The future of account security must be democratized

December 17, 2020

Today’s customers rarely bat an eye when they receive a security alert from a company with which they do business. That’s because large tech companies have baked identity confirmation and notifications of suspicious activities into their everyday user experiences. Credit card companies routinely flag transactions that appear outside of a person’s standard spending patterns or geography. The biggest online platforms notify users when someone has logged into their account from an unknown device or location. But this technology is still rarely available to most businesses outside of the tech titans and Fortune 500.

Customer alerts represent a tremendous value to the customer. They build trust, loyalty, and goodwill while demonstrating that customers’ security is a priority. In the age of data breaches, stolen identities, and other personal information vulnerabilities, strong cybersecurity protections should be a ubiquitous part of the online experience.

Unfortunately, the prevalence of these alert systems is poor and must change. Particularly as trust becomes one of the strongest currencies in the modern marketplace, every company that offers login capabilities should be equipped to notify customers when unusual activity occurs on their accounts.

The following reasons illustrate why we need to democratize account security alerts for the benefit of the majority of businesses:

Improved User Experiences

The process of protecting user accounts and data opens tremendous opportunities to enhance user experiences. After all, understanding when customer behavior falls outside of expected patterns requires organizations to understand their customers’ normal patterns—which is information that can be put to use not only in protecting customers from outside incursions but also by personalizing their experiences and removing friction.

Take retail, for instance. To date, most retailers have been focused on reducing friction in the buying process by pushing shoppers to purchase as quickly as possible. But retailers also recognize that building trust is incredibly important as well. In this regard, leveraging customer data to enable security alerts for suspicious activities can serve two purposes: It demonstrates the importance the retailer places on protecting a customer’s data, and it helps the retailer understand the customer better by identifying new patterns in behavior that can help the retailer optimize the customer journey going forward.

Empowered Customers

Beyond improvements in the customer journey, visible cybersecurity helps build customer trust and confidence in transacting with businesses. Ultimately, customers are the last line of defense in protecting their own accounts, and sites should equip them with the tools and information they need to feel in control.

Tech platforms and large financial institutions message to customers constantly as it relates to their privacy and security, two concepts that are inextricably intertwined. This messaging helps customers understand that they are in control of their data and personal information. As part of this, a shared sense of responsibility emerges between the customer and the company when it comes to cybersecurity. By empowering customers with an understanding of how their data is being utilized for security purposes, companies of all sizes can forge deeper partnerships with their customers.

Building the Network Effect

If the goal is to improve account security for everyone, democratizing basic cybersecurity measures, like account alerts, across a wider array of sites and services will necessarily deliver measurable improvements. The key is for organizations to unite and share cybersecurity data and intelligence, which rarely happens.

Tech titans have an easier time of it since they have outsized data assets and the resources to build and maintain their own cybersecurity stacks. For competitive reasons, they’ve kept the cyber, fraud, and risk intelligence gleaned from their systems within their own walled gardens. Indeed, their advantages stem from being “data-rich.”

As we look to truly democratize account security across organizations and industries, options to share data that improve our collective security posture must emerge. By looking to external solutions for customer alerting, the benefits to companies are two-fold: First, they’re not tasked with the significant day-to-day maintenance of these mission-critical data resources. Second, they can become part of a network that strengthens the protection of users and their digital identities across all participants.

Strong, visible cybersecurity is too important for it to be reserved for only the world’s largest enterprises. It’s time to democratize strong protection and customer alerting systems across the business landscape. In doing so, we can build the foundation for a more-secure, privacy-first global marketplace that unites the interests of companies and their valued customers.

Ari Jacoby is CEO of Deduce.

With the advent of Internet of Things (IoT) technology and Industrial Internet of Things (IIoT), the cyber security practices are increasingly getting integrated with the physical security practices.

We will provide insight on NDAA Section 889 and how the act has evolved and impacted business, so that organizations can better mitigate risk and stay compliant.