PayPal Password Recovery (2009)
Over 80,000 calls per month with over $15 million revenue at stake.
In 2009 while I was working at PayPal, I noticed that we were getting 80k+ calls related to password recovery, and it was one of the top call drivers. I was curious why this was happening and why we were not doing anything about it. I talked to my colleagues, and no one had a good understanding of the problem. So, I started my won investigation.
First, I collected site feedback for the last six months and created an affinity diagram to understand what people are complaining about.
Second, I collect call analysis to understand the reason for the call.
Finally, create a fall-out report using site analysis to see where they are dropping off.
To my surprise, people who were calling were not necessarily giving feedback on the site and vise versa. This means that many more people just gave up and didn't bother calling the call center to recover their password.
I worked with a Product Manager to identify revenue loss, and we calculated over 15M loss from just one of the checkout experiences. So, together we put together a proposal and presented it to the head of product, and he signed a new team to work on this issue.
Customer call and site feedback analysis in one diagram.
Sample fall-out report showing drop off between pages.
Overlaying problems in the existing flow to understand where the drop-off was happening and the reason behind the drop-off.
With all the data on hand, we came up with few simple solutions.
Combined both password and email recovery to one flow.
Simplified email recovery by simply asking them to enter the last three email addresses they think they may have used.
Simplified the recovery process through the phone.
Cleaned up messaging in each step of the process.
Created recommendations for country-specific enhancements to make password recovery easy while still maintaining security standards.
Before this project, Paypal used to ask the user to fill a form and then tell them if the email is correct or not.
After the new project we just asked them to enter three email address and then telling them which one is correct.