For better and for worse, the corporate world continues to merge into the cyber stratosphere. Never before has the distance between a user and the digital world been so conflated. In the post-COVID world, everyone has a ‘user’ relationship–employees rely on digital technologies to perform their roles as much as consumers rely on e-commerce channels to purchase goods. Everyone in the post-COVID environment is a ‘user’ of digital technologies.
And with more users comes more trepidation. ‘The proliferation of data breaches, phishing attacks, and ransomware threats has been the unfortunate by-product of post-pandemic business,’ says Kyle Mani, CCO of OWDT. OWDT is an acclaimed web design firm with a robust team of professionals to help their clients prepare for the next phase of digital uptake. ‘Fortunately, insecurity doesn’t have to be an enduring part of the new normal.’
A recent study shows an incredible 88% of data breaches can be traced to human error. The finding should encourage product teams, UX architects, and cyber-security professionals to consider those breaches preventable.
At this stage of our collective technological capacity, there is no reason for a streamlined user experience to come at the expense of a secure user experience.
Below are three critical areas of focus to help teams expand their notion of usability, including the non-negotiable user safety priority and how to troubleshoot the weakest aspects of user safety as it stands.
Less is More – A Minimalist Approach to User Information
Since the dawn of AI-empowered smarter user analytics, developers have associated more data with a better user experience. Collecting and storing insights seemed to be the most direct path to creating more personalized experiences. Watching a user browse Netflix helps developers build the queue of shows that will pull them into and extend their viewing window. It would seem that the more personalized an experience, the better.
But there are two important reasons to reconsider that assumption. The first is the obvious connection between storing more information and creating more security concerns. Accumulating and keeping sensitive data leaves companies at a greater risk of incurring data breaches while making the results of an attack more dire than they would otherwise be.
The second reason, a newer development, relates to the user’s preference. Perhaps even more than enjoying a customized experience, users prefer to share less personal information when online. Research confirms that when users encounter a contact form, every additional entry field accounts for an incredible 25% decrease in conversion rate. To further illustrate the effect, Imagescape reduced their contact form from 11 fields to 4 and realized a 120% increase in conversions. The tug-of-war between personalization and privacy will be constant, but product designers must first understand the user’s number one preference for privacy.
Smoother Sailing: Improved Authentication
The Internet of Things and proliferation of user devices add a new complexity that can be employed to the user’s benefit–the possibility for two-factor authentication. Two-factor authentication slows the user down a bet, but it’s overwhelmingly the best available tool for authentication.
‘Leaning into the need for identification proofing, whether combined with or in lieu of initial logins and usernames, allows for a smoother user experience after sign-in,’ says Mani. ‘Authentication might not be required for every browsing experience, but keeping account-related and financial information behind a wall of two-step authentication will give users confidence that their information is protected. They can rest assured that the company has robust solutions to ward off unwanted attacks and to notify them of unwanted logins or access attempts.’
Rigorous, multi-step CAPTCHAs can ruin the user experience, and they’re not half as effective as bio-authentication technologies to begin with. Instead of asking eager users to complete a puzzle of images as they try to pay for their concert tickets, companies can now employ improved TSL or SSL certificates for a more sophisticated way to strengthen encryption. The larger the bit strength, the longer it takes to encrypt. Combined with bio-authentication, this solution can thwart spam and unwanted, outside data extraction.
‘Throughout the pandemic, employers have upped their security spending,’ says Mani. ‘Increasing investments into security solutions is critical, but it’s not the only solution to the proliferation of cyber-attacks.’ Minimizing the information ask, employing two-factor, bio-enabled authentication when the need for security is obvious, and using TSL or SSL certificates in place of multi-step CAPTCHAs—are the steps development teams can take to update and further protect the post-pandemic user experience.