MSPs face increasing pressure to help businesses of all sizes address shifting user preferences in a post-pandemic world. This is particularly important for small and midsize businesses that may be more reliant on their MSP partners to navigate a changing technological environment. While many MSPs have made protecting SMBs’ security posture their top priority, new research from Ping Identity reveals that consumers want frictionless online experiences without sacrificing the security of their personal information.
Despite the expedited digital transformation SMBs underwent during the pandemic, many businesses still underdeliver on consumer expectations for convenience, the study found. If SMBs want to earn consumers’ trust long-term, they need MSPs to help them prioritize simple online experiences without sacrificing the security controls that protect them from fraud.
For example, the study found that 63% of consumers feel better about services that use multifactor authentication (MFA) at login, which is a 10% increase from last year’s survey. This shift suggests that SMBs must provide convenience without sacrificing personal privacy to win over consumers.
Otherwise, SMBs may face defections. More than 60% of consumers in the study said that they would switch to a competitor if the login experience was easier. Nearly 60% have also abandoned an online experience when the login process was too frustrating.
It’s no surprise. Consumer preferences shifted during the pandemic toward everything being online—shopping, banking, working, etc. The user engagement experience became a top priority. But fraudsters saw this increased online activity as an opportunity because they are no longer stopped by on-premises boundaries. SMBs’ attack surfaces have grown with an increase in apps, APIs, and SaaS services, so there’s a greater need to defend resources from attacks on multiple fronts.
SMBs need MSPs’ help in giving legitimate users access to the resources they need from any location at any time on any device without causing them to jump through too many hoops. But they can’t compromise on fraud protection. The research found that 43% of consumers have experienced fraud as a result of having personal information stolen online. More than half (53%) of consumers who have experienced fraud are more cautious about revealing information, while a third (33%) look for businesses that utilize MFA or other alternative ways to log in. And, depressingly, three-quarters (77%) of consumers feel that they will never be fully in control of their personal information online.
How MSPs Can Help
To accommodate this shift, MSPs must first help their SMB clients understand that online fraud can occur at any stage of the customer journey, not just at checkout. Unlike real customers who spend time browsing or searching for what they need, bots and fraudsters work quickly and directly to complete their fraudulent activity. MSPs can address this vulnerability with comprehensive monitoring and early detection that reduce the number of fraud incidents.
An enhanced fraud mitigation strategy should also look at user behavior and device signals throughout the consumer’s journey in real time, with minimal disruption to legitimate users. That’s because online fraud can take many forms, including account takeover (ATO) fraud, new account fraud, checkout fraud, and business email compromise (BEC), which was the costliest form of fraud in 2020, accounting for $1.8 billion in losses. MSPs can bring together identity proofing, access management, and fraud detection to provide users with a seamless experience while defending against multiple attack vectors. New online fraud detection tools use AI to recognize suspicious behavior and prevent fraudsters from creating accounts, logging in, and/or completing transactions.
Bot detection is another promising service MSPs can offer. Bots can be utilized at any stage of the user journey for online fraud, using scripts to conduct the same actions over and over again. Bots are becoming increasingly capable of mimicking human behavior, with some being more successful with captcha challenges than real people. These challenges add friction for actual customers, who give up in frustration. Bot detection tools need to limit friction for legitimate users while identifying and stopping bots.
To earn SMB customers’ business without sacrificing security, MSPs can help make registration and login easy and efficient, assuring customers that data is secure by asking only for what they need, and ultimately, giving customers more control over what information they share and with whom through the use of digital IDs.
ALEX RYALS is vice president of channel sales at Ping Identity.