Image to illustrate how killing the password with passwordless MFA boosts revenue

Killing The Password With Passwordless MFA Boosts Revenue

"Passwordless MFA is nice, but our customers don't need that."

That particular product leader at an unnamed retailer couldn’t be more wrong. Many executives don’t realise that passwordless multi-factor authentication is a significant business driver. In this blog, you’ll discover:

  • Why security and UX go hand-in-hand
  • How passwordless MFA helps slash your TCO
  • How passwordless MFA skyrockets online conversions
  • How you can provide a better customer experience while improving data protection
  • How you can tackle password fatigue

1. A better customer experience

Good passwordless MFA limits the number of user interactions and helps the customer make informed decisions by providing the right amount of context. The fact that 70% of users will choose a company that enables passwordless MFA over a company that doesn’t (who are the other 30%?) is a testament to that.

Customers find passwords to be tedious and time-consuming when logging in. They crave better and easier ways to log in. Hence the high drop-off rate due to cart abandonment. We’ll get back to that later.

Customers rightly feel passwordless MFA is quicker and easier to use. They no longer need to create and remember complex passwords. On top of that, users can quickly authenticate and get back to shopping or whatever they were doing on your platform without the potential of getting locked out of their accounts. Logging in with a finger tap or face scan is so much easier and more secure.

Passwordless MFA increases your custom ratings, this is an image to illustrate that

2. Passwordless MFA slashes your TCO

Passwords, SMSes, tokens or HSMs all cost money in terms of IT support and upkeep. According to Gartner, password resets account for up to 50% of all help desk costs. That’s a massive drain of person-hours and money to reset accounts or automate account recovery. Enterprises often spend millions on password-related support alone. 

SMSes make companies haemorrhage money, paying up to 15 cents per SMS. Plus, they’re susceptible to phishing and social engineering. While HSMs are safer than SMSes, they must be purchased and replaced if broken or lost.

Passwordless MFA stops the bleeding. Depending on the agreement you’ve reached with a vendor, you’ll most likely only pay the initial licensing fee, the integration costs and hosting.

3. Less checkout abandonment, more online purchases

85% of customers will abandon their online shopping cart due to an arduous and complex authentication process. And, each passing second that your website or app takes to authenticate, your cart abandonment rate increases by 7 per cent.

Imagine tapping into that well of unfinished business and lost revenue. With passwordless MFA, you can. A frictionless authentication experience makes you stand out to users due to its ease of use, quickness and mobile-friendliness.

Killing The Password With Passwordless MFA Boosts Revenue

4. No more password fatigue

Password fatigue is real. A typical user has up to 80 passwords. To maintain password hygiene, they should have 100 unique passwords and keep track of them. Instead, most of us use the same password over and over again. That only helps hackers and leads to up to 80% of cyber breaches. Passwordless MFA combats that. Finger taps or face scans don’t require any effort or management. And they are nearly impossible to hack.

5. Better protected data, happier customers

Passwords are susceptible to phishing, guessing, brute-forcing, social engineering and other cyber attacks. Phishing tricks the victim into handing over confidential information, i.e. username and password. Attackers also rely on password lists from previously compromised companies and try the same passwords on multiple services.

Passwordless MFA helps organisations fend off phishing, credential stuffing, brute-forcing, or baiting attempts. Users can’t hand over their finger tap or face scan to a malicious site; there are no passwords to guess or try on many websites or apps, nor can users be tricked or convinced into giving their credentials.

Hacking the servers won’t help, either. Some cryptographic protocols, like ours, ensure that the user’s secrets never leave the user’s device. That data is never stored on or sent over to the server. This security increase bolsters consumer confidence and enhances the likelihood of them purchasing and doing transactions online.


Passwordless MFA is proof that UX and security go hand-in-hand. They feed off each other. A finger tap or a face scan is both user-friendly and, supported by the right technology, tough to breach. Each finger tap or face scan delights your users, cuts login time, increases revenue and helps reduce your TCO.

There are a plethora of vendors claiming to be passwordless and True MFA. But finding the right passwordless MFA can be a pretty daunting task. To help you sieve through the solutions and the vendors, we’ve created the Requirements Checklist for MFA solutions. This checklist will help you, and your Information and Cyber Security colleagues evaluate all MFA solutions for their:

  • Security Impact
  • User-friendliness
  • Total Cost of Ownership
  • Integration Capabilities
  • Strategic Business Value
Picture of Roel Peeters

Roel Peeters

CTO at nextAuth - Security and cryptography expert (PhD)

Book your personal demo