![Native[risk]](http://images.squarespace-cdn.com/content/v1/65704856a75e450a6d17d647/f3aa0ca7-8a4d-4034-992f-9ae514f1127e/Native+risk_logo-invert.png?format=1500w){kind=logo}
#80 - How adding friction increased card spend by 11%
Last Saturday, in case you missed it, I had a really interesting conversation with Matt Vega on my (new!) podcast.
Matt has spent over two decades building fraud and risk programs at fintechs and financial institutions - and if you haven’t had a chance to listen yet, I’d genuinely encourage you to.
But one thing he said has stuck with me since we wrapped.
“When we introduced friction in the right way, it increased trust in our product”
I’ve been saying a version of that for years. But Matt brought something I didn’t have: actual data.
Friction done right - Increases trust
When Matt was working at Novo his team ran a study. They wanted to know how much friction they could apply on debit card transactions before customers started to churn.
They were going into the research assuming friction correlates to churn and wanted to check what was the optimal balance between security and experience.
What they found was the opposite of what they expected: step a customer up two times a month, and you see an 11% increase in card spend.
They were adding friction to transactions, and yet customers were spending more, not less!
When they ran follow-up customer interviews, the answer was consistent: customers felt protected. They trusted the platform more because the platform was visibly looking out for their security.
Matt called it “tactical friction” - applying a challenge at a point where it’s reasonable, where the customer would themselves expect it, for example: a new device logging in, a new payee being added, or a large transfer being initiated.
At that moment, users don’t perceive friction as interruption, but as someone’s paying attention.
Friction done wrong - Decreases trust
Last year I was on stage, sharing my own personal anecdote about the relationship between friction and trust. I was late paying my taxes here in Germany - five euros, to be precise - and needed to make the transfer that same day.
I logged into my bank account with the same machine I’ve used every week for three years, and… had to go through 2FA.
Fine. I’m used to that.
Then I went to the transfer page and sent five euros to the German tax authorities, a saved payee I’ve naturally paid before, and… had to go through 2FA again.
This is the perfect example of how friction erodes trust instead of reinforcing it. I felt the opposite of taking care of, and the opposite of a smart, capable system looking out for me.
But here’s the thing:
If that exact same sequence had ended with me sending €2,000 to a brand new recipient, I’d feel completely differently. I’d think - this bank actually knows what it’s doing.
And this small contextual difference is the “make or break” moment of user experience and how it interacts with fraud prevention security systems.
Doing friction right
In my experience, the “friction = bad UX” assumption almost always originates from industry doctrine that nobody bothered to validate.
It might have been true in the past, but let’s face it - our culture, habits, and most of all expectations have changed dramatically over the last decade. Especially with GenAI powering headline-grabbing scams that seem to be everywhere.
And like a broken fraud model - we’re making decisions based on outdated data.
Matt’s approach is simple: actually test it.
Allocate 5% of your traffic to a new friction process, run it for 30 days, and look at the data.
The question that leads you shouldn’t be “how much friction can I introduce?” Instead, it should be “where should I introduce friction to increase trust?”
That’s the paradigm shift fraud teams all over need to go through.
What should you test? What separates friction that builds trust from friction that erodes it? Here’s how I think about it.
Do:
Match friction to exposure, so the customer would expect it themselves.
React to high-risk signals that are visible to the user: using a new device, a new payee, or an exceptionally large transfer.
Leverage same-session, completed authentications to extend user trust.
Don’t:
Apply friction in low-risk, repetitive contexts. Same machine, same recipient, same amount - act like you know this customer. Because you do.
Use blanket friction rules across your entire population. A high-volume business account and a retail customer don’t share a risk profile.
Introduce multiple friction steps within a single session.
The key to succeed here? Close collaboration between the fraud and product teams.
Bottom line
Friction isn’t the enemy of customer experience, or at least it doesn’t have to be. It’s all about how you apply it within the context of the user’s actions.
Done right, not only that you’d avoid churn, but you actually even see uplift in user engagement.
What’s your team’s experience with friction and user trust? Have you seen friction leading to higher engagement? Hit reply and let me know - I would love to hear more such stories.
In the meantime, that’s all for this week.
See you next Saturday.
P.S. If you feel like you're running out of time and need some expert advice with getting your fraud strategy on track, here's how I can help you:
Free Discovery Call - Unsure where to start or have a specific need? Schedule a 15-min call with me to assess if and how I can be of value.
Schedule a Discovery Call Now »
Consultation Call - Need expert advice on fraud? Meet with me for a 1-hour consultation call to gain the clarity you need. Guaranteed.
Book a Consultation Call Now »
Fraud Strategy Action Plan - Is your Fintech struggling with balancing fraud prevention and growth? Are you thinking about adding new fraud vendors or even offering your own fraud product? Sign up for this 2-week program to get your tailored, high-ROI fraud strategy action plan so that you know exactly what to do next.
Sign-up Now »
Enjoyed this and want to read more? Sign up to my newsletter to get fresh, practical insights weekly!
