CIAM and User Experience: Usability and Login Best Practices
Highlights from Simeio’s July 22nd “Ask Me Anything Coffee Talk Series”
Last Wednesday’s Coffee Talk was another interesting and informative session. The topic was “CIAM and the User Experience.” The session hosts were Michael Bickford, Director, Solutions and Advisory at Simeio Solutions, and Danielle Kucera, Senior Product Marketing Manager at Okta. Here are some of the session highlights.
What is the importance of CIAM, specifically as it relates to usability?
Usability is incredibly important for CIAM, and user login is one of the first things we consider. It is the gateway to the user’s experience with your brand. Whether a user is logging in for the first time or returning, it’s the front door to your business, and that experience needs to be welcoming.
During login, we’ve all been asked the personal security questions, like what color is the house you grew up in, and what is your favorite winter sport? These questions become irritating, because the company doesn’t seem to recognize our device, or that we’ve logged in before. These questions aren’t considered best practices. They add friction to the user experience, and they don’t keep the user identity secure.
The best online customer experiences are those where the companies know who we are and what we like. Customers don’t care about what goes on behind the scenes. They just want a simple and easy experience, and to know their information is secure and their privacy intact. They want to seamlessly engage with your multiple channels and move between business lines logging in again and again.
To provide the best customer experience, it’s our responsibility to orchestrate our services to best meet the customer’s needs, across all channels and lines of business. Having a common view of a customer’s identity across all applications and services is critical to accomplishing this.
Can you elaborate on login best practices?
Having a clear line-of-site into customer applications is important. Are they logging in to check their account status? Are they paying a bill? Providing customers with a single identity, where they can access all applications and services, with one login, is a common best practice. Providing secure access for transactions, with authorization and authentication, is another best practice.
Today, customers interact with a brand in many ways. Having a consistent login experience across all channels is important. Customers shouldn’t be negatively impacted, because of the variety of devices they use, whether a phone, laptop, tablet, or smart home device. Tying identity across all devices helps eliminate this friction.
Asking questions that don’t apply to the products or services you offer, or asking too many questions up front, will frustrate customers. Asking for the right information is a critical best practice. We call this progressive profiling. Ask only what you need in the initial interaction, and then over time, you can ask for additional information, but only if it’s relevant to your brand and the customer interest.
As privacy regulations increase, it becomes even more important to understand why you collect all that data. Many companies have overextended in collecting as much data as they can from customers. This is counter to what is considered a best practice.
The data collection and progressive profiling process should reflect what the customer wants to do. What the customer expects from your company, as they interact with you, will define your data collection process. And it’s different for every business. A hair salon will need different information than an athletic apparel company.
What is the process for progressive data profiling?
It’s important to collect information that’s relevant to your business and ask for it at the right time. If your backend system can’t identify a customer across devices and lines-of-business, you will be limited. Without a system that enables a single identity across multiple devices and different channels, the business is siloed. You will have to continuously ask customers to log in to each channel separately. And that makes for lousy customer experience.
The basic information for a login is username and password. You can identify the top three things that are important to your brand and services, and collect just one of those first. The key is prioritizing the data collection process, based on actual business need at the present time.
What should be the overall goal of a CIAM program?
Great customer experience is a simple and trusting experience. That is an appropriate overall CIAM goal. It all starts with a good CIAM foundation with identities that are managed from one location. Organizing data, and the types of information you collect is key. You can’t have identities stored in twenty different locations, and try to reconcile them all the time. That will set you up for failure.
A business goal would be to have a universal directory that is integrated and can be centrally orchestrated throughout the business. This enables a single place for customer identities to be stored on the backend, while allowing customers to easily log in, and access whatever they need. If multi-factor authentication is required for a transaction, that can be incorporated as a step up to the application.
How critical is customer support when talking about CIAM?
Good customer experience requires good customer support. There are two aspects to CIAM. One is the registration and login experience on the customer-facing side. On the backend are identity management and security. For customers to feel comfortable doing business with you, they need to know you have their security and privacy in mind.
When a customer needs to ask a question about the login experience, or they must do a password reset, that is typically not a good experience. A way to support customers is to put information into the experience itself, so they don’t have to ask questions. This could include information about why you need their personal information, how you are using it, how you are keeping their identity secure and private. This will increase trust, and make customers more comfortable interacting with your brand.
We’ve just touched upon some of the conversation. If you want to learn more, you can watch this, and other on-demand Coffee Talk sessions at https://www.brighttalk.com/channel/17142.We hope you can join our next Coffee Talk where you can chat with IAM experts, ask questions and gain insights into how you can lower operational costs, and achieve greater security and privacy using IAM. Click here to sign-up.