How Can I Make My Users Feel Safer?
By Derek Quach
September 21, 2022
Amongst teens, 95% of American teens have or have access to a smartphone. Between college graduates findings show that “98% of college graduates are internet users.” Of the population of developed countries, 90% of the population are internet users. However, among users in the US, UK, and Germany, 67% of women and 51% of men feel unsafe utilizing the internet.
Understandably, it’s easy to feel unsafe considering the multitude of ways that information can be used by hackers or people with malicious intent. Phishing scams, stolen data, and even data leaks can make anyone anxious while using their smartphone or the internet. Though users may never truly be safe from things like data breaches or hackers, we can make them feel safer.
Each person’s grasp on their perceived feeling of safety will vary on a case-to-case basis. Although feeling safe is subjective, it would be effective to understand where the user’s anxiety stems from. In a study of 30,000 people, 10% of users “feel like they have total control over their personal information online” or are confident in their ability “to protect themselves online.”
Behind user anxiety, hacker motives, phishing scams, and data breaches lie a common denominator– data. Data includes, but is not limited to: your login credentials, full name, birthday, SSN, healthcare information, and geolocation records.
On a large scale, data from companies like Yahoo, LinkedIn, and Facebook have all been stolen. On a smaller scale, (yet equally troublesome) phishers use sneaky tactics to get users to reveal sensitive information. In many cases, hackers and data breaches circumvent the user entirely, revealing the sensitive data users entrust their providers with. So, this begs the question: how can I make my users feel safer if hostile tactics such as data breaches are out of their control? Data transparency.
We can develop a defensive approach to making the user feel safe. Account access through stolen or weak credentials accounts for 81% of hacking-related breaches. This large percentage of the password-related breaches is representative of the idea that users often use weak or reused passwords. It could be presumed that users would prefer using simple or recycled passwords.
To alleviate the user with little change while ensuring safety, we can implement an extra layer of security with MFA or multi-factor authentication. MFA grants the user layered security of their account. Recruiting a surplus of employees with the sole purpose of recovering an account is excessive. MFA will make the user feel safer by bypassing the need for account recovery. As a testament to MFA’s dependability, both the US Military and US Government utilize 2FA, a type of multi-factor authentication method.
MFA grants the user better security as 2FA introduces a secondary key that only the account user could provide. This aforementioned key could include a personal phone number, an email, facial recognition, or even a thumbprint (as seen by most Apple products). With MFA, the risks associated with stolen data and accounts are mitigated.“A password alone is useless […] without approval at the second factor.” With layered authentication, users could literally have their secondary key in their hands.
While MFA is defensive and significantly mitigates risk, we can begin to take a proactive approach to users’ feeling of safety too. Although it’s counterintuitive and often difficult, introducing open-source code may help users feel safe. Open-source code, at its most basic level, is code that anyone can see and modify without actually affecting the main program. But if anyone can modify a version of the code, then how will it make users feel safer?
To release the source code of your software (or online product) is demonstrative of transparency, an important aspect in building trust with users. Code is the building block of all programs like Adobe, GitHub, and Google. These all happen to be companies that use or contribute to open-source projects. Though code on its own can be read, it isn’t necessarily understood by anyone.
Software developers, those that install these building blocks, are typically those who can relatively understand code fluently. Open-source software allows code to be peer-reviewed. This allows the code to be saved from faulty, or unintended code, or optimized. Functioning, optimized, and peer-reviewed code benefits the user as it will better protect their data. This transparency between the user and you will be the foundation of making your user feel safe.
Transparency on its own is important but paired with privacy, users will regain their sense of autonomy. Privacy with sensitive information is appreciated online as much as it is offline. It was found that 81% of respondents believed that they had no control over their data that private companies collected. By simply building trust with your user, we can begin to make users feel safer.
All-in-all, it would be ideal to combine aspects of MFA while considering transparency, responsible practices with data, and the user’s need for convenience and privacy. These elements together should make for a reliable way to make users feel safer– but where is this provided? humanID is an authentication provider that serves as an anchor point for cross-platform login, exterminating the need for reused passwords. Furthermore, humanID places its method of authentication right into the user’s hand; a convenient place to put their key. And lastly, humanID follows responsible data practices as they never store data beyond login. humanID seemingly is the perfect solution to make the user feel safer; for years, it has been an open-source project that has allowed the masses and experts to find faults while also ensuring the safety of the user themself.