Intuit is the global financial technology platform that powers prosperity for more than 100 million consumers and businesses around the world using TurboTax, Credit Karma, QuickBooks and Mailchimp. The company’s long- held commitment to Design for Delight principles has been a key ingredient of its success in fueling innovation across its products, services and customer touchpoints to create bold new AI and data-driven personalized experiences at scale.
To execute on a user-centric focus, Intuit’s customer authentication products team, led by Rakan Khalid, Intuit Group Product Manager, Identity, justifies and prioritizes development of new authentication capabilities based on user research, security trends and technology advancements in the industry. This has led to an overarching strategy that emphasizes secure and convenient authentication experiences on its platform.
Intuit saw the potential of the FIDO (Fast ID Online) Alliance early on and began a multi-year FIDO journey in 2018 to reduce customer friction and enhance security, at lower operating costs.
Intuit set out to address several challenges when evolving its customer authentication strategy to serve a growing customer base across a diverse set of product offerings and user personas:
- Customers experienced friction when logging on, which negatively impacted key business metrics.
- Sign-in times (time to successful sign-in) were getting longer, and calls into customer care for account sign-in-related issues were increasing.
- Product teams were challenged to balance ease-of-use and convenience for users with appropriate levels of security.
The team set out to achieve the following business objectives for customer authentication across Intuit’s product portfolio:
Results and Benefits
- Deliver a delightful and seamless customer authentication experience that “just works” across multiple devices.
- Push the envelope on customer authentication technology to further enhance the security posture of Intuit.
- Build a resilient, scalable, durable customer authentication capability for its current and future business needs.
FIDO Authentication Deployment – Measured Steps
Intuit implemented a FIDO-based customer authentication solution in line with the FIDO Alliance’s founding members’ goals. FIDO protocols are based on an asymmetric cryptographic authentication framework designed to enhance security, provide a better user experience (compared to traditional passwords) and reduce cost and complexity.
Although FIDO is an open standard, the expertise required to code and deploy a scalable FIDO solution for millions of consumer and small business customers led Intuit to license a FIDO authentication platform.
Intuit selected the Nok NokTM S3 Authentication Suite (S3 Suite) for its advanced FIDO features and capabilities; optional on-prem deployment model; and speed, scale, and resilience, which was validated by Nok Nok enterprise customers.
Intuit’s authentication team placed a high priority on working with a FIDO leader with deep and relevant experience in customer authentication and therefore well-equipped to keep pace with industry progress with this fast- evolving technology.
Build vs. Buy: Intuit recognized that the company would benefit from the expertise of a vendor with experience working with other major companies on its authentication journey, and enjoy access to innovative product enhancements along the way.
Progressive Deployment: Intuit opted to deploy Nok Nok’s customer authentication solution across multiple apps in a controlled and measurable manner:
- Intuit’s authentication team initially tested Nok Nok’s FIDO passwordless customer authentication on the mobile iOS version of an Intuit product with a small customer base.
- Over the next few months, the team rolled out Nok Nok’s FIDO passwordless solution on mobile iOS and Android platforms for a broader customer base on multiple Intuit products.
- The team added FIDO as an option to Intuit’s passwordless customer onboarding flow, which improved onboarding conversion rates and reduced subsequent sign-in times.
- Over the last 5 years, Intuit has grown its total FIDO registrations to over 77 million.
Authentication Solution Delivers on Business Objectives
Intuit has been able to achieve all of its business objectives, while simultaneously addressing new use cases for a growing customer base:
- Delightful Customer Sign-in – FIDO-based multi-factor authentication (MFA) for customer sign-in dramatically improves and simplifies the user sign-in experience because it’s completed in a single user step. This reduces the need for a multi-step authentication process (e.g., password, texting one-time passcodes). Using FIDO, Intuit users are presented with a seamless, passwordless flow using device-based platform authenticators, such as biometrics with which they’re already comfortable.
Today, more than 85% of all customer authentications on Intuit’s mobile apps are now done using FIDO
- Enhanced Customer Security – When FIDO authentication is used, it eliminates the passing of passwords and one-time tokens between apps and services, which can reduce the risk of interception attacks.
- Global Scale – Since Nok Nok’s S3 platform is trusted by some of the largest banks, telcos and fintech brands across five continents and has been proven to scale across demanding customer environments, it’s given Intuit the confidence that it will continue to scale with the company’s future growth to match uptime and authentication speeds.
By deploying a passwordless solution for customer authentication, Intuit was able to reduce customer friction, thereby reducing operating expenses. Users who adopted the FIDO passwordless authentication option experienced authentication success rates of 95% to 97% when compared to a baseline of 80% for legacy multi-factor authentication and 70% faster sign-in speeds over non-FIDO sign-ins.
Over the past several years, Intuit has experienced the power of FIDO customer authentication for its consumer and small business customers, and validated its benefits with its product, technology, security, user experience and customer care teams. Looking ahead, the company intends to explore multi-device passkey technology as the next frontier on its authentication journey.
MORE Implementation & Deployment
Blog: FIDO Alliance Publishes Guidance for U.S. Government Agency Deployment of FIDO Authentication
The U.S. g...11月 16, 2023
The EU organizations ENISA and ETSI refer to FIDO as authentication standard for eIDAS2
During the...11月 2, 2023
White Paper: FIDO Alliance Guidance for U.S. Government Agency Deployment of FIDO Authentication
This docum...10月 13, 2023