Onboarding new customers is your first chance to say hello while making a great first impression.
But if your process isn’t welcoming, frictionless, and secure, it can end in a quick goodbye.
Today, people expect a secure, simple onboarding experience. At the same time, product managers and sales teams are incentivized to board as many new users as possible.
In this article, we define and examine onboarding best practices across industries, discuss the danger of a one-size-fits-all approach, and show how to create confidence in your brand by updating your security stack with onboarding solutions tailored to your business.
Onboarding is the first stage of the customer journey, and it’s your first opportunity to establish trust with your new potential customers. As unknown users land on your website or download your app, onboarding is the process that grants new users the necessary permissions to access your platform or ecosystem.
To prevent fake users, bots, and fraudsters from creating an account, it’s common to require new users to verify that they’re a real person using varying authentication and verification methods.
But effective onboarding is complex and difficult to get right. If new customers encounter too many obstacles—such as multiple verification requests, challenging captchas, or countless user inputs—they will give up and go elsewhere. In fact, it’s estimated that up to 67% of site visitors will abandon your form if they encounter complications.
At the same time, making the process too easy opens the door for bad actors seeking to create havoc by setting up shop in your ecosystem.
Since fraudsters can ruin even the best-planned customer experience strategies—and drive good customers away—let’s first examine the types of onboarding fraud and how they happen.
Fraud that occurs during onboarding, referred to as new account fraud, is when a bad actor creates a new account and moves through the onboarding phases using stolen or fabricated identity or creates a new account with malicious intent.
New account fraud results in the account creator exploiting their newfound entry to a business or financial institution. In fact, nearly half of all fraud occurs from accounts that are less than a day old. It is therefore critical to monitor new accounts during the first 90 days to ensure they are legitimate to prevent devastating fraud schemes.
Fake accounts are the automated creation of a large number of user accounts that are not associated with a real person and are used to carry out malicious, often criminal, activity.
From disinformation bots on social media, to the fake reviews plaguing e-commerce, fake accounts cause a multitude of consequences. With basic sign-up forms (name, email, and password) and minimal user verification, fraudsters can exploit the onboarding workflows and create tens of thousands accounts in seconds. Today, it’s estimated that one out of every four new accounts sign-ups are fake.
Synthetic ID fraud is a type of malicious fraud in which fraudsters combine real and fake personal information in order to build an entirely new identity, and then leverage this new identity to build credit and make purchases.
With billions of personable identifiable information (PII) records available to purchase on the dark web, synthetic identity fraud is a low-cost and low-tech attack that yields great rewards for fraudsters. It’s no surprise synthetic identity fraud is one of the fastest growing types of attack vectors.
Promotion abuse occurs when a customer bypasses policy loopholes and creates multiple accounts to continuously take advantage of a company’s sign-up offers (coupons, free trials, referral bonuses, etc.).
While creating a new account using a burner email address to take advantage of another 30-day trial may seem innocent, promotion abuse is one of the costliest types of fraud for retailers.
Virtually every retailer has experienced an uptick in promotion abuse fraud, and the average retailers loses a significant 1.2% of their annual revenue to promotion abuse.
Chargeback fraud occurs when a customer exploits a company’s refund policy in bad faith.
Typically, a chargeback is used when a customer requests a refund to resolve a dispute with a vendor. With chargeback fraud, a bad actor requests and receives a chargeback for no reason other than to scam a business for financial gains.
In this scheme, whether a person claims their package was never delivered or it was damaged right out of the box, the strategy is the same: They receive a refund and keep the product.
IRSF is a type of communications fraud that uses scripted attacks and illegal business practices to make unauthorized calls and messages to premium rate numbers. Typically, a fraudster will acquire a range of phone numbers from a small, unregulated country.
Using a fake account bot script, they attack a company’s sign-up form, creating thousands of new accounts, prompting the delivery of one-time pass codes (OTPs) to phone numbers they acquired.
Premium rate numbers can be up to 50x more expensive than a standard number. The average attack costs businesses $50k.
Onboarding fraud is ubiquitous across industries, each with its own vulnerabilities and methods to combat it. For example, fintech and financial industries must adhere to strict anti-money laundering laws (AML) and Know Your Customer (KYC) compliance regulations. And the price for not adhering to these standards can be costly.
Recently, banking giant Wells Fargo was hit with a $7 million dollar fine from the SEC for not adequately monitoring and reporting money laundering.
While retailers aren’t required to prove the identity of their customers, they must juggle the challenges presented with promotion and review frauds. However, retailers who sell age-restricted products (tobacco, alcohol, adult content, and more) are required to verify the age of their customers.
From fighting fraud to maintaining compliance, effective onboarding is complex.
Here are industries fraudsters target, along with the most common methods of attack:
Next, let's look at how an improved onboarding strategy can provide the necessary friction to fraudsters without diminishing overall user experience.
An onboarding strategy that delivers security along with a delightful customer experience builds loyalty and keeps customers engaged and coming back.
Here are some of the main reasons to prioritize your onboarding process:
The best onboarding security strategy is one your customers don’t see. Ultimately people want to conduct business—and many aspects of their lives—with brands that protect them behind the scenes while providing quality service.
At Telesign, we can help you deliver a fast, efficient, and secure onboarding experience that builds trust and protects your customers.
We enable you to create an onboarding experience that challenges risky users while fast-tracking legitimate customers. We create a scalable, frictionless onboarding experience, letting you concentrate on identifying users, analyzing risk, and authenticating effectively.
We’ve helped some of the world’s most trusted companies optimize their onboarding process and successfully prevent fraud.
And as the industry leader in phone number intelligence, we offer unparalleled protection, using billions of digital interactions, mobile signals, and traffic patterns to silently assess the risk of new customers simply by collecting a phone number during sign-up.
Telesign allows you to:
Chat with us today to create secure onboarding experiences for your customers. Keep them safe and coming back.