Coffee Shop
Concept
Continuing the investigation into physical stores and POS experiences, we spent a sprint or two on high volume commodity purchases in grocery stores and fast food restaurants. We kicked off the sprint with an observational study of 15 different cafes around Pittsburgh and interviewed cashiers and managers. We then prototyped a number of different interactions for how a customer could authenticate at the point-of-sale. These methods included saying your name, taping the phone like NFC, typing in a PIN, or using facial recognition with various styles to authenticate at the point-of-sale.
However, we maintained the constraint that the merchant should not have to buy new hardware, and stuck to a tablet at the technology available at the counter. The general finding overall was that credit cards work very well as an identifier and authenticator in stores, and Continuous Authentication will almost certainly be more practical online for a number of years before it makes sense in a physical store.
3 attributes
Business value to MastercardWe chose high-volume commodity purchases, "top-of-wallet" buys. People have to buy boring things all the time: gas, toilet paper, fast food. And when they do, they use the first card in their wallet without thinking about it. Since a significant portion of Mastercard's revenue is from transaction fees, this is a meaty area for them.
Opportunity for Continuous Authentication (CA) to enhance the Customer ExperienceSome of the benefits Continuous Authentication can provide are reduced fraud, potential for higher volume, speed of transaction increase, better UX, increased brand loyalty, etc.
Social frictionAs mentioned earlier, we want to have a cohesive experience for both customers that are using a CA system, and 'legacy' customers. Our design should reduce awkwardness, hassle and a sense of division between people, either cashiers and customers, or peer-to-peer.
We began thinking of the experience a regular customer of an establishment has, let's use a bar as an example. Once finished with their food or drink, they turn to the bartender, say "put this on my tab", and leave. The payment is handled by the establishment. It's an elegant and hassle-free experience. Can Continuous Authentication bring that kind of experience to anyone?
From a tech point of view we see three different steps to identifying a customer.
Step one - Includes all the customers that have signed up for your store via this magical Continuous Auth app. For a big retailer let’s call this 50,000 customers signed up.
Step two - We identify who is in the store and likely to try to checkout right now. GPS is great at the scale of a few meters, and we can assume if they’re within a geocached area of your store they’re in a list of potential shoppers. Let’s say this is a couple dozen - 24 people in store that may be trying to buy something right now.
Step three (the hardest) - Now we have to whittle down who is "next in line". Out of those 24 people that can potentially pay with CA, who in the digital system is who in the meatspace of the store, and how do you identify who is who. This actually is the crux of the issue. GPS only gets you into the store, but customer must identify themselves to the cashier. Without a sophisticated sensor based or computer vision system, it’s hard to know who is who. How can a person identify themselves in a space easily and securely?
We know the onboarding experience will be critical no matter what, and since we were trying to offload the computation to the customers device, we prototyped the onboarding experience (on a customers phone) and the ideal purchase flow (at the merchant's counter/POS) for five different authentication.
- Verbal - customer adds a customer name and orders using this name, "Hi, I'm Dan Smith."
- Video Raw - Much like the lemonade stand prototype, there's a raw video capture using facial recognition.
- Video Animoji - Facial recognition here as well but the customer doesn't see raw video and instead sees a live animoji of themselves
- Pincode - A basic 4-6 digit pin code the customer determines beforehand
- Phone touch - An NFC reader much like Apple Pay currently
Research Questions
1. OnboardingHow does the person get in the system/sign up for the service? (Bank app, Apple Pay, Mastercard app)
2. Enter storeHow does the merchant know you are inside the store?
3. Item OrderHow is this assigned to your account?
4. CheckoutHow does the merchant know your identity to make sure your order is charged to your account?
Methodology
Numbers of Users: 5
Users were primed on the concept of Continuous Authentication by reading a fake TechCrunch article we provided to them beforehand.
Link to fake Tech Crunch page
We role played with users and created a cafe experience where users had to pay with a phone we provided them for a 'coffee'. They did this for each different experience. Afterwards, we had an in depth interview on their thoughts.
Findings
01.Experience trumps Speed
In physical spaces, Continuous Authentication is not necessarily faster, but it can make the payment experience disappear
02.Users share devices and Continuous Authentication systems need to account for that
"The app would be cool with a family account… I give her a maximum [budget], and it's secure. And if it had a receipt, I could monitor my daughter's buys at Starbucks"
03.Users feel secure for different reasons
"I liked PIN and phone tap because it's more like how it works today."
"Phone tap is the most invasive since it might collect a lot of information without my awareness"
04.Falling back to an existing authentication method is comforting to users, and enhances the experience as it reinforces their current mental model
"I liked PIN and phone tap because it's more like how it works today."
05.Mixed reactions to facial data being collected
"Weird to have the store take a photo of me."
"It scares me when I see my face on screen."
06.Merchants will require significant investment in POS technology to make Continuous Authentication in stores a reality
Customization - Even among our small sample, all 5 prototypes were selected a preferred by different participants. This reinforces earlier ideas that no one method is ideal, and a variety of methods should be available to the user to select.
Physical Cards work very well - In the end, we've reified how convenient and solid physical cards are in a physical store. They actually work great. We've been using them for 70 years. Everyone knows how they work. They don't have to be charged. In short, they're great. If we think phone payments are a nice new step, it will be for some value add beyond convenience.