In the new normal, digital trust is essential for the future of the global economy. E-commerce platforms must demonstrate a higher degree of trustworthiness as they offer a growing portfolio of products to the consumers through interconnected and modern technologies. Even as data allows brands to offer hyper-personalization, the fabric of trust across the tiers of security, privacy, risk, transparency, ethics, and governance is being tested by the increasing number of data compromises and access breaches due to unmanaged vulnerabilities in the digital ecosystem. Any adverse impact on these tiers/parameters can directly impact the trustworthiness of the enterprise, resulting in a significant loss of reputation and relationship with consumers. Last year, Juniper Research predicted that between 2021 and 2025, merchant losses to online payment fraud would exceed $206 billion in total.
In their eagerness to get personalized brand experiences, consumers tend to compromise or become short-sighted toward online threats. Now with greater awareness of the risks, they are more wary about entrusting brands with their data if there is not enough clarity on how it would be used and managed. They want more assurance that their data will be secure, and the digital ecosystem will not use the customer data beyond the purposes for which it has been collected. Effectiveness and transparency of security controls is key as that will ensure a frictionless experience for the customers and act as a catalyst for strengthening the trust between the customers and digital ecosystem.
Leveraging data for insights on user interests and preferences to plan and launch themed advertisements and marketing campaigns has been a key e-commerce driver. Now, with the heightened cybersecurity concerns, organizations must demonstrate that adequate security and privacy controls are in place to safeguard user data. This includes effective controls for risk management and assurance, ensuring proper management of identified vulnerabilities as per the criticality and priority. Otherwise, with the boom in digital channels, consumers have more options to choose from, and need not stick with one platform if another were to offer a more personalized and trustworthy experience.
Therefore, the top priority for e-commerce businesses is to ensure meaningful experiences as consumers interact on their digital platforms and build lasting relationships. Given the role of consumer stickiness in driving future business, organizations must implement transparent and ethical policies to protect customer interest and build trust across the digital ecosystem of people, processes, and technology of the enterprise.
Digital trust: A balancing act between data security and business intelligence
Today’s consumers prefer a frictionless and secure browsing experience that allows them to access, transact, and check out quickly with minimal touchpoints. Businesses, too, want frictionless and intelligent interactions that enable personalization.
Various elements of security must be factored in to create the kind of e-commerce or digital experiences that consumers want. To alleviate user concerns over security and improve brand reputation and stickiness, e-commerce businesses must establish:
- Their capability to collect the right set of data while respecting user privacy and preferences
- Their integrity in analysing data – whether they are using actual user data or metadata to draw meaningful inferences
- Verification of user identity as a real person and not a bot or fabrication
- Solutions to curb rising levels of online eavesdroppers and fraudulent transactions
- Principles of secure-by-design and zero trust ensuring foundational and transparent security controls across the digital ecosystem
Becoming secure by design
E-commerce platforms that choose to impose stricter security controls over user access are in danger of losing their interest if the process becomes too lengthy. Alternatively, they can choose to be secure by design and strengthen the fabric of trust across the e-commerce ecosystem. That means defining the parameters of modelling the digital platform at the outset. It also includes defining the means to capture consumer information. To ensure nimbleness and identity management that are vital for a harmonious user journey, businesses can create transparency by informing users of the kind of data that will be collected, taking their consent, and managing user preferences. However, users must have the option to change their preferences at any point and be excluded from mailing lists etc.
Organisations must also customize design to suit the needs of different functions – security, risk, marketing – that leverage the digital platform to render a unified experience to the consumer. The contribution of marketing insights must be balanced with the threat of associated risks. Ensuring data privacy and obtaining and managing consent are integral right from the app development stage and not as an afterthought. Similarly, organizations must ascertain the need for a higher degree of authentication in the case of certain users. For instance, would adaptive authentication make the most sense, or would a password-less, biometric authentication process work better for a more critical website? In the case of a European postal services organization catering to millions of customers, they chose to implement our identity and access management solution to establish a framework of zero trust security.
To ensure a frictionless experience, organizations can use progressive profiling. For instance, this means that the consumer is required to provide minimal registration details rather than being forced to fill in all kinds of data at the first point of contact. In addition, users get to enrich their profile, and enable and manage their own security features and authentication credentials. As trust towards the platform improves, users can be prompted to share data with their consent, to enable more relevant service offerings. The platform must intelligently tailor its recommendations according to predictable consumer behaviour rather than using preferences or browsing history. For example, targeting specific campaigns during metro rush hours can help reach more people since consumers are likely to have more free time during their journey to engage.
The user experience, when decoupled from security, is broken and piecemeal. When stitched together with these security considerations, it lays the path for a single identity model in which consumers can trust the business with the assurance of a uniform, omnichannel experience bolstered by data privacy and security measures. As ecommerce platforms find the fine balance between securing data entrusted by consumers and using it for business insights, the digital trust and frictionless experience they build will provide solid ground for sustainable growth.
The article has been written by Vishal Salvi, Chief Information Security Officer & Head of Cyber Security Practice – Infosys