persona-logo
Industry
Published February 06, 2023
Last updated February 26, 2025

3 tips for managing risk without sacrificing user experience

Get tips for balancing risk and conversion in your business, learn about emerging trends in the identity space, and more.
Jenna Lee
Jenna Lee
7 mins
Image of a list of persona employees
Key takeaways
Think of risk as a spectrum, not as a binary, by segmenting your customer base.
Maximize conversion by personalizing onboarding and adding intelligent fallbacks.
Remember: IDV matters throughout the entire customer lifecycle.

Recently, we held a live event where two of Persona’s product leaders, Vincent and Daniel, chatted with nWay’s lead producer, Rene, about how to balance risk and conversion. In this recap, we’ll summarize the discussion and share the panel’s main takeaways, but we also recommend watching the on-demand recording, as they did a live demo (around the 7-minute mark) and shared a ton of great insights!

Why businesses need to balance risk and conversion

To kick off the discussion, Vincent briefly explained why it’s so important to balance risk and conversion during the identity verification (IDV) process.

While most users that go through your flow are likely legitimate, you can’t assume all of them are. But if you optimize too heavily for risk deterrence by making your onboarding flows long and hard to navigate, you may scare away most of your good users.

The ideal balance will look different for every business, as each has its own user demographics, compliance needs, and more. Some organizations may need to prioritize deterring fraud, while others may aim to convert as many users as possible.

But even within the same company, it doesn’t make sense to treat all users the same. Instead, it can help to segment users by their risk levels and dynamically adjust the level of friction they experience in real time as they progress through the flow. As Rene shared, “We transition the user into different workflows based on their risk and what they’re trying to do. This has allowed us to reduce the manual review process and reduce our false positives.”

Before segmenting your users, it’s important to understand the risks your business may face. These risks usually fall into five main categories:

  1. User risks: Who is the person attempting to verify their identity?

  2. Regulatory risks: Are there any laws that affect this type of transaction?

  3. Transaction risks: Is the transaction itself high-risk?

  4. Financial risks: How much money is at stake?

  5. Behavioral risks: What other risk signals can you ingest during the transaction?

Free white paper
Learn why compliance doesn’t have to tank conversions
Download now

How different businesses can think about finding their ideal balance between risk and conversion

Next, Vincent and Daniel gave demos around how two hypothetical companies — one marketplace and one fintech — might think about optimizing their onboarding flow for conversion and fraud mitigation, respectively.

You can watch their demos starting around the 7-minute mark, but essentially, the marketplace optimizes for conversion by asking users for the minimum amount of information required and only adding more friction if the checks they run behind the scenes uncover risky signals. On the other hand, as the fintech attracts more fraud, they begin with a higher amount of friction across the board and run different checks depending on the loan amount, risk signals they collect, and more.

Tips for balancing risk and conversion

The panel then moved on to discuss tips for finding the right balance between risk and conversion.

Tip #1: Think of risk as a spectrum, not as a binary, by segmenting your customer base.

Risk is a spectrum and can vary based on a number of factors, including the organization, product, end-user, and more. It’s also dynamic — there are many factors that can quickly increase the riskiness of a given transaction. For example, is there a marketing promotion that might make a product a higher target for fraud? Are there compliance regulations that warrant a change in consent language?

No one on your team will likely be well-versed enough to understand all the risks your company may face, so make sure you gather the right stakeholders and give them a voice when it comes to identifying and segmenting your company’s unique risks.

Once you identify your risks, put together a game plan around how you’ll address each segment with a mix of tools and processes. The key word here is mix — you’ll want to make sure you take a multi-layered approach instead of relying on a single solution.

Tip #2: Maximize conversion by personalizing onboarding and adding intelligent fallbacks.

To maximize conversion, start by thinking about the minimum information you need to collect from all users. Then, layer on friction from there. In other words, lead with the lowest amount of friction, and apply more as the user progresses through the flow in real-time — but do it dynamically so most users aren’t affected by it.

For example, nWay doesn’t require users to KYC until they want to perform riskier activities such as withdrawing funds or claiming tokens. If the user just wants to create an account and play on the platform, they don’t need to go through the KYC process. This helps nWay convert users early on in the funnel and create a sticky experience and community before applying friction.

According to Vincent, there are three minimum strategies businesses should implement to improve their user experience (and maximize conversions):

  1. Personalize the user experience. For example, use information you’ve already collected to pre-fill forms whenever possible and save the user time.

  2. Make the experience as seamless as possible. Make sure your IDV flow matches your brand, focus on one call to action per screen, and don’t forget to make the experience accessible for all types of users.

  3. Ask the individual to do as little as possible. In other words, before automatically defaulting to high-friction verification options such as ID verification, consider evaluating passive signals like user location or running other verifications, like phone risk reports or database verifications in the background.

Tip #3: Remember: IDV matters throughout the entire customer lifecycle.

Identity is a relationship, not a transaction. Risk doesn’t just occur during onboarding, but also throughout the customer lifecycle. As such, you’ll want to perform IDV during key touchpoints. For example, you may need to verify users when they want to withdraw funds, recover or close their accounts, and more.

Remember: there are a ton of risk signals you can consider to help you make more accurate decisions and decide when and what forms of IDV to perform. Is a user hesitating when filling out their own name? Are they trying to reset their password on a new device they’re not normally associated with? In both of these scenarios, you may need to dig deeper.

Finally, the panelists explored trends in fraud, IDV, risk, and conversion, including:

  • Real-world monetary value is growing increasingly digital. Individuals are able to quickly make purchases online and send money globally with little friction. This, combined with new digital assets like crypto and Non-fungible tokens (NFTs), has created new opportunities for both businesses and fraudsters.

  • Sophisticated digital fraud — particularly synthetic fraud — is on the rise. As such, organizations need to be able to reconcile the conflicting goals of partaking in the digital economy while also protecting against persistent and sophisticated bad actors. One way to de-dupe identities is to use link analysis to see how various accounts are related.

  • Compliance is becoming much more of a focal point for regulators. Organizations need to be nimble — and partner with a flexible identity solution — to tweak their IDV flows and stay on top of quickly changing regulations.

  • Trust and safety is vital in the Web3 space. It’s important to build community confidence, and IDV is a great way to combat fraud, bots, duplicate accounts, and bought accounts that fraudsters often create on these platforms.

  • More companies are evaluating passive risk signals and collecting documents as part of their verification process. As organizations realize they can’t rely solely on ID and database verifications, many are turning to signals such as user location and documents such as utility bills to help evaluate each user’s risk level.

Interested in learning more? Watch the on-demand recording, download our white paper to learn how you can serve dynamic verification flows to users based on their risk levels, or contact us, and we’d love to chat!

The information provided is not intended to constitute legal advice; all information provided is for general informational purposes only and may not constitute the most up-to-date information. Any links to other third-party websites are only for the convenience of the reader.
Jenna Lee
Jenna Lee
Jenna leads content marketing at Persona. Despite working in tech her entire career, she has never had a LaCroix.
Continue reading
  • Top 3 challenges of identity verification — and how to solve them
    8 mins

    Top 3 challenges of identity verification — and how to solve them

    Learn about the three main identity verification challenges businesses face — along with how to solve them.

  • Build onboarding flows that convert with Dynamic Flow
    5 mins

    Build onboarding flows that convert with Dynamic Flow

    Customers like LedgerX and Coursera drive conversion at every screen with Dynamic Flow.

  • Identity verification: a crucial component of customer experience
    5 mins

    Identity verification: a crucial component of customer experience

    Friction during IDV can create a poor user experience that can break trust with your customers. This is why IDV...