Cost Saving Blueprint:
Twosense vs. YubiKey

Table of Contents

• Introduction
• Hard Costs - What You’ll Pay the Vendor
  
  • Initial Purchase Price
  • Replacement Costs
• Soft Costs
  • IT HR Costs
  • Logistics and Shipping
  • Cost of MFA Friction
• Total Cost of Ownership
  • Optimizing Contact Centers
• Consulsion

Introduction

BPOs currently face what feels like an insurmountable challenge regarding security. Modern MFA solutions either do not work in contact centers, don't meet compliance, and can require a significant investment in hardware. Having no MFA is not an option either, as that puts them at risk of non-compliance. BPOs found non-compliant can be hit with huge fines, suffer a loss of clients, and, worst of all, have a severely damaged reputation. 

Twosense MFA is designed specifically for BPO contact centers and enables organizations to deploy PCI-compliant MFA on every endpoint while reducing their overall costs. The only other real alternative is to purchase and deploy hard tokens, with the YubiKey normally being the first choice. The challenge is comparing apples to oranges when it comes to the price. Twosense is a recurring software license, whereas YubiKeys is a purchase of hardware that you own outright. 

In this analysis, we've done the heavy lifting for you, comparing the two MFA solutions: Twosense and YubiKey. Here's what you need to know: YubiKey may appear cost-effective initially, but hidden expenses, including replacements, logistics, and IT personnel for management, add up significantly. 

Twosense, on the other hand, offers a streamlined and cost-effective approach, reducing both hard and soft costs while eliminating the pain of implementing MFA. In fact, compared to Twosense, the annual total cost of ownership for YubiKeys is over 2.5x more expensive. By the end of this document, you'll be equipped with a clear understanding of your MFA choice's financial and operational consequences, ensuring that your organization can make an informed decision for enhanced security and efficiency in your contact center operations.

Hard Costs - What You’ll Pay the Vendor

Many modern MFA solutions on the market do not work in contact centers. Mobile phones, one of the most used components of MFA, are strictly prohibited from being on the floor or with an agent due to clean desk policies and almost every client contract. Even if mobile devices weren’t restricted, not everyone will accept using their phone for work and in many countries/states (e.g. California, Spain) it’s illegal to have an employee use their own phone for work. Then, the company would be on the hook to provide a device that could be used for MFA. These complications eliminate any MFA solution that requires a cell phone as an option.

Initial Purchase Price

Hard tokens are devices purchased from the vendor rather than a subscription. Once purchased and procured, you own the hardware and reuse it as you see fit. Currently, a YubiKey goes for about $50. 

Twosense software license agreement is $6 per user per month or $72 per year. 

Replacement Costs

Often, the initial vendor costs are the only thing customers look at. However, for BPOs, the workforce and turnover have a high impact that affects the bottom line. BPOs have an average agent turnover rate of 100% annually. 

Twosense licenses are calculated based on the active users each month. If one agent leaves and another joins, the total license seat count remains unchanged– and does not incur additional costs. Additionally, Twosense software does not require license administration from IT or security personnel. 

Hard tokens, on the other hand, are physical devices, and there are many ways through which they become unusable. Agents may lose their hard token, have it stolen, or simply break it. But they are often not returned when an agent leaves the organization.

Based on data from some of the largest BPOs, our team found that hard token replacement rates were around 10% monthly in 2022. Yes 10%! It is almost entirely driven by tokens going to agents who don’t show up on day 1, tokens not being returned when they leave, or being returned in an unusable state. Month over month, unreturned and damaged hard tokens add up. Annually, the organization was looking at a 100% replacement rate. For a 1,000 agent headcount and an initial 1,000 tokens, ongoing procurement of 1,800 annually is required.

The cost of replacement is the following: 

IT HR Costs

The cost of managing hard tokens should not be overlooked. In addition to purchasing the hard tokens, organizations should consider the manpower required to manage these security keys. Someone has to manage the logistics of hard tokens, and organizations tend to need one full-time employee (FTE) in IT for every 1,000 devices.

As with any device, tokens can get lost or damaged, and employees will need technical support. There is also the responsibility of assigning, managing, and eventually collecting tokens as people are hired, fired, or quit. When a device is returned, there is a complicated process of deauthorizing the old account, reauthorizing the new account, and then distributing the token to the new user.

With an industry average of 150% turnover, organizations find most keys are not returned or are damaged enough to need replacing. 

Logistics and Shipping

Twosense is software and is deployed remotely through group policy. No physical media or hardware needs to change hands, even for deployment to remote employees. However, hard tokens are a different story. Every token needs to go to IT HQ and then to the end user from there, requiring multiple people to do multiple things.

First is procurement logistics; the initial step involves the acquisition of goods in bulk quantities. Once these bulk purchases are secured, transporting them to their intended destination is the next crucial aspect. Depending on the specific location and origin of the devices, imports may be needed, which adds another layer of complexity to the logistical process. This importation stage often involves intricate considerations related to customs clearance, including the necessary documentation and procedures to navigate the intricacies of international trade. 

The time and cost associated with successfully passing through customs are pivotal factors that significantly influence the overall efficiency and cost-effectiveness of the procurement logistics operation.

Once the hard tokens arrive, there are individual logistics that should also be taken into consideration. These tokens must first be enrolled in the respective user accounts, ensuring seamless integration into the system. Subsequently, the distribution process begins, with each token carefully allocated to its designated user. For remote users, such as work-at-home (WAH) agents, the tokens may need to be shipped to them, adding an extra dimension to the logistics. 

It's worth noting that in instances of replacement keys, expedited shipping methods, often exceeding $100 in cost, may be necessary to ensure swift replacement. Based on available data, it is evident that the average shipping cost for each hard token typically hovers around $10, contributing to the overall expense associated with this vital aspect of the logistical process.

Cost of MFA Friction

There is an additional hidden cost that’s often overlooked because it can be challenging to see. MFA, including hard tokens, requires the user to act to execute the second factor. It could be as simple as tapping the token, getting a code from an OTP provider, or responding to a mobile popup. However, each time a user is required to do any of these actions, it takes 15-45 seconds. This process consumes 10-40 minutes of productive time per agent monthly. 

Twosense, however, is entirely passive. The software does the work of the second factor. This enables IT and Security teams to deploy MFA that is seamless, invisible to the user, and instantaneous. 

The Cost of MFA Friction Blueprint demonstrates the time savings and can be found here.

“MFA is something everyone loves to hate, but it’s necessary, and people get it,” he said. “With Twosense, we are able to make that necessary evil a little less evil.” 
 -Taylor Higley, Director of Information Systems, AFGE

This cost can build to an enormous amount. For example, even with only 2 MFA challenges per user per day, that time adds up to 10 minutes per user per month, or 120 minutes a year. Assuming an industry standard of $.75 per minute for a fully loaded cost per agent and a population of 1,000 agents, Twosense pays for itself more than 2x in time savings. 

Total Cost of Ownership 

Taking all of the costs associated into account, below is the total cost of ownership for the first year: 

Optimizing Contact Centers

With Twosense MFA, organizations can deploy MFA in a contact center environment for a team of 1,000 for as little as $72,000 annually. Unlike hard tokens, Twosense does not require organizations to assign, reassign, or manage seats or devices. By design, Twosense only counts people actively using the software in the last 30 days. This helps reduce friction for admins and reduces wasteful spending.
Twosense products allow IT to deploy behavioral, PCI-compliant MFA on every endpoint, saving on average 40 minutes a month per agent by eliminating identity security friction.

For BPOs looking to do more than just check the MFA box and save money, Continuous MFA detects every attempt to access a protected machine by a malicious user. This enables teams to deploy multi-factor authentication everywhere and adds a layer of protection from potential data breaches.

The financial fallout from a data breach is not something to take lightly. Beyond reputational damages, organizations face the cost of remediation, any potential infrastructure updates that might be necessary, or the cost of having an audit done, which can often cost upwards of $100,000 alone. 

Don't risk the unnecessary costs of insufficient or no multi-factor authentication in your contact center.

Conclusion

In conclusion, when implementing Multi-Factor Authentication (MFA) solutions for Contact Centers, it's crucial to consider both the hard and soft costs of different options. While the initial purchase price of YubiKey may seem lower, it's vital to recognize the hidden costs associated with hard tokens, such as the ongoing expenses related to replacements, logistics, and IT HR management. The cumulative impact of these costs can be substantial, making YubiKey a less cost-effective choice in the long run.

Twosense offers a more streamlined and cost-effective solution. Twosense provides financial savings and eliminates MFA friction, enhancing productivity by saving valuable time for your agents. Twosense's approach offers a competitive edge and robust security without unnecessary overhead in the context of contact centers, where operational efficiency is paramount. In today's cybersecurity landscape, where data breaches can lead to substantial financial losses and reputation damage, making the right MFA choice is critical. By opting for Twosense, your organization can optimize contact center security while controlling costs and ensuring a seamless user experience. To learn more and see Twosense in action, we invite you to schedule a one-on-one demo and take the first step toward a more secure and cost-efficient future.