Users often hesitate to log in to online stores when login options are unclear or cumbersome
Surveys show that many users would rather avoid logging in if a site lacks a simple authorization method (23%) or imposes complex password requirements (13%). A study conducted by experts in digital communication and reviewed by socialbites.ca highlights these concerns.
At the same time, forgetting or resetting passwords remains common (40%). To minimize effort, people store passwords in notes (33%), rely on memory for basic credentials (20%), or turn to password managers (14%).
On December 1, 2023, a regulatory change restricted the use of certain foreign login services on Russian sites through international platforms such as Google and Apple ID. Users can now authenticate via a mobile phone number, a government services portal, biometrics, or local identifiers like VK ID and Yandex ID. The shift impacted e-commerce notably, with large companies removing foreign login options and advising customers to select alternative methods.
According to edna researchers and affirmed by their business partner, the new rules were immediate and non‑negotiable. Prior to the update, many users relied on Google or Apple IDs. The absence of these services narrows login options, while Russian services gain growing traction. Password-based login is not always practical, as users must remember numerous credentials for different sites. This complicates the customer journey, and edna’s internal data indicate a 2.5‑fold rise in demand for alternative authorization beyond banned external services in recent months.
For users, the most convenient login methods include a code sent via SMS (27%), VK ID from social networks (24%), email (23%), biometrics (20%), and instant messengers (19%).
Experts note that after the legislative changes, many businesses adopted additional login methods to stay within the legal framework while keeping the user experience smooth. The recommended option remains phone number authentication, where a one-time code or link is sent to the user. This approach enables quick login from any device and supports business operations. It also helps curb fraudulent activity and fake registrations, according to industry commentators.
SMS, push notifications, instant messengers, and email are all viable channels for delivery of authorization prompts. The user selects the most convenient method. SMS is often seen as reliable and secure, with the avoidance of easy interception since duplicating a SIM card is a highly specialized task. A phone-number based solution can be deployed rapidly, often within a few hours and with minimal resource needs, typically one developer and a testing team to verify functionality.
Russians before: How do scammers create audio deepfakes?