Authentication Duration & Remember Me

RATIONALE


The CTAM TVE Tracking Study (2017 – Wave 6) revealed that:

  • 46% of TVE users have had to enter their credentials more than once because of a problem
  • 68% of TVE users who entered multiple times didn’t let that problem stop them from using the site/app
  • Those who say they’ve cut down on TVE use, however, are a bit more likely to say a multiple-login problem caused them to stop using a site


64% of current TVE users cite that “TVE is harder to use than other online sources” as a reason for cutting back on TVE use.

53% of current users say that they “prefer sources that don’t ask for login” when asked about reasons they don’t use TVE more.

"Difficulty using" is a prominent reason why younger consumers don’t use TVE more; for older consumers, process confusion is a barrier. Consumers have clearly communicated that they do not want to be forced to enter their credentials every time they are accessing TV Everywhere content.  

Cable companies and content providers must continue to develop verification processes that function behind scenes to maintain a customer’s credentials on specific devices and in the home.

 

6 in 10 consumers indicate that signing in LESS than once per week would be reasonable:

 



4 in 10 have heard of home-based automatic sign in; close to 6 in 10 say it would make them at least a little more likely to use TVE:

 


 

RECOMMENDATIONS

 
Verification Duration

  • Allow consumers to remain signed in for a minimum of 30 days on all devices inside and outside of the hHome (persistent authentication).
  • Allow for shorter persistent authentication time frames for premium networks.


“Remember Me”

Explain the “Remember Me” functionality at the access point, including:

  • How long the device will remember the user’s Sign In details
  • How automatic updates may disable the “Remember Me” functionality*
  • What will happen after the credentials verification time-to-live expires
  • That credentials may expire sooner on premium networks may have a shorter time-to-live to maintain a higher level of security.


When a browser updates, it destroys the "Remember Me" cookie, regardless of the time limit, TTL setting "T"; this becomes less problematic with home based in-home auto authentication.