Copyright 2014 Janrain, Inc. All rights reserved. | www.janrain.com | 888.563.3082 | 5
site, review your login counts by provider, and
rank order choices to ﬁnd the optimal oﬀer for
your audience. Make sure that you have linked
the users to another provider or to a conventional
account before removing the underperforming
provider to prevent account orphaning.
Each website’s audience will adopt social
login to a diﬀerent degree, so it’s important
to consider oﬀering a traditional username/
password registration for those who still
prefer that option. Oﬀering them side-by-side,
with clear descriptive language provides the
ultimate in choice, ﬂexibility, and user control.
on Mobile Devices
Mobile and tablet devices represent a rapidly
growing percentage of new and returning users,
who will expect full functionality on your site.
Failing to provide an optimal experience for
these users can result in signiﬁcant drop-oﬀ in
visits and conversions, as users struggle with
common hurdles of a smaller screen: small links,
buttons, ﬁelds, and keyboards. Beyond “Fat
Finger Syndrome” (and its related data entry
and navigation challenges), there is also the
consideration that mobile browsers have diﬀerent
set of technical requirements than their desktop
counterparts. Ensuring that the user experience on
a mobile device meets your users’ expectations
begins with correctly designed CSS, and can
even include a separate set of UI elements to be
swapped in via user agent detection (browser).
An example of a good candidate for a separate
UI would be any page that requires too much
scrolling, or scrolling that is not intuitive to the
experience. Removing points of registration/
authentication/navigation friction peculiar to
mobile devices can have signiﬁcant impact
on conversions as well as on repeat visits.
Just like your entire mobile site, your registration
ﬂow should be optimized for the mobile web
with small-screen use cases in mind. Having
a well-implemented social login option for
mobile-enabled sites removes a common
mobile registration frustration by potentially
limiting the ﬁelds of entry down to one to
two for the selected identity provider.
Leverage Progressive Proﬁling
to Increase Conversions
In any new relationship, it takes time to get to
know one another and build trust before feeling
comfortable enough to reveal more personal
information than the basics. The relationship with
visitors to your site is no diﬀerent. They may not
be ready and willing to share their home address,
birthday, or friends’ names—personal details—
with you during their ﬁrst visit to your site.
Don’t assume everyone wants to log in with Facebook or Twitter.
Find the right identity provider mix for your audience.
Best Practices in
Copyright 2014 Janrain, Inc. All rights reserved. | www.janrain.com | 888.563.3082 | 6
Progressive proﬁling refers to an incremental
approach to collecting proﬁle data from website
visitors. Using this method, you request smaller
snippets of proﬁle data at carefully staged
opportunities. So rather than being asked to
complete a long form, or submit volumes of
personal information up front, the customer has
a smoother and more comfortable experience.
In this way, progressive proﬁling builds
consumer trust over time, which encourages
the sharing of information, and allows you
to collect more accurate proﬁle data while
maintaining a higher conversion rate.
Born in the world of B2B marketing, progressive
proﬁling is growing in use with consumer
brands as well. This approach is particularly
valuable when users engage with your website
repeatedly, over a span of weeks or months.
It requires building some conditional checking
into your sign-in workﬂow and forms so your
site can correctly gauge when to prompt a
user for speciﬁc additional information.
Opportunities to request additional proﬁle
information include events such as sharing
content or products to a social network,
ﬁnding friends who are also on the site,
rating a product or leaving a review, or
even revealing more localized content.
Another example of progressive proﬁling in
practice is oﬀering an exchange of value. This
is where you oﬀer your users a quid pro quo by
granting them access to a download, a discount,
additional site features, or some similar beneﬁt
in exchange for sharing additional information
about themselves. If what you’re oﬀering can
be directly correlated to the information you’re
requesting, your success rate will improve.
The bottom line is to be clear about what data
you are asking for and why you are asking
for it, and to make sure that the context for
the requests is appropriate to the the users’
actions or value exchange messaging.
Optimize registration on your mobile apps and website to reduce
frustration and increase account creation.
Request minimal information at the initial point of registration, and look for opportunities
to request additional snippets of data over time to progressively build user proﬁles.
Best Practices in
Copyright 2014 Janrain, Inc. All rights reserved. | www.janrain.com | 888.563.3082 | 7
GARBAGE IN, GARBAGE OUT
IMPROVING PROFILE DATA QUALITY
A database is only as valuable as the quality
of data within it, and with 88% of consumers
admitting that they have provided incomplete
or false information on traditional registration
forms, your database may not contain the quality
data you need. Poor data quality can cost an
organization 10–20% of annual revenue in lost
sales, ineﬀective direct marketing, administration
overhead, and preventable shipping errors.
One approach to improving data quality is by
oﬀering social login. People typically keep
their social proﬁle details current, as well as
representative of their authentic self, since these
are channels through which they communicate
with family, friends and co-workers. When site
visitors choose an existing identity using social
login to create an account, you can rest assured
you are on your way to building a customer proﬁle
that is rich with accurate, actionable information.
Providing a means for users to automatically
and manually map social accounts with their
existing site user records can help you to avoid
duplicate records while giving you the opportunity
to gather accurate customer intelligence from
outside sources. With customer proﬁle pages,
you can allow people to self-manage their public
and private proﬁles on the site, as well as allow
them to map multiple social proﬁles to one user
record. This also gives registered users an
opportunity to provide additional data they want
you to have, details of their persona they may
want to share with other members of a community
in their public proﬁle, and allows them to more
seamlessly carry out some action like sharing.
Building sensible data validation rules right
into your registration system is another
important consideration. Our recommendation
is a hybrid strategy that includes a two-part
approach for validation of standard ﬁelds built
in to your registration system, including length
and type validation at the front end, paired
with the appropriate database constraints
on the back end. An example of a front-end
validation task for sites that are available to
younger users, or that need be compliant with
the Children’s Online Privacy Protection Act
Improve the quality and depth of your user
database by tapping into social proﬁles.
Best Practices in
Copyright 2014 Janrain, Inc. All rights reserved. | www.janrain.com | 888.563.3082 | 8
(COPPA) standards, would be to parse suggested
usernames through dirty word ﬁlters to ensure
that they don’t contain oﬀensive words.
When leveraging social login on your site, you not
only smooth the user’s return experience, but you
can access proﬁle data during registration to pre-
populate a form which then just needs validation
by the user. When taking this approach, you want
to include clear messaging before and after the
social authentication about the data you want to
access and how doing so is a beneﬁt to them, or
you will confuse most users and thus degrade
their on-site experience. Upon each return visit
to the site, changes to their social proﬁle should
refresh the proﬁle ﬁelds in your database to ensure
you always have the most current information.
Adding an email veriﬁcation step to the registration
ﬂow has become a common step to ensure your
new user is human and is providing a valid email
address at which you can later contact them. This
is an important exercise for marketers in the pursuit
of data integrity, and an eﬃcient use of marketing
dollars spent against ensuring database quality.
Unfortunately, for most website visitors, this
places yet another obstacle between them and
the action they wanted to take on your site, and
creates additional opportunity for them to leave.
Our recommendation here is to use this two-
step veriﬁcation only when necessary (contest
registration, for example). If you have other
veriﬁcation methods in place, like CAPTCHA
or social login, you can usually forgo this
additional step in the registration process.
When users choose an identity from Google,
Facebook, Yahoo!, LinkedIn, or another provider to
sign in, they are also providing you with a veriﬁed
email address which removes the necessity of
Networks that provide veriﬁed email addresses
Pre-populate ﬁelds with as much data as possible and ask users to conﬁrm the
accuracy to ensure high quality data without requiring them to enter the data.
Best Practices in
Copyright 2014 Janrain, Inc. All rights reserved. | www.janrain.com | 888.563.3082 | 9
this additional burden. Make sure you request
permission to access the email address, and if
you need to make the user choose a speciﬁc
email address (such as a business-related one),
pre-populate their account creation form with this
data so they don’t need to enter it themselves.
Samsung reported a 34% increase in email open
rates and 63% increase in email click-through
rates as a result of improved email marketability
of their user database with social login. With more
than 40% of new registrants choosing to use
social login to register at their site, this gives them
access to a veriﬁed email without the hassle of
the two-step veriﬁcation they previously used.
CAPTCHA Spam Prevention
Data integrity and quality concerns also apply
to user-generated content. Though it is too
expensive to hand-moderate every post and
comment, there are a few basic steps that you
can take to prevent rampant abuse of your public
spaces. The ﬁrst is requiring registration and
authentication before allowing posts/comments,
and another is some sort of human-veriﬁcation
(Turing test) tool for ﬁrst time registrations.
Many of the tools for incorporating a Turing test
into your site (such as CAPTCHA) are free, but the
task of implementing them and staying on top of
new releases is not. Ensure that your registration
solution supports CAPTCHA functionality “out of
the box” to reduce your development burden.
Remove the email validation step in your main registration process by
requesting a veriﬁed email from social providers with social login.
Best Practices in
Copyright 2014 Janrain, Inc. All rights reserved. | www.janrain.com | 888.563.3082 | 10
WHO ARE YOU?
IMPROVE YOUR REGISTRATION EXPERIENCE TO
ENHANCE CUSTOMER SERVICE
When users get frustrated while trying to sign
up for an account or sign in to your site with
a username and password they’ve forgotten,
they have three options: keep trying and let the
frustration increase, ask for help (if available),
or leave your site. All three options are costly
for you as you’ve either lost a potential sale, or
will spend resources to help them remember
or reset their password. One important goal of
any registration system must include improving
customer service for these very reasons.
Lost Login Credentials
With 40% of people admitting to using the
Forgot Password feature at least once a month,
this is a growing challenge for users as they
create more username/password combinations
across the web (or worse yet, re-use the same
credentials). People have come to expect
an easy way to get access to your site when
this happens, or they will potentially leave.
Having a secure method for verifying your users’
requests for lost credentials, and taking the
necessary steps to integrate it into your existing
registration ﬂow, must be part of the registration
system design stage. In order to keep the trust
you have worked hard to build with your audience,
take the necessary steps to avoid exposing
information (such as passwords) that would
leave users vulnerable to a potential breach.
The most universally applicable best practice for
password resets is sending a one-time-use link
to a secure page on your site, where the user
can reset the password, to their primary email
address. Never include users’ passwords in an
email when they request a password recovery,
register for the ﬁrst time, or reset their password.
Key considerations for your Forgot Password ﬂow must include ease and
security with which users can retrieve or reset their password.
2 in 5
feel that scrubbing a toilet
would be better than coming
up with a new password
Documents you may be interested
Documents you may be interested