With security of any sort, its difficult to achieve a balance between achieving the right level of security and convenience or perhaps better put, the least possible disruption for customers. Take airport security for example, the implementation of tighter security measures to thwart terrorism has created significant frustrations, costs and inefficiencies. Relative to the consequences though of a breach, this is mostly tolerated.
So – perhaps the first issue to address is whether both parties to any secured transaction have the same view of the extent of risk and consequences thereof. In some business relationships, the service provider may have a much better insight into the nature and probability of risk. If this is the case, there’s obviously a need to educate and inform customers so that a similar and mutually held view of the likelihood and impact of risk is shared. This will help to avoid a mismatch and potential drop off in customer satisfaction.
Now that biometrics are becoming mainstream, there is the potential to fundamentally change the traditional equation of higher security = higher hassle. Biometrics are versatile and intuitive and, if set up correctly, biometric enabled solutions should provide an easier experience. There’s also the very important consideration that the person being verified doesn’t have to remember anything. They are their biometrics!
An essential part of simplification though is in building more intelligence into solutions. In order to provide the right balance between usability and security, the solution needs to seamlessly switch to higher levels of rigor when needed. This step-up (and step-down) capability automatically helps the get the balance right. Within this, significant attention needs to be provided to design. If the solution design has considered the right kinds of prompts so that users understand what to do when and why, this helps to mitigate a lot of the potential frustration.