Do you ever wonder why signing up to pay your bill online turns into a lonely game of escape room? Who designs these websites? Do you think they have tried it themselves? These are but a few of the questions that come to mind after watching my family and friends in agony over getting signed up. It’s painful for them and too painful for me to watch sometimes.
If I look at where the common pitfalls are, it really centers on user registration and the authentication process.
Sure, some sites avoid this altogether and let you pay your bill “securely” by allowing you to input something unique enough such that the payment will credit to the proper account. This is typically limited to organizations like phone companies where something like a phone number can be used. Having said that, to make this as effortless as possible, the golden rule of “60 seconds on a website” must apply. That is that you only have 60 seconds to reel in an online prospect or they are gone and will never return.
I see the use of social account icons to facilitate the input of email addresses being used but not nearly enough. Most sites still require a user to type the email address and create a ridiculously long password. It is the latter where we begin to lose the user. Most process and web designers don’t realize that just creating a password is enough to lose the user. I have watched friends and relatives literally get up from their devices to go and get a pen pad to write down different passwords to use.
What are my dogs’ names again? What are my children's middle names? What is a special character?
Now 30 of 60 seconds have passed and the user hasn’t started typing anything for a password. Once they have typed it into the first password field, most will fail the password match when it is typed into the second field. Times up and unfortunately it is still easier to write a check, go buy a stamp and drop the bill into a mailbox.
The use of passwords is not secure enough to be used as a single factor of authentication, so another factor must be used. Once again, we will burden the user to perform another task – usually typing in a code that was sent to our email or phone. Of course, all a bad actor has to do is present a very convincing-looking website and ask the user for both and the online account is compromised. 😳
PasswordFree Authentication™ reduces the friction and takes the possibility of phishing off the table. With a look and a click or a tap, users can register and authenticate in a few seconds. A simple service is available to web designers and developers such that they can go PasswordFree™ by plugging in a couple of simple APIs.