User authentication status

  • User is authenticated, accomplished behind the scenes via an integration (an action, not an intent)

  • User is authenticated, just tried to authenticate conversationally and succeeded

  • User is not authenticated and confronts an authentication trigger

  • User is not authenticated, just tried to authenticate conversationally and failed

Triggers for authentication

  • Whole experience requires authentication, so this is triggered at the start of the interaction.

  • Just-in-time authentication trigger examples

    • Entering secure chat

    • Asking for protected info

    • Initiating a transaction

    • Checking balances/due dates/credits

Authentication conversation

  • Explanation to user for why they need to authenticate

  • Options if the user doesn’t want to authenticate.

    • Exit

    • Subset: only offer an experience not requiring authentication

    • Repair

    • Persuade: try to convince them it is worth authenticating

  • Authentication procedure

    • Collect user info conversationally (e.g. username and password)

    • ​​If no account, then register

    • Link to external authentication page

    • Secret questions

    • Voice biometrics

  • Optional: Explanation of authentication success or failure

Embedded authentications (aka double authentication)

  • You might authenticate at multiple levels. For example, a user could authenticate with the Alexa service, and then also authenticate with a skill within the Alexa service. A CapitalOne banking skill within Alexa might need to do this.

Last updated