Back in the spring, some 150 million users of Under Armour’s health and fitness app MyFitnessPal were hit with a data breach, with a bad actor (or actors) stealing their user names, email addresses, and passwords. While breaches like this have become increasingly common, the way Under Armour dealt with it was not. Instead of simply notifying users by email, it pushed in-app messages about the breach and let users know the application had been compromised through the application itself.
What’s more, its communication not only identified the problem, it presented users with actions to take. It required that users change the password for the application, and recommended that users change their passwords for other “accounts or services that may be the same or similar to that used for the MyFitnessPal app.”
Given the pervasiveness of data breaches and hacks today, the way in which companies react to them actually presents an opportunity “to interact closely with customers,” according to an article in Forbes by the CMO of identity management software vendor Sailpoint. Innovative companies like Under Armour recognize this, and are using customer communication channels like in-app messaging for risk management purposes.
We’ve discussed the benefits of an integrated usage intelligence and in-application messaging strategy – in terms of educating customers, getting real-time feedback that informs product development and more. We’ve also discussed an integrated compliance analytics and in-application messaging strategy to inform well-intentioned users about improperly licensed software and to offer paths to resolution.
Now, consider the value of in-app messaging as part of a risk management strategy. Here are some of the ways in which in-app messaging driven by software usage analytics can enhance your company’s ability to communicate with customers and minimize damage to the brand include:
Segment users impacted most, and craft relevant communication. Perhaps the data breach only affects users on a certain operating system, in a specific region or those using a certain version. By combining data from usage analytics and in-application messaging, you can create and send relevant communication to each audience, crafting messaging to the affected audience that conveys more urgency, while producing a softer, “heads up” for the rest of the users. This is something a blast notification couldn’t accomplish.
Notify users faster to streamline, ensure compliance. New regulations like the General Data Protection Act (GDPR) put stricter time limits on when companies must notify users of a breach. In-application messaging ensures that all users are notified, streamlining potentially costly compliance issues, and allowing the business to focus on other areas of the breach that require attention.
Leverage in-app messaging to protect users. Older versions of software may be more vulnerable to hacks because of missed patches and updates. In-application messaging informed by product usage metrics enables the team to segment users on older platforms, and encourage them to upgrade. As such, it can be used as part of a company’s strategy to protect the investments of the customers.
Bad actors are constantly upping their game when it comes to infiltrating your company’s database, and even the best armor stands the risk of breach. Opening new channels with customers to enhance communication will be crucial to evolving a sustainable and agile data breach risk management strategy – and contextually relevant in-application messaging can play a key role.