Become a member of the event that is trusted by business leaders for almost two decades. VB Transform brings together the people who build the real Enterprise AI strategy. Leather
From passwords to passkeys to a real alphabet soup from other options-two-factor authentication (2FA)/One-time passwords (OTP), Multi-Factor Authentication (MFA), Single Sign-On (SSO), Silent Network Authentication (SNA) is very uniterification, it is very uniterilification, it is a preference-target-target-of-the-eligure,
However, what it is about is the need for these tools. The Fido Alliance Discovered that more than half of the customers (53%) saw an increase in suspicious messages and online scams in 2024. This was largely driven by SMS, E -mail and phone calls and was only worse by progress in AI.
Even at a time when we keep seeing that astonishing increase in fraud and related losses – the Federal Trade Commission Last year receive more than 1.1 million reports of identity theft – companies must do their best to run a cord between robust security and effortless convenience. Over-index on both and you risk customers to dismantle few hoops and you lose their trust, too much and you lose their patience.
So how do companies find this fragile balance and implement effective authentication solutions?
The customer is always right
When it comes to authentication, which determines companies for employees, rarely translates to customers. We switched to Web car As the only form of 2FA for employee authentication, a company -wide mandate that lasted a few weeks. This ‘forced adoption’ works when your employees have no choice, but your customers do.
I recently wanted to book a hotel for my family vacation, so I went to my favorite travel site, found the perfect room at a reasonable rate and started to complete the transaction. One problem: I continued to come across a problem with Captcha on their page – once, twice. After the third attempt I left, found the same room with the same pace on the site of their competitor and booked.
Companies can spend huge budgets on top-or-tunnel marketing that bring customers to their websites, products and services, but as a friction in the user experience conversion is often authentication as the first touchpoint-is the wasted investment. Forty percent From companies saying that one of their most urgent challenges is finding a balance between security and customer experience, in particular reducing friction during the reporting of the account.
Customer behavior is difficult to change, in particular around the approval of new technology. It does not matter whether biometric data or public-key cryptography are safer, if it is not just as seamless to use, the customer’s acceptance will be left behind. Why do you think that so many people still trust easily to overcome passwords (you know who you are!). The reality is that you simply cannot force the acceptance of the customer that get authentication good, recognize the needs and limitations of their customers, meet them where they are comfortable and understand that it cannot be one-size-fits all-all.
A signal -driven future
In this struggle on friction versus freedom, the future of authentication will be powered by continuous signals instead of random identity control points such as registrations or purchases. Consider authentication as a braking system, where companies can suppress or release the pedal to increase or reduce friction based on customer behavior.
Let’s say I receive a promotion for a 20% discount on new tires from my regular car shop. If I click on the notification, I would expect a seamless inner experience-she sent me the message, I am an old customer and I use their application of a well-known device. But let’s say I am going to Kansas City for my work. If I open my laptop and I am still registered with my favorite e-commerce platform, I would expect them to log out or need an identity card to continue the session, because I am at a completely different location based on the earlier purchasing history.
Think of the ecosystem of applications – shopping, e -mail, social media, home security, streaming services – where we once log in and rarely log out. What happens if your device is lost or stolen or your session is hijacked? Companies must embrace a mindset of a zero-trust, where authentication not only to show your identification at the door, you can roam the club, but a continuously risk-based process that scales friction based on your activity.
The wrinkle here, like so many sectors at the moment, is AI. Earlier in my career I built Bot detection models for a startup to distinguish human behavior from machines. We would check how many clicks we would get from the IP and user agent string and if it was more than n within a second, we assume that it was a bone and that traffic blocks. But now, if we pass on the reins to AI assistants and autonomous agents to reserve dinner, make appointments or buy film tickets, how do you distinguish between a snode bone or one that works on you? This is the future of authentication and the bleeding-edge work companies in the industry continue to pioneer.
Authentication: a ‘And’ not ‘or’ proposal
Despite new authentication methods in continuous development and an ascension of regional requirements such as Singapore’s SingPass or the EU’s digital identity portion, No tool will ever have a full market share – some customers will always prefer the simplicity of options such as OTP, while others will demand the stringence of passkeys or other modern tools.
The responsibility remains for companies to offer a breadth of choices to meet customers where they are and Implement strategies to keep the root of each method safe of Smishing/Phishing, Social Engineering or an abundance of other identity -based attacks. This authentication rope -tug of the friction between friction and freedom will not be won by those who prioritize one or the other, but those who can walk the cord between the two to guide their customers to seamless but secure experiences.
Anurag Dodeja is head of product, user authentication and identity at Twilio.