Keeping customers safe and happy: the CX vs. cybersecurity dilemma

Among the many negative consequences of the coronavirus epidemic is the removal of most organisations’ ability to give in-person human contact as an option to their customers and users. While many institutions like banks were scaling back their presence in all but the biggest cities all over the world, there is a distinct demographic that relied on that personal touch.

Therefore many organisations are trying to replicate — to the best of their abilities — the quality of customer experiences online that might previously have “gone analogue” only this time last year.

But creating customer experiences on technology platforms that are rich, fast and secure is no simple matter, as any cybersecurity professional will happily attest. Rarely a day goes by without an embarrassing and potentially devastating news item about compromised login credentials, multiple thousands of usernames and passwords lost, and breaches of customer security and privacy on horrendous scales.

It’s a natural thought process that helping customers stay rigorously protected online and providing a superb customer experience are two opposite ends of the spectrum. Most users, for example, hate having to reset a forgotten password because it involves a series of time-consuming, almost torturous steps. Small wonder then that many people endanger themselves (and often their employers too) by re-using the same password for every service.

Companies face multiple challenges to balance the two desired outcomes of safety and experience, especially when they stop to consider the complexities that have to be engineered-in, yet taking pains not to pass any of that “under the hood” complexity onto time-poor users and customers. Juggling the myriad acronyms around data protection, compliance, and geographically-specific governance is a tough call, especially when guidelines from PCI DSS to CDR are wont to change quickly. For organisations to stay fully legal, even in one country, is hard: across multiple geographies it requires a dedicated department of eagle-eyed developers.

In this series of articles on Tech Wire Asia, we’ll be looking at some of the ways around the problems touched on above, looking at the technology that is available to provide seamless and simple positive user experiences yet with cast-iron security. Products that can solve one or two of organisations’ problems in this area do exist, and there are some that — thanks to some very smart people — tick all the boxes and provide extra features and facilities that actively add to the bottom line.

Mature cloud and the CIAM

The technology press has been talking about “the cloud” for over a decade, but it’s only relatively recently where cloud-based CIAM (customer identity access management) solutions have been mature enough to be considered by large financial institutions like the big banks.

As you might expect, it’s not practical nor desired for a cloud service of the required complexity and security of today’s CIAMs to be “click and go” deployment that could be rolled out by the Finance Department’s summer intern. Our first featured vendor, Auth0 provides access to tools and facilities for organisations’ already-skilled development teams, for example. The Auth0 solutions remove huge amounts of the required heavy-lifting needed to provide high-end security features that the end-user simply won’t notice — if, that is, teams do their work well!

Clearly, there’s a lot going on under the surface in cloud CIAMs, but in terms of pure development hours, teams will find themselves able to turn their attentions to the polish and unique touches to apps and services that make a company different from its competition.

For those end-users there are features like MFA using phones’ fingerprint sensors, one-time passwords by email or text, password-less account creation, social channel integration (log in with Facebook credentials, for example), single sign-on and much more: in short, the type of digital facilities that make interaction with a company or organisation less of a chore.

For the development teams, all these capabilities are pretty simple to code: API integration is their bread-and-butter, these days, and to continue with the example of Auth0’s, there is a long list of methods, frameworks and languages supported.

Among the vendors we’ll cover there will be a specific focus on using authentication methods in omnichannel call centre operations; as digital identity management especially during the sign-up process to open bank accounts or move money; and of the different possibilities of SSO (single sign-on). There will also be bonuses for compliance teams, SecOps and marketing professionals too, as cloud-based CIAM can significantly offer more than security and ease-of use.

Keep watching these pages for the next article in the series, where we look at Auth0 specifically. If your organisation is a digital native or even a reluctant digital convert, keep coming back.

*Some of the companies featured on this article are commercial partners of Tech Wire Asia

Cloudcustomer experienceCyber SecurityPlatformsSSO