Call it the Great Trade-Off, perhaps: Consumers give up data to online merchants and marketers in exchange for free services, targeted offers, discounts and other benefits. The people and companies who receive the data use it for a variety of profit-enhancing tasks.
However, part of that trade (even if not explicitly stated) is that consumers expect their data to be handled in a manner that protects their privacy and security. Any company that fails to do so — and is found out — risks existential damage. Consumers may be fickle, as human nature is contradictory and complicated, but they tend to have long memories.
The issues surrounding that trade, and questions involving online authentication, formed the foundation of a recent PYMNTS Digital Discussion entitled “Data: The New Currency of Trust.” The discussion featured Karen Webster and Arman Aygen, head of Technology and Innovation at UL.
“The flow of information can only happen if it is built on trust,” Aygen told Webster as they started off the webinar.
Trust is a concept that can change based on context, era and other shifting factors.
In the 2018 digital world, that concept includes a growing consumer and lawmaker backlash about what they view as lax policies for the protection of shopping and transaction data — along with increasing technology capabilities of collecting even more data and using it to craft precise advertising messages.
At the same time, criminals keep up with those developments, becoming more sophisticated and quickly learning to exploit weaknesses in new fraud prevention products and processes. Especially trendy right now, from a criminal point of view, is account takeovers, according to Aygen.
“It’s like a never-ending race,” he said. “Whenever you add a layer to prevent what’s happening, [criminals] move on to the next area.”
It all makes for a complicated situation.
That’s not even considering the endurance of passwords, a universal source of consumer frustration (such as the inability to remember multiple passwords), as well as the frustration — that is, friction — of having to reset them when trying to purchase something online or perform other digital tasks. In fact, a poll taken of webinar participants during the presentation found that only a third said passwords do, indeed, have a future.
Even so, machine learning (ML) and artificial intelligence (AI) are helping to build better defenses against account takeovers and other types of online fraud — including, no doubt, illegal acts that have yet to hit mainstream knowledge. In Aygen’s view, machines and humans can — and need to — learn from each other. Humans have certain advantages (ingenuity, for instance), as do machines, which are better at spotting patterns and making predictions. The chess world, he noted, knows that lesson well, given how human players and machines have combined to win tournaments.
An ideal in online trust is what Aygen called “augmented reality,” which means “human brain power added to the power of a machine.”
Collaboration is also key in building online trust, he said, noting that competitors in payments are increasingly working together on standards and technologies that have a common goal: “Providing value to the consumer at the end of the day,” he said.
Another method to defend against fraud and maintain trust in the digital ecosystem is casting a wider net, so to speak, and catching more data signals. They might be IP addresses, for instance, or a machine analysis of how and from where a specific consumer does certain transactions. Maybe authentication — and customer onboarding — involves the use of social signals, those digital crumbs left by consumers on social media and other online platforms.
A danger there, perhaps, is that consumers — cognizant of data security and privacy issues involving social media platforms, or simply no longer as enamored with sharing details of their personal lives online — will pull back and not engage. That said, “there’s always going to be new methodologies and sources” to aid with those authentication efforts, Aygen said.
A bigger issue might be finding ways to authenticate consumers without adding friction to transactions or checkout. Biometrics, indeed, seem to be emerging as one way to do that — an increasing number of consumers already are doing that with their smartphones and laptops, after all.
No Longer Binary
One main theme that emerged from the PYMNTS Digital Discussion is that authentication — and, by extension, trust — is “no longer a binary process of accept or reject,” as Aygen put it. Instead, it’s more holistic, more about the “risk appetite of the organization.” However, that also leads to another issue, another type of trade-off: how to be solid and secure with authentication and onboarding without using consumer data in a way that becomes creepy, that results in hyper-personalized ads following people around online.
Those are some of the main issues that digital players of all types need to consider as the global digital ecosystem continues to grow and envelope more retail, financial and service activities. The job will only get harder, more challenging and more complex — more devices in the hands of individual consumers mean more areas where trust can be breached.
“That trust has to be everywhere,” Aygen said.