Skip to content

Why Customer Authentication Is Creating More Friction Than Trust

Customer authentication is creating more friction than trust. Here’s why contact centers need a stronger, more seamless approach to identity verification. 

A customer has already navigated an IVR, answered security questions, and waited in a queue. Now they finally reach an agent, only to be asked to verify their identity all over again.  

For contact centers, that repeated authentication is more than a frustrating customer experience. Every additional verification step increases average handle time, reduces agent capacity, raises operating costs, and slows resolution. At scale, even small delays across thousands of interactions can have a measurable impact on operational performance. 

Customers feel the impact too. Repeating information they’ve already provided creates unnecessary effort, undermines confidence in the experience, and makes interactions feel disjointed. Meanwhile, fraud and security teams are left asking an equally important question: can they trust that the person requesting a sensitive action is really who they claim to be? 

These challenges all stem from the same issue: customer authentication is often treated as a standalone checkpoint rather than a trusted identity that carries across the entire customer journey. As a result, customer authentication has become both a customer experience challenge and a business performance issue. 

Why Traditional Customer Authentication Is Under Strain

Knowledge-Based Authentication (KBA) and security questions have historically given contact centers a familiar way to verify customers, but their operational impact has grown significantly.  

76% of customer calls now require ID&V, with an average authentication time of 50 seconds in assisted environments, twice what it was in 2010.¹ With IVRs, customers began verifying through automated journeys, only to be asked again when reaching an agent, extending time to resolution, and increasing customer effort. Channel handoffs multiplied the friction, eroding trust and pressuring performance. 

Today, customers move between IVRs, chatbots, digital channels, and live agents as part of a single interaction. Yet authentication rarely moves with them. Each handoff can trigger another verification step, increasing customer effort and extending handle times. At the same time, traditional methods such as knowledge-based authentication are becoming less reliable as personal information becomes easier to obtain through data breaches and social engineering. Contact centers need an approach that strengthens trust without creating more friction. 

Sensitive Interactions Raise the Stakes for Trust

Contact centers are often where high-risk customer journeys happen: customers call to access accounts, change personal details, submit claims, resolve billing issues, or authorize payments. In each case, the organization must verify identity quickly while protecting sensitive data and keeping the interaction moving. Slow, repetitive, or weak verification frustrates customers and shows them whether the business can be trusted with their account, data, and outcome. That makes customer authentication a commercial issue as much as a security one: 87% of consumers would not do business with a company if they had concerns about its security practices.² Beyond its back-office function, authentication shapes whether customers see the organization as competent, secure, and reliable. 

How Automation Is Changing Customer Authentication

Contact centers are becoming more automated, more connected, and more deeply embedded in customer operations. In a traditional model, the customer calls, the agent verifies, and acts. In a more automated model, customers may interact with an IVR, chatbot, or virtual agent before a human is involved.  

But when sensitive actions are part of the interaction, customer authentication becomes critical. Updating account details, initiating refunds, or progressing payment-related services all require confidence in who is making the request. If that confidence is missing, the journey stalls, requires additional step-ups, or moves back to an agent. The fallbacks may protect the business, but they also reduce the value of automation, put containment rates at risk, and create unnecessary effort for the customer.  

Stronger authentication gives contact centers a more reliable foundation for automated and assisted journeys. It supports greater assurance, clearer auditability, and fewer interruptions as customers move between channels. 

Why Passwordless Customer Authentication Is the Next Step

Verifying customers before sensitive actions is critical for customer experience, operations, security and compliance. Yet in many contact centers it remains one of the most manual, inconsistent, and least connected parts of the interaction.  Modern customer authentication should: 

  • Reduce reliance on static security questions 
  • Provide clear authentication outcomes for agents 
  • Support both assisted and automated interactions 
  • Maintain trust as customers move between channels 

The case for passwordless authentication is becoming increasingly relevant because it reduces dependence on shared secrets while creating a clearer, more usable and accessible signal of trust. For contact center leaders, the priority is to get ahead of that shift with authentication that can carry trust across handoffs, guide the next best action, and support sensitive interactions without adding unnecessary friction.  

See how organizations can solve the authentication challenge with PCI Pal’s passkey-based Customer Authentication solution.

 

Sources
  1. 1. ContactBabel. The Inner Circle Guide to Fraud Reduction & PCI Compliance. 2025.
  2. 2. McKinsey & Company. The Consumer-Data Opportunity and the Privacy Imperative. April 2020.

Like what you've read?

Why not share: