Social Networks: The Real Cost of Hacking and Spam, Part II
In my last post for The Social Media Monthly, I talked about how much fraud costs an individual user when an online account is compromised. What happens to a social network’s user once they leave? Do they ever come back or are they forever a lost customer? In a digital age where the newest thing is always one step away, the answer is usually geared towards the latter—customers permanently part ways with their networks.
Everyone always tries to pin a lifetime value on a customer, but even if we look at a year’s worth of revenue, mistakes can add up. Last year, a single social network could generate around $9.50 per user per year on advertising revenue alone. For a social network with 50 million users and an estimated abandonment rate of 5%, that can add up to $23.7 million in potential revenue missed in one year.
When one of my favorite website accounts was hacked last year, I found a few hundred surprises being charged to my credit card. I was adamant about fighting the thief and reclaiming what was rightfully mine. With zero liability on credit cards these days, the financial aspect was taken care of with ease. Trying to restore my account access, however, was a complete nightmare. The culprit bypassed all of the site’s security measures—changing my contact email, my birthdate, my backup security questions—everything that I had in place to restore a compromised account was indeed compromised.
I spent a good part of a month trying to reset my password but never had any luck. After a few weeks, I was finally able to contact a representative who restored access to my account. I immediately changed all my information and removed any payment information. The next week after that, I was completely locked out of my account—again. After that last straw, I resolved to never purchase anything over the site anymore, after having spent an average of $30 a month. And to this day, I still have not spent a single penny with them.
Had I not used this site almost every day, imagine how this scenario would have played out. If I were locked out of a networking site and failed to restore access on the first attempt, I would give up then and there. The brand would be sorely tarnished in my eyes and I would think twice before going back again. Essentially, they have lost me as a customer and any potential recurring revenue associated with me.
How then can we insure that when security is breached that we are able to maintain a user’s loyalty to a brand? Part of the solution lies in making it as convenient as possible for the true owner to restore access to their account.
Accounts become compromised every day, but it should never be that difficult for the rightful owner to regain access. If a social network or any site for that matter can efficiently control the damage, the user might have a chance of staying. What better way to do that than by using mobile verification? Using something that the user always carries—their phone—and verifying information on something that we know—a user’s phone number—could not be easier. A fraudster might be able to get access to my account but it is pretty unlikely that they would gain access to my account AND steal my phone. Regaining access to my account with one SMS or voice call takes less than a few seconds and lets me get back to what any company wants me to do: spend money. Win-win if you ask me.