Last time we talked about how much fraud costs an individual user when an online account is compromised. What happens to a social network's user once they leave? Do they ever come back or are they forever a lost customer? In a digital age where the newest thing is always one step away, the answer is usually geared towards the latter – customers part ways permanently.
Everyone always tries to pin a lifetime value on a customer, but even if we look at a year's worth of revenue, mistakes can add up. Last year, a single social network could generate around $9.50 per user per year on advertising revenue alone. For a social network with 50 million users and an estimated abandonment rate of 5%, that can add up to $23.7 million in potential revenue missed in one year.
When one of my favorite website accounts was hacked last year and I found a few hundred surprises being charged to my credit card, I was adamant about fighting the thief and reclaiming what was rightfully mine. With zero liability on credit cards these days, the financial aspect was taken care of with ease. Trying to restore my account access, however, was a complete nightmare. The culprit bypassed all of the site's security measures—changing my contact email, birthdate, and backup security questions. Everything I had in place to restore a compromised account was indeed compromised.
I spent a good part of a month trying to reset my password but never had any luck. After a few weeks, I was finally able to contact a representative and restored access to my account. I immediately changed all my information and removed any payment information. The next week after that, I was completely locked out of my account- again. After that last straw, I resolved to never purchase anything over the site anymore, after having spent an average of $30 a month. And, to this day, I still have not spent a single penny with them.
Had I not used this site almost everyday, imagine how this scenario would have played out. If I were locked out of a networking site and failed to restore access on the first attempt, I would have given up then and there. The brand would be sorely tarnished in my eyes and I would think twice before going back again. Essentially, they lost me as a customer and potential recurring revenue.
How then can we insure that, when security is breached, that we are able to maintain a user's loyalty to a brand? Part of the solution lies in making it as convenient as possible for the true owner to restore access to their account.
Accounts become compromised everyday but it should never be that difficult for the rightful owner to regain access. If a social network or, for that matter, any site can efficiently control the damage, the user might have a chance of staying. What better way to do that than by using mobile verification? Using something that the user always carries – their phone – and verifying information through something we know – a user's phone number – cannot be easier. A fraudster might be able to get access to my account but it is pretty unlikely that they will gain access to my account AND steal my phone. Regaining access to my account with one SMS or voice call takes less than a few seconds and lets me get back to what any company wants me to do: spend money. Win, win if you ask me.
A big shout out to Kenney Deng for all his help with this blog!