I could argue that the first experience with a product is the most critical. It certainly is the only shared experience that all users or customers have before branching out into their own set of experiences based on interest, product configuration etc.

As Scott Belsky says, "in the first 15 seconds of every new experience, people are lazy, vain, and selfish." For Sontiq customers, they are also skeptical. This is due in large part because they did not necessarily seek out our products in the first place.

‍

Scenario

Allow me to frame the scenario for a typical customer before going into what we have done to try to pique their interest and address their concerns. Sontiq's primary business model is to work with what we call our partners, often financial institutions, who are including our identity theft protection services as a value add to their existing products. For example, a bank may extend these protection and restoration services to all their premium checking account holders.

In this scenario, our customers start as the customers of another brand and have sought out a different product altogether. It's incredibly important to convey the relationship between these brands, that we are the trusted provider their bank vetted and chose to work with, and that they can trust us just like they trust their bank. We co-brand many of our experiences so that the customer can clearly identify the relationship they already have with the partner and the relationship they have with us.

From here, we can try to prime them to understand our services and to feel peace of mind to use them.

Understanding Points of Entry

Due to our business model, we have two main segments we need to work with and keep happy. Our partners and our customers. We need to serve their needs and meet them where they are at. In terms of onboarding their customers, this means that different methods are required based on the capabilities of each partner.

For many, we are able to establish an integration where we receive the minimum necessary amount of information on each customer, we enroll them into our services so that their services begin immediately, and then we send them a series of registration emails that engages and entices them to create their account on our platform to make full use of everything they are receiving.

For other partners, they may be unable or unwilling to share this information so in these situations we stand up landing pages they can direct their customers to and either enter a unique offer code (less than ideal for the customer experience) or just a straightforward page where everyone gets the same offering (less than ideal for us because we don't know who they are when they are signing up).

Each option brings its pros and cons, however.

‍

The Registration Process

The process of creating the online account is mostly consistent. There is a baseline of information we need from the user to prove their identity later in the flow, they must accept our terms and conditions, and we force a two-factor authentication due to the sensitive nature of the data on our platform. The only variable is whether someone needs to input billing information. The vast majority of customers are getting these services for free as part of their relationship with their bank, etc. We do offer direct-to-consumer packages, however, and so those users will be paying for these services on their own.

‍

We track success metrics and drop-offs for each step of this flow using Google Analytics. Perhaps not surprising, by far the largest drop-off occurs on the very first step. This is indicative of the mindset of the average customer. As a reminder, the understanding is our typical user is receiving these services as an extension to another service they already have and they are coming into this registration flow with a wide range of understanding about what they're even being asked to sign up for. We do what we can to prime them in the registration emails and landing pages but a lot can be done on the partner's side to prime them as well and those who do see a much better success rate of signups for their customers.

We're working to try to improve conversions on this first step as it's clearly the biggest decision point. Once users reach step 2, we see a 96% success rate through the rest of the funnel.

‍

Authentication

As an identity theft protection company that deals in personally identifiable information, credit data, etc., it's important that we verify each user before giving them full access to their account. We do this by integrating with credit bureaus who can pin a user based on the last four digits of their social security number and their name. From here, we pull data from their credit file and ask them questions about their credit history. If they are able to answer correctly, we confirm their identity and then they are free to pull credit reports and scores, view alerts of information found on the Dark Web, and so on.

‍

Adding More Data

We limit the information we try to capture during the registration process because it's not needed to create their account or verify their identity. However, there is still a lot more they can add. Depending on the set of services they have access to, we can monitor their credit card and checking account numbers, their social media accounts, and even financial transactions. These services only work for the user if they enter the necessary data, however. As part of our onboarding flow, we have what we call the "Let's Get Started" module. It acts as a sort of guide, post-registration, about what steps are the most important to take.

These are completely dynamic based on what products and services they have access to and what actions they have taken so far. We've identified that the most a user engages in the platform by adding their data, checking out features, and such, the most likely they will come back and continue to use it.

Certain hooks like the password manager, while not entirely feature-rich, gives them a strong reason to log in and make sure of what is available to them.

‍

Alerts and Notifications

One of the biggest drivers of usage, however, is our alerting system. Whenever we identify information has been exposed on the web, we can alert the user to it, provide details about what happened, and guide them with next steps. Importantly, as part of their onboarding, we do retroactive scans for any information they have provided us and notify them of what has been exposed in the past. This initial scan establishes the baseline for what risk might mean to them and quickly show the value of what they can expect going forward.

After these initial scans, our customers often fall into more of a use-as-needed pattern with our products. Obviously we hope most of our customers never experience a horror story of having their identity stolen or massive fraud, and so the primary experience is being notified of their email address, a credit card number, or some combination of information has been exposed in a breach. We alert them when this happens, they log in to review the information, and then take the prescribed action or get in touch with our Resolution Specialists to walk them through it.

‍

Next Steps

Areas I would like to focus on next are embedding more product analytics capabilities into specific behaviors such as adding more data to be monitored, reviewing open alerts, accessing credit reports, etc., and seeing what behaviors leads to better adoption and engagement.

Right now, our platform is missing this instrumentation to fully understand where users are finding value and where there is a gap.

From there I would like to introduce some in-app guides as well as email campaigns to target segments and drive them to take action. For example, identify all users who have logged in within the last 30 days and have at least one open alert that need to be reviewed and target them with specific messaging. Another example would be identifying users who have registered within the last 3 months but have not authenticated their identity, or haven't taken the next steps to connect their social media or financial accounts so that they're getting full use of those services.

This would allow us more opportunities to bridge the value gap of our services to customers, getting them more fully onboarded, and better established to retain them.