018-11-02T05:30:47","guid":{"rendered":"https:\/\/gtm360.com\/blog\/?p=5353"},"modified":"2022-02-21T13:58:48","modified_gmt":"2022-02-21T08:28:48","slug":"winners-dont-let-security-screw-up-user-experience","status":"publish","type":"post","link":"https:\/\/gtm360.com\/blog\/2018\/11\/02\/winners-dont-let-security-screw-up-user-experience\/","title":{"rendered":"Winners Don’t Let Security Screw Up User Experience"},"content":{"rendered":"

Like me, you may have come across people who appear obsessed with security but happily book cabs, send messages, order food, and even make payments<\/strong><\/a> without entering a single password \/ PIN on their smartphones.<\/p>\n

\"\"<\/a><\/p>\n

This is not as contradictory as it seems if you look at the end-to-end customer journey.<\/p>\n

For the uninitiated,\u00a0Customer Journey<\/strong><\/em>\u00a0can be defined as the path taken by customers while interacting with a company \/ brand.\u00a0A customer journey traverses multiple stages in a customer\u2019s relationship with a brand viz. awareness, interest, desire, action, repeat purchase and advocacy.<\/p>\n

The apparent headscratcher just means that people value security when they’re in the awareness<\/strong><\/em>\u00a0or TOFU (top of funnel) stage of the funnel but they want convenience after reaching the repeat purchase <\/strong><\/em>or BOFU\u00a0(bottom of funnel) stage of the funnel.<\/p>\n

In plain English:<\/p>\n

People will switch from cash to digital payments only if it’s secure but they will continue to use digital payments only if it’s easy to use.<\/p>\n

In payments (and in many other products and services), studies have shown that consumers have different considerations at different stages of their purchase journey <\/strong>and that all considerations are not created equal<\/strong>.<\/p>\n

Many payment service providers (PSP) don’t get this cardinal trait of consumer behavior and solve only for the TOFU driver, namely, security. Not surprisingly, they struggle to gain mainstream adoption.<\/p>\n

Take, for example, two factor authentication. When Reserve Bank of India mandated 2FA for all online payments in India, it presumably thought “people want security, 2FA provides security, ergo people will flock to online payments”.<\/p>\n

What happened was exactly the opposite. Although the central bank-cum-banking regulator’s move was well-intentioned, 2FA caused tremendous friction and resulted in an alarmingly high rate of failed payments for reasons explained in the following exhibit.<\/p>\n

\"\"<\/a>
CLICK TO EXPAND<\/figcaption><\/figure>\n

People like me who were paying for online shopping with credit cards for years switched to cash on delivery. Many others never tried online payments for online shopping. Not surprisingly, COD Still Rules Ecommerce In India<\/a> with a 60% share.<\/p>\n

When there was a cash crunch in the wake of the de\/remonetization of high value currency notes in India in November 2016, people didn’t switch from COD to digital payments \u2013 they simply stopped shopping online because they didn\u2019t have enough cash to pay on delivery.<\/p>\n

PSPs that have required explicit 2FA for each and every payment \u2013 \u201caccording to RBI mandate\u201d \u2013 have flopped. On the other hand, fintechs like PayTM that cleverly circumvented 2FA \u2013 or at least make it implicit \u2013 became unicorns and household names.<\/p>\n

Let’s look at a few other markets.<\/p>\n

While many security technologies were invented in the USA, none of them has been implemented there. Let’s take 2FA and EMV as examples:<\/p>\n

    \n
  • The American regulator FFIEC mandated 2FA for online payments in 2005 and reissued its guidelines in 2012. But online payments don’t require 2FA in USA even today.\u00a0Stripe, the leading payment gateway company, at one time minced no words about its dislike for 3D Secure, the go-to method for implementing 2FA for online payments. Its website once\u00a0noted<\/strong><\/a>: “At Stripe we’ve so far opted not to support 3D Secure since we believe the costs outweigh the benefits.”<\/li>\n
  • The EMV migration deadline has come and gone over a year ago in USA, still fewer than one-third of US retailers have implemented Chip and PIN technologies.<\/li>\n<\/ul>\n
    \n

    EMV for US Gas Stations.
    Cost: $7B.
    Savings: <=$0.5B\/year (from potentially reduced fraud).
    Ergo no ROI.    https:\/\/t.co\/Twn0gpGzmw<\/a><\/p>\n

    — Ketharaman Swaminathan (@s_ketharaman) November 8, 2016<\/a><\/p><\/blockquote>\n