The Privacy Calculus and the Power of Progressive Onboarding
The simple question that progressive onboarding hopes to answer is why spend your money and the customer’s time on a highly rigorous check for a low-risk action?
Asking for too much, too soon, will kill any relationship. You wouldn’t ask someone you met 5 minutes ago for a ride to the airport at 5am—that’s a question for after you’ve established a trusted relationship on both sides. It’s the same in the digital world. Asking for a customer to trust you with their personal details when they first meet your business is a proven relationship-killer: a 2023 study by Baymard Institute showed that complex sign-up processes lead to a 25% abandonment rate. Signicat’s research was even more dire: they found that 6 out of 10 customers abandon the digital onboarding process if it is too long, too complicated, or requires too much information.
That data is clear: if onboarding is too complex or asks too much, customers abandon. On top of that, consumers care more than ever about how their data privacy is maintained. They are constantly doing the mental math of what researchers call the privacy calculus, which is the idea that we self-disclose personal information when the perceived benefits exceed perceived negative consequences. When the spillage of PII is constantly making headlines, the perceived risk threshold for consumers is higher than ever. Yet, with digital financial institutions (FIs) averaging a full-day fraud attack every other week, the notion of asking new customers for less information initially and trusting them more can seem absurdly risky. Then again, consumers could make the same argument from their perspective: between data breaches, advanced biometrics technology, and genAI-enabled deep fakes, why should they trust a new company with their precious personal data?
These issues of balancing identity verification, fraud prevention, and onboarding are not new. They’re often all swept under the umbrella of “friction,” the known killer of customer experience (and driver towards competitors). Unnecessary friction costing you customers is an issue in itself—but it doesn’t factor in your money wasted on fraud checks in onboarding a customer who doesn’t want what you’re offering. Digital onboarding is expensive, costing FIs around $120 per customer due to fraud checks, manual background tasks, and more. That’s a big price to pay for someone who isn’t even sure they want your services.
The one-size-fits-all customer approach isn’t working anymore. You’re losing too many customers and spending too much on resources.
The Power of Progressive Onboarding
Progressive onboarding throws out the one-size-fits-all mentality and instead focuses on obtaining only essential information initially and gradually requesting more from your customer as they expect more from you. It’s a trend we’re seeing across the payment processing world and trickling out into other FI strategies. Here’s what this might look like in practice:
- A customer first visits your site and signs up for services. They just want to understand fees and look around, see if this is the company for them. So, you ask for something small at sign-up: a name and email. No fraud check, no FICO score, no KYC process—no heavy ask for someone who might just be looking around.
- As a customer sees that your business can provide what they need, they start transacting more and more. Perhaps they want to transfer $50, and at that trigger, slightly more information is required: A date of birth, physical mailing address, phone number. Enough to cover a low-entry fraud check for a low-risk activity.
- With each level of risk, the customer is asked for more information. This is a logical progression from both ends: the customer understands that they are asking for more services, as they go from transferring $50 to $5,000 for example. They are being asked to provide more information in a logical balance of that privacy calculus. And your business is spending resources on someone who is committed to transactions who has proven to be more than a window-shopping customer who signs up on a whim.
Note about bust-out fraud: Of course, there is a balance of building trust with that example consumer who goes from a $50 transfer to a $5,000 transfer. Some fraud is conducted by building trust and then busting out—which is why it’s important to continue to include levels of passive risk checks (such as behavioral analytics) in the background of every transaction and trust-building exercise.
It’s simple enough in concept: the more risk, the more friction in the medium of submitted personal information. If a customer never does anything other than poke around, then you never needed their Social Security Number to begin with—you save the costs of verifying their riskiness. It’s not only better customer experience, it’s cost optimization through tailored friction (why spend a Ferrari-level fraud check on someone who wants to buy a pair of roller skates?).
Let’s look at a digital banking example: with a progressive approach, a customer might sign up for a basic checking account with basic fraud checks and speedy approval. Maybe this is accomplished through a real-time behavior analytics flow, where you don’t capture PII but only look at digital interactions at loan sign-up to determine intent. From there, you can make a call on if you can fast-track them or if they show signs of maliciousness. This is similar to what NeuroID customer Addi set up when transforming their onboarding from 7-minutes to less than half of that time, with lowered fraud numbers: “With NeuroID, we have enough information on good applicants sooner, so we can fast-track them and say ‘go ahead and get your loan, we don’t need anything else from you.’ And customers really love that.” (read the full case study here).
Fraud prevention and detection is still a big part of progressive onboarding, it just happens as a growing relationship earning mutual trust. Tangled fraud stacks don’t force multi-layered checks and step-ups, which can turn into tedious onboardings that sometimes hurt genuine customers more than fraudsters (check out this particularly rough example, where it was easier for bots to get through onboarding, despite their fraud prevention checks, than it was for genuine users).
The simple question that progressive onboarding hopes to answer is why spend your money and the customer’s time on a highly rigorous check for a low-risk action?
But beyond that simple question, there are more complex benefits. For most of our customers, onboarding into an ecosystem can mean access to a wide variety of products, including ones that are truly designed for different types of customers. This could be, for example, a banking account for a child vs a savings account for an adult, or a checking account vs. a 25K credit line. These bring various exposures or risks with each offering. Fraudsters know this, and they’ve worked out how to enter at the least aggressively protected point, then switch products. They take advantage of an assumed relationship. Without progressive onboarding, there are often built-in gaps where fraudsters can have an easier time getting a high-risk product because they already came through a low-risk entry point.
We saw this danger in real-time with a recent consumer finance platform customer. Advanced fraudsters probed until they found the product with the easiest barrier of entry, and once inside they went on to immediately commit a full-force bot attack. We helped this customer work to create progressive onboarding that includes very clear (and fully passive) fraud controls that need to apply to every single person coming through the ecosystem. Once those fraudsters already onboarded have been weeded out, they will now have to go through appropriate controls based on the level of risk of the product—not on an accepted relationship.
The Balance of Risk and Rewards
We’re facing a rapidly evolving digital landscape, where customers can jump to a smoother user experience with the click of a button. User-centricity and risk-awareness need to go hand-in-hand. Today’s advanced behavioral analytics support both goals by giving digital banks, businesses, and financial institutions the ability to provide real-time risk assessment that evaluates users dynamically, based on their behavior, with no added friction. By tracking intent at first interaction, you maintain the necessary fraud awareness without adding unnecessary data collection and friction.
