14th May 2019
How might we...
...… minimise the information people have to provide to use the service without compromising security?
Providing a comforting experience through thoughtful data requests
In order to create consistent, enjoyable and transparent digital experiences, understanding the audience and the local context in which an app will operate is a must. People have different attitudes to and sensitivities around privacy. Across the world, people’s daily needs and cultural backgrounds influence how they want to share and use data. By exploring these factors, services can be thoughtful when asking people to provide personal information by explaining the consequences of providing data in a contextually relevant way.
Product Context
Garms is an online fashion shop targeting a young audience. They sell products from over 500 brands and also host a peer-to-peer marketplace. People willing to sell something through Garms have to go through an ID check.
Garms currently deals with identity verification though a third party by asking users to provide:
- Passport or a driver’s licence
- Home addresses for the last 3 years
Problem & Opportunity
Younger audiences are used to sharing on social media but are often reluctant to share personal information on lesser known platforms.
Around the world, there is no single answer to what is considered sensitive data. When dealing with personal information and security features, adopting a localised approach can be key to success.
In addition to the regulatory context, taking the social environment into account is essential to designing data related features. This is specially relevant when it comes to dealing with official documents and validation: people need to know who will be on the other end, how and what they will be using this data for. People in Mexico - the region in which this specific product will be used - happen to have multiple kinds of IDs that tend to diverge from those commonly used across the world;
Policy makers, legal experts and designers working together on Garms's prototype
Design Features
Relying on already verified information to build a time-efficient experience
In order to challenge the required information to proceed to identity check, the team focussing on the problem asked:
- Who is our audience?
- What is the required information?
- Who will verify this information?
As it turns out, they identified that the required ID would potentially be leaving out an important part of the Mexican population because not everybody has such documentation. Asking for the previous home addresses made little sense given how hard to prove that would be for people - and even more so considering Garms is addressing a young audience who will most likely not have easy access to such documents.
Validation would be taken care of by a third party - currently undisclosed by the app to the people. Also, because the target audience are young individuals, not businesses, they would most likely not have known much about this required information beforehand.
In order to generate a more effective and secure authentication flow, Garms decided to only asks people for a bank account number. As banks operate a lengthy identity check to open an account, the app relies on the financial institution’s already verified information to confirm people’s identities. In addition to offering a better experience by sparing them from providing further documentation and information, this process benefits Garms as it would reduce data processing, data storage, costs and legal risks.
Design Features
Considering the overall experience to evaluate friction
While this might generate extra steps within a flow, providing people with the right and sufficient information shouldn’t keep an app from delivering a fluid and enjoyable experience.
However the solution not only makes sense because less information would be required from people, but also because they would need a bank account to buy clothes and withdraw earnings made through the app.
Adding a few steps in one place might actually mean removing others elsewhere, therefore improving people’s experience overall. Most of all, providing people with secure information and clearly communicating intentions to them is a way to strengthen the relationship and build trust.
Design Features
Strengthening privacy and brand trust
Voice and tone deserve attention. Not only because communication needs to happen effectively, but also because it’s part of a brand identity. Whether communication is as long as an email or as short as a control button, services should understand their audience to craft a more cohesive experience.
Next steps
When designing for trust and transparency, it’s important to consider the local and social context in order to surface and ask for the right type of information from a specific audience.
Additional steps do not always generate additional friction: consider the overall experience and whether adding one step here might simplify the overall experience over time.
Build trust through words: think about who could be on the other end of the communication and make it understandable. Putting people at ease is one step further down the path of a trustworthy relationship.
How might we build the identity check to prompt teens to sign in with a parent if they don’t yet have a bank account?
