Zumigo facilitates easy and secure customer sign-up/sign-in process and protects merchants from fraudulent purchases
Passwords are … Frustrating. Unsecure. Cumbersome. Expensive to manage.
And yet, it is still the most popular method of security and authentication of a customer’s digital account today. The challenges of using passwords have been discussed in many different forums, so we want to begin this discussion with a new approach of authenticating the customer and verifying the risk associated with a transaction.
With Zumigo DeRiskify’s passwordless approach, the customer first signs up for an account at the merchant’s store by entering the email address, name, physical address and mobile phone number. Zumigo silently authenticates – without additional steps from the customer – the customer’s mobile phone number and further validates the name and address associated with the mobile account on file with the network operator. Upon verification, the account is created and the customer can start shopping.
As a fallback to silent authentication, Zumigo can send a one-time passcode to the mobile number entered. The customer enters the passcode in the next screen. Upon verification of the passcode and validation of the name and address associated with the mobile account on file with the network operator, the account is created and the customer can start shopping.
For subsequent access to the account, the customer can enter either their email address or mobile phone number to sign in. No passwords to remember, to get hacked, or to be replaced regularly. This helps reduce customer friction and increase conversion. Additionally, upon completion of enrollment, customer shipping and billing information can be pre-filled during checkout for faster checkout.
While the customer’s interaction with the e-commerce store is important to the business, merchants also need to protect customers and the business from fraud. Fraud can include activities such as fraudsters using someone else’s payment credentials to place orders, or gaining access to customer accounts to steal credentials or services. The result is a tangled web of investigation, lengthy chargeback process, unhappy customers hit with financial loss, and the erosion of brand and reputation.
The key to preventing the above challenges is to make sure the fraudulent transactions are identified before fulfilling them, while providing a secure way for customers to access their accounts.
To assess the risk of an order at checkout, Zumigo analyzes customer and payment risk factors against authoritative, real-time sources. Zumigo uses the mobile phone number entered to validate the associated name and address, and payment instrument; IP address of the customer’s browser client; email address validity; and geodesic distances between billing address, shipping address and customer IP address. As a fallback, orders can be verified by using SMS for mobile number and voice call for landline to confirm phone possession.
Based upon the verifications above, a trust score is provided for each transaction so that a merchant can choose to fulfill only the low-risk transactions. Merchants can also use the Zumigo DeRiskify dashboard to get an overall view of the transactions: total number of transactions, high risk orders, high risk customers, suspected fraud orders processed and value; type of merchandise that is high risk; and location/origins of risky transactions. Or drill into each transaction for more information.
This approach prevents fraud in online purchases and improves conversion rate and purchase process with pre-fill form. This is exactly the outcome that merchants are looking for.
Tariq Ahmed is Managing Director for Canada at Zumigo. Comments? Questions? Find him on LinkedIn @tariq-ahmed17.