SecurityBrief New Zealand - Technology news for CISOs & cybersecurity decision-makers
Story image
The surprising reason customers are abandoning digital transactions
Tue, 5th Dec 2023

Conventional wisdom suggests abandonment is caused by price or cost, but new research suggests that sales, marketing and digital experience designers should broaden their search for answers.

There’s a lot of different terminology for it - transaction, cart or basket abandonment. The result for customer-facing organisations is the same: missed opportunities for interaction and/or revenue and a desire to understand why.

Shopping cart abandonment rates in eCommerce are said to be around 70% of all customer interactions. Most analyses attribute the cause to product price or shipping costs, which may not be clear upfront. 

Of course, not all transactions are about purchases and the exchange of goods; some are about signing customers up to financial services products or digital health-related tools and services. Not every sign-up is completed, yet abandonment is often described as if it’s a uniquely retail problem.

There is one common denominator across all customer-facing services that’s increasingly behind abandon rates, and which does not receive the attention it deserves.

All of these services need a way to identify who a customer says they are and to approve their access. This comes under the umbrella of Customer Identity and Access Management or CIAM.

CIAM is a technology discipline that enables organisations to securely capture and manage customer identity and profile data and control customer access to applications and services while minimising inconvenience to customers. 

For example, the processes and technology required to grant self-service access to eCommerce accounts are critical elements of CIAM. CIAM also enables a company to protect customers’ privacy and keep track of customers’ granting of consent to have their information stored in databases.

There have been some clues in the past that CIAM-related challenges are a factor in transaction abandonment; again, this is often couched in retail eCommerce terms, where there may be mandatory account creation forced on people during the checkout process. Discomfort over the sharing or storage of that data, over the site’s privacy terms, or with the process generally will inevitably see a percentage of customers drop out. Again, historically, this has been difficult to quantify.

However, new research offers a detailed view of this phenomenon: one that goes way beyond retail/eCommerce, testing CIAM factors on digital service provision in a range of sectors such as finance and health; and one that properly quantifies the levels of transaction abandonment.

It shows that customers are abandoning transactions and log-ins at a seemingly high rate. 

One in six respondents say that “users abandon/stop logging in” or that “users abandon transactions” between 11% and 30% of the time in their organisations, and 64% say users abandon transactions up to 10% of the time.

Even a low percentage of abandoned transactions can affect financial performance. For instance, if a billion-dollar business experiences transaction abandonment just 1% of the time, that’s a $10 million revenue loss. Decisions about investing in CIAM should factor in such financial metrics.

Key customer concerns

The research shows that abandonment can be at least partly attributable to issues with identity and access management solutions. CIAM systems with sub-optimal functionality or reliability may cause customers to abandon log-ins and transactions. In the worst-case scenario, they patronise a competitor and do not return.  Indeed, the Brand Loyalty In the Age of the Digital Economy 2023 survey found that only nine percent of consumers have full trust in the organisations that manage their identity data with 41% of consumers indicating they would feel more protected against fraud if businesses offered biometric authentication with 50% feeling more secure when Multi-factor Authentication is deployed.

Indeed, CIAM problems can lead to transaction abandonment. 

Just under half of respondents say that the “need to reset password” is one of their top three reasons for user transaction abandonment. For 41%, the CIAM-related issue driving abandonment is the “number of security steps” involved, while “difficulty signing in” and an “excessively lengthy registration process” tie for third place ranking for abandonment, at 34% each.

Other elements of CIAM that led to transaction abandonment are “can’t remember security questions” (32%), “intrusive personal information requests” (32%), and “poor login experience” (31%).

Thinking bigger

While the research establishes a clear causal link between poor CIAM implementation and transaction abandonment, it is clear that not every digitally-driven, customer-facing organisation has necessarily made the connection or come to that realisation themselves.

One reason for this appears to be compartmentalised thinking, where CIAM is considered a matter for IT and security teams rather than the digital or marketing teams that bear more responsibility and control of customer-facing experiences.

The research finds a relatively low level of support for CIAM among sales and marketing leaders, with just 23% “fully bought-in” and 35% “somewhat bought-in.” So, those who have primary responsibility for core business growth have the lowest levels of buy-in of any internal user surveyed. 

The idea that CIAM is an IT and security matter that does not affect sales and marketing outcomes is a fallacy, however, given the relationship between customer experience and sales and marketing results. 

Considering CIAM’s potential to enhance customer experience, there is an opportunity to build greater awareness and appreciation of CIAM as a driver of growth rather than being strictly a security or compliance requirement.

Ultimately, right now and moving into 2024, consumers will continue to demand convenience, security and concrete steps taken by suppliers to ensure that data does not fall into the hands of unauthorised parties. Multiple layers of protection are required, but steps are also required to ensure that, once data is no longer required, it is deleted from all e-commerce systems.

To retain their confidence and trust, e-commerce businesses need to create easy, secure and personalised buying experiences that alleviate security concerns without collecting too much personal data.