Really, It's Not.

Spotted these two in my company's cafeteria the other day:

They sure look like drains to me! Why not design the cup placement area as a solid piece of plastic or metal, like those on most refrigerator water dispensers, instead of a grill that looks precisely like what I'm told it's not?

Lipstick on a Pig

Proof that aesthetics and quality are not intrinsically linked.

LinkedOut

I admit I'm pretty bad about keeping my LinkedIn account up-to-date, even though I've heard it's what you're supposed to do to make yourself more marketable. It's just that lately I've been feeling pretty guilty about all the unanswered endorsements showing up in my email. So today I finally decided to fire up my browser and hit the LinkedIn website to "return the favor".

Turns out I couldn't recall my LinkedIn password nor had I recorded it in LastPass. I figured I must have used one of my reusable passwords (gasp!). So I attempted to log in with one of those:

nyob is not my email address of course

After pressing the Sign In button I saw the following:

The hated captcha

A bit of a shock. There is now a CAPTCHA (I'm going to use lower case from now on so it doesn't seem like I'm shouting) step as part of the login sequence. Later I discovered that LinkedIn added this step when they detect logins from a different device, i.e. no LinkedIn cookie detected.

Of course I had to refresh the first captcha as I couldn't tell what the numbers were in the photo portion of the captcha (can you?).

After three refreshes I found a captcha that seemed legible, which of course I mistyped; however I did succeed on my next attempt.

After clicking Continue I saw the following:

Fail

You can't be serious. I had just spent an anxious minute fiddling with captcha, only to discover that my credentials were invalid. To make matters worse, I had several reusable passwords that I needed to try, which forced me to have to repeat the captcha stage with each failed attempt.

This poor design resulted in a poor user experience. If the designer's goal was to provide a means of preventing bots from performing repeated login attempts, then why not wait until after two or three failed attempts before presenting the user with the dreaded captcha? At least that way you don't inconvenience the user who may have fat-fingered their password or needed one or two tries to get it right. Furthermore, asking for a captcha post authentication (meaning after a successful login) is beyond ludicrous. It does NOTHING to improve security and only serves to annoys legitimate users. If the designers want to improve security for logins from unrecognized devices they should consider using two-factor authentication or some other means of verifying that the authenticated user is the legitimate account holder. Throwing up a captcha after a successful login does nothing to improve the security for an authorized user, and only mitigates the effect of authorized users scripting malicious events post logon.

The current behavior penalizes legit users

As designers, we should never sacrifice usability to appease the security gods. Instead we should look at alternate solutions or designs that accomplish the organization's security goals while providing a great user experience.

Back to Basics

Which way for on?

Did you guess left? I did too. And I was wrong. Or rather, the design was. 

Reminds me of the chapter on faucets and fixtures in Don Norman's The Psychology Of Everyday Things. 

Security Seal

I spotted this sticker on a gas pump I had never visited before:

Security Seal

Interesting concept; but huge usability and security fail.

1. Prankster decides to slit the seal, easily done since it's a paper-thin sticker. Usability fail.

2. Bad guys can easily re-create the seal and stick it on a compromised machine. Security fail.

I'm sure there are other ways to make these systems tamper resistant and to alert users of a potentially compromised device. Perhaps following on the hard-earned lessons of ATMs would be a good start.

Remember Me

I have another usability bone to pick with my local gas station. You see, even after years of bi-weekly fill-ups, my gas station still fails to remember my preferences:

• No I don't want your overpriced and ineffective car wash
• No I don't want a receipt
• No I don't want to change fuel grades
• No I don't want to pay with a debit card

As a quick aside, this post isn't about the shortcomings of your typical gas station pump's tactile user interface - that merits its own post. This post is about the user experience from the time you swipe your card to the time you can start pumping gas, which goes something like this:

Step 1) Swipe or insert your card. Time elapsed between swipe and transition to next screen: 3-5 seconds, assuming you didn't insert your card the wrong way, or remove it too slowly or quickly.

Step 2) Is this a debit card? Time elapsed between selection and transition to the next screen: 2-4 seconds, assuming you chose credit, longer if you choose debit and have to enter your pin.

Debit or Credit Sir?

Step 3) What's your zip code? Time elapsed between keying in my zip code and transition to the next screen: 4-6 seconds.

Step 4) Do you want a car wash today, even though it's raining? Time elapsed between pressing no and transition to the next screen: 2-4 seconds.

Your Car is Filthy

Step 5) Choose your grade and begin fueling. Time elapsed between pressing the fuel grade button and starting to pump fuel: 4-8 seconds. I think this last step takes the longest because it waits to the last second to authorize the transaction. Wouldn't be a better use of time to authorize the card in the background earlier in the transaction, so that once I've answered all the questions I can being pumping without further delay?

The overall elapsed time between the initial swipe and when I can start pumping gas: ~30 seconds.

Only 30 seconds? You're whining over 30 seconds? 

Heck yeah! 

• 30 seconds X 2 fill-ups on average a month = 1 minute
• 1 minute X 12 months a year = 12 minutes a year
• Ever 5 years x 12 minutes a year = 1 hour
• After 20 years of driving = 4 HOURS wasted!

It adds up doesn't it? To be honest it's not so much about the wasted time (for me); but rather about the careless disregard for my time, energy, and cycles. By cycles I mean the mental cycles I am forced to dedicate to this task to the exclusion of everything else around me, such as checking my email ;). It also bugs me because it seems that the user experience was a mere afterthought in the design of these systems, and that the designers were more concerned with hounding me over a car wash and saving a few pennies (by charging my debit rather than my credit card), than in making my fill-up experience a pleasant, or at least transparent one.

A proposed solution

I propose that gas stations default to:

• Use as credit (since you can run a credit card as a debit card)
• no car wash 
• no receipt 

To use a card as a debit card the user could optionally press a debit button prior to swiping their card. While pumping gas (which takes substantially more than 30 seconds), the the user could add a car wash to their purchase, which would get added to the total once the user is done pumping gas. Likewise the option to print the receipt could be presented during or post fill-up, as is already done at some stations (with a default timeout set to "no receipt" if the user fails to select an option).

What this solution fails to address is the default desired octane rating, and the pseudo-second factor authorization as a result of prompting the user to enter their zip code; however those issues can be addressed by the next phase in the solution:

The second phase is to identify users as repeat customers, which can also help towards establishing a set of defaults and towards minimizing the extra-authorization parameters (zip code). Identifying the customer is useful for cases where the user's preferences conflict with the default station preferences, such as always wanting a car wash, or wanting a printed receipt, or choosing a different octane rating.

So how do we uniquely identify the user without running afoul of privacy guidelines or PCI DSS mandates? When the user swipes the card the following would happen:

1. The card reader reads and records the user's name (ANSI X4.16 track 1) stored on the card
2. The reader then reads the first 5 and last 4 digits of the credit card number (allowed by PCI)
3. The reader then creates a non-reversible hash of the name using the 9 digits as the salt
4. The reader then compares the resulting hash to a data store, either stored locally on the reader (which would make it pump specific) or available to all readers at that gas station (assuming they can be networked, making it gas station specific), or retrieved from a centralized database (more complex but specific to all stations for that particular brand).
5. If the computed hash matches a stored hash then the last set of recorded preferences mapped to that hash are retrieved and applied to that transaction.
6. If there is no match then the user is asked to enter their zip code and the usual set of questions (or use the defaults mentioned earlier). 
7. The answers to those questions are then stored for future retrieval, mapped to the salted hash that was computed in step 3.
8. On the next visit, the computed hash will match the stored hash, and the user's preferences retrieved.

This would give repeat customers the ability begin fueling right away using their stored preferences while giving them the option to override their preferences or the defaults should they wish to do so.

Remember Me logic

There are plenty of hurdles that would need to be overcome, such as:

• Make sure a proper method is used for salting and iterating the hash
• Figure out how to let users save a preference override vs. apply just this once
• Provide a way to opt out of preference storage or remove their preference once stored
• Determine when to delete a set of of unused preferences
• Determine when to acknowledge the user by name (privacy issue?) in the screen readout once a match is made with a stored hash
• And so on...

Improving the user experience is never easy, especially when you consider the marginal return on investment for addressing what amounts to a minor inconvenience; however multiple minor inconveniences quickly add up to major ones with either immediate or long term negative effects. As human beings our pursuit for perfection should be relentless, never satisfied with the status quo. Who knows? Assuming we're still using fossil fuels a decade or so from now, wouldn't it be great if you could just drive over a pump with your car and the machinery underneath would take care of authentication, preference retrieval, pumping, clean-up, etc. without your ever having to exit your vehicle? Yeah, I know that's not really thinking big; but you have to start somewhere.

Door Dings

Most gas stations deploy protective barriers around their gas pumps.

Typical Barrier

These barriers are like door magnets.

Look Close. That's a lot of dings!

Like everyone else, I blame myself for not being more careful.

But wait. Here is a design that puts the user first:

Whack it hard. I dare you!

 Home Depot's cart barrier is made out of hard plastic.

Can't dent this.

Nice. Now I don't feel stupid when I hit the barrier.

Understandably gas pump barriers have to be more robust, since runaway shopping carts aren't nearly as problematic as leaking or exploding gas pumps; but does that prevent designers from making pump barriers more user friendly?

Perhaps a thick rubber strip attached to the pole where door meets barrier?

No more dings.

The way these poles are shaped and the materials involved make this a non-trivial fix. There are certainly other ways to solve this problem, some of which are more radical than others. Or maybe the problem will go away on its own once we have fusion powered vehicles that don't need refueling.