Why MFA Translates to “More Frustrating Authentication”

There’s a cooler way to MFA

For the most part, multi-factor authentication (MFA) is effective at preventing account takeover (ATO) and other types of identity fraud. But the friction it adds to the user experience is a different story.

We like to think of MFA as “More Frustrating Authentication.” (Users with shorter fuses may prefer a different F-word). Like the helicopter parent who insists on walking their teenager to the mailbox, some MFA solutions are too overbearing and easily triggered, resulting in false positives.

Flagging legitimate users and adding multiple steps to the verification process is a sure-fire path to churn. For e-commerce brands, specifically, adding unnecessary MFA friction to existing problems such as cart abandonment and chargebacks is not on their to-do list.

Not winning any popularity contests

In 2019, a Google poll found that only 37 percent of respondents used MFA. That same year, 29 percent of respondents in a BYU study agreed that logging in with a second factor wasn’t worth the increased security.

These numbers firmly place MFA in the “Least Likely to Succeed” category of the high school yearbook. With more consumers ditching their desktops — 51 percent of US online activity was mobile in 2020 — and attention spans growing shorter by the day, user sentiment regarding MFA will continue to trend negatively.

Ironically, some outdated MFA solutions lend themselves to fraud. For example, sending a one-time passcode to a user via SMS — a widely used authentication factor — can be compromised by fraudsters through SIM-swapping. Yet another reason for MFA’s struggles.

The friction affliction

Customer churn is the most glaring downside of implementing a traditional MFA approach. Flashing a security badge to enter an office building is understandable, but a user undergoing multi-factor authentication upon each login defies justification.

Lost sales and customers are logical outcomes of MFA friction: no one wants to jump through a series of password reset hoops. Per a CMO Council report, 81 percent of users indicated they would seek out companies that employed an easy and secure identity verification process, while over 60 percent had canceled a transaction due to inefficient authentication. Deduce has seen cases in which tens of thousands of new monthly users gave up on brands due to sluggish new account verification alone — long before a conversion can take place.

The hit to customer lifetime value, and potentially brand reputation, is a tough pill to swallow. The increased friction may lead to more hours for customer support reps as well, who surely have more pressing matters to handle.

The cooler way to MFA

Fret not, there is still hope for MFA — it just needs to be smarter.

Passwordless MFA is one intelligent multi-factor option. Roughly one year ago, Auth0 released its Adaptive MFA product, a contextual solution that flags login attempts carrying legitimate risk. Another great example of reducing user friction is Stytch’s just-in-time authentication. These approaches are all steps in the right direction, as complex verification scenarios, like logging in from a new device, require increased intelligence and lots of data.

Deduce’s real-time intelligence layer is the perfect complement to these tools, and it can be seamlessly integrated right on top.

The Deduce Identity Network, consisting of more than 450 million anonymized user profiles, gathered from over 150,000 participating websites and apps, analyzes 100+ factors in real-time to verify a user’s identity. Aside from preventing account takeover and account creation fraud, Deduce’s algorithms — which also comprise billions of daily interactions from across the web — significantly reduce the odds of credible customers getting flagged for false positives.

Don’t let MFA be a multi-factor detractor. Contact Deduce today and discover the smarter way to MFA.