The importance of an efficient and secure online retail experience has never been more important. Retailers face the challenge of not only attracting customers, but also making their online experience seamless and secure. With more options at their fingertips than ever before, online shoppers have developed a fickle tolerance for user experiences they consider clunky, slow, or just plain inconvenient. Passwords are at the heart of the problem, accounting for 30% of all abandoned online purchases.
Proper security is essential to any company’s bottom line and brand integrity, but how can you achieve it without increasing the burden on the end consumer? Enter your passkey.
The Retailer Triple Threat: Security, Revenue, and User Experience
Passkeys are the perfect trio for retailers. It provides enhanced security, an improved user experience, and helps you maximize your revenue.
Enhanced account security
Passkey follows the WebAuthn API security standard developed by the FIDO Alliance, a leading industry association whose mission is to reduce the world’s overreliance on passwords (1Password is an active member of the Alliance).
Every passkey has two parts. A public key that is shared with the website or app that the user is trying to access, and a private key that never leaves the user’s device. Because of this, the keys are randomly generated and never shared during the sign-in process, making it nearly impossible for a hacker to reverse engineer one key into another, or for a hacker to guess or intercept it.
Additionally, passkeys are domain-specific. A unique key pair is created for each website, service, or app that a consumer needs to access and is tied to that specific site or application. This eliminates a major phishing method by preventing users from “accidentally” entering their passkey credentials into similar domains. As a result, passkeys essentially make phishing attacks obsolete by removing the user’s credentials, which is the “reward” hackers are after.
Passkeys also relieve retailers of the responsibility of storing sensitive passwords. A common tactic among hackers is to target retailers with credential-based attacks. Using a passkey negates these attacks and gives the CISO one less thing to worry about.
Improved user experience
Research shows that consumers are more likely to abandon their carts if there is friction throughout the purchasing process. Passwords are the cause in this regard and his 70% of customers are dissatisfied. On the other hand, passkeys streamline the login process and have been found to be twice as fast to use than passwords.
Passkeys are a highly secure form of passwordless authentication and are typically unlocked using methods consumers already use to unlock their devices, such as Face ID, Android fingerprint, or Windows Hello. will be done. By leveraging the authentication experience that consumers are already familiar with, Passkey reduces the typically cumbersome checkout process.
Passkeys also remove human error from the equation. No need to generate it, memorize it, or worse, write it down on sticky notes. An e-commerce customer may only visit a store once or twice a year, but even if he remembers his password, there’s always the pain of having to reset his login information. The good news is that using a passkey solves this problem.
Additionally, many sites require you to update your password frequently due to the security standards and policies they follow. Passkeys eliminate this once necessary but unwanted friction, improving user experience, deepening customer loyalty, and increasing conversion rates.
Maximize profits and reduce expenses
This is a simple equation. Users cannot log in or check out. Abandoned carts cost retailers $136 billion in revenue annually. Conversely, if the checkout experience requires minimal effort, consumers are likely to purchase more. Passkeys are 4x more likely to lead to a successful login, create a sleek and smooth user experience, and prevent customers from leaving your site and navigating to another site that offers a faster, easier experience. .
Passkeys can significantly reduce security operations and implementation, especially for businesses that rely on SMS text for secure two-factor authentication (2FA). The estimated cost to install, operate, and maintain these systems is approximately 6 cents per text in the United States (and significantly higher in many other countries), but passkey systems remove these from the authentication process. Eliminate expenses and increase profits.
Technology and retail leading the way in passkey adoption
Last year, technology leaders like Apple, Microsoft, and Google announced plans to move to passwordless authentication, representing early adopters who understand the security and convenience benefits that passkeys can provide. Apple rolled out support for passkeys through iCloud Keychain in macOS Ventura and iOS 15 in June 2022, and Google announced support for passkeys in Chrome and Android in May 2023.
However, for passkeys to become mainstream, the technology will need to cross the chasm and reach an early majority of the market in order to become widespread. And this will set the pace for his e-commerce sector in 2024.
Major e-commerce vendors are taking different approaches to implementation to drive adoption among their core customers. Best Buy has taken a conservative approach to implementing passkeys, choosing to allow more users to add passkeys to their account settings while maintaining the familiar account registration process with username and password. did.
Home Depot has a similar initial registration process, requiring users to first register for an account using a password. However, users continue to be prompted to implement passwordless login on subsequent visits. This subtle push can be an effective tactic to transition users to passwordless login over time.
Kayak takes a more proactive approach to the login flow, offering a completely passwordless experience from the account registration process onwards. It’s easy to see how this simpler implementation could be embraced by digitally native business models.
The lesson for e-commerce vendors from this is that it’s important to understand your audience’s aptitude and desire for change and implement your rollout in a way that best suits your market.
The future of passkeys
For retailers, it’s in their best interest to remove friction from the purchasing process, and simplifying login and registration is a great place to start. Passkeys improve security and ease of use by eliminating the most common point of failure: human error. By relying on a user’s physical device and biometrics rather than their memory or typing ability, retailers can create smarter, more efficient systems that help improve revenue and increase consumer loyalty. experience.
Anna Pobletts is the Head of Passwordless. 1 password. She oversees the company’s Passwordless solution, focused on delivering passkeys to businesses and consumers around the world. Previously, Pobletts was co-founder and CTO of Passage Identity, a developer-first passwordless authentication company, which was acquired by 1Password in November 2022. Pobletts is passionate about security and creating safer, more human-centric online experiences. She has worked for over 10 years with a focus on identity, cryptography, and application security.