User Control, Consent, Autonomy

Related Prototypes: MC Onboarding / Avatar Onboarding / Lemonade Stand

Through trying to answer research questions around creepiness and comprehension of a Continuous Authentication system, we discovered both are closely intertwined with a user's feeling of control.

We attempted to determine the level of detailed information about the system users want to know during onboarding. Users either needed or could tolerate a range of communications, from detailed descriptions to more condensed mentions of it, as long as they felt they were in control of their participation at any given time.

  • Usability
    1. UI should show privacy control options
    2. Leverage existing security mental models
    3. Educate and Re-educate
  • Autonomy
    1. People trust their own devices
    2. Allow users to opt-out
  • Data privacy
    1. Provide control over data
    2. Show user's profile
    3. Avoid dark patterns

Usability

01.UI should show privacy control options

Show context of use and data collection in action

"Check boxes help me know that I have to acknowledge and accept what I'm agreeing to…"MC Onboarding

02.Leverage existing security mental models

Falling back to an existing authentication method is comforting to users, and enhances the experience as it reinforces their current mental model

Strength Bar

People preferred the Weak - Medium - Strong scale when choosing what sensor data to share with the app. It reinforces their mental models of authentication during password creation. Here we are using it to show that the more data provided, the stronger the profile is.

Step-ups

Many people immediately associated the various step ups with captchas and assumed the step up was to determine if the user is a human or a bot. Although this may reinforce a fallacy of it being Turing test focused, the user does immediately associate it with security. Messaging around how it is unique to them as a person could better educate them about the identifying security aspects around it.

"I do like that there's a human element (2FA) that I have more control… you'd have to have access to an email or some type of code."Customer Journey Study

03.Educate and Re-educate

Show users the impact of their decisions when onboarding to the service.

Profile strength bar helps incentivize data being shared. A low resolution one like this example does not give bad actors any details about which factors are weak, while also providing the user with a metric for how safe their profile is.

"I'd try different combinations until the bar indicates strong."Avatar Game

Autonomy

01.People trust their own devices

People feel more comfortable when facial data is captured on their own device, not a merchant's POS system.

Do Allow users to authenticate through their own device
Don't Authenticate users only on merchant's device
[On capturing facial data on phone] "There's a degree of control, gives me a little more comfort"Lemonade Stand"If this was on my own device it would have been better"Lemonade Stand"I don't want my face videoed all the time, I'm more comfortable with camera usage on my phone than my computer."Lemonade Stand
"Weird to have the store take a photo of me."Coffee Shop "It scares me when I see my face on screen."Coffee Shop

02.Allow users to opt-out

Data gathering without opting in is uncomfortable.

Do Provide option to opt-out
"This feels like something's wrong. This is so in my face."Lemonade Stand "I'd find it strange if it's collecting data in the background. I won't sign up unless I knew how it was working…""Small Merchant Checkout "I would want it [autofill] if I opted in to it, not that they just do it."Customer Journey Study

Data Privacy

"No matter how often we say we're creeped out by technology, we tend to acclimate quickly if it delivers what we want before we want it. This is particularly true of context-aware technology. Just consider how little anyone seems to mind now that the Google Maps app mines your Gmail. Today, Google Maps is studded with your location searches, events you've arranged with friends, and landmarks you've chatted about. It's delightful, and it took hold faster than the goosebumps could. The utility seems so obvious, your consent has simply been assumed."Wired, 2015

01.Provide control over data

Users should always have the option to control the type of data collected.

Control given at onboarding is easily ignored. Users need to have a place where they can always go change settings.

"From the point of view of being able to have control over your purchases and your activity online, autofilling without opt-in does not feel good."Customer Journey Study

02.Show user's profile

Provide control over the profile generation process.

Give users an option to delete the profile.

"What do you know about me, Mastercard?"Customer Journey Study

03.Avoid dark patterns

Data sharing can be incentivized, but care must be taken to not design a coercive experience.

"A child could do this by accident, as if they're playing a game."Avatar Game