Digital Identity Management
Online Trust and Privacy
With the communication infrastructure provider Nokia Siemens Networks, IxDS developed an identity management portal that empowers internet users to regain and keep control over their personal data online. Living in the digital world of today means storing many aspects of your life on computers far away–online, in the “cloud”. We can view our photos, emails, and shop from anywhere which is great.
But we also want to make sure we control the access to our data. Considering the many services even the less internet-savy users are signed up to and the complex technology behind them, a lot of internet users feel lost. A general uneasy feeling among the user base degrades the (business) perspectives for all web based services.
Security: From Technology to Emotion
To come up with a solution for this pressing issue, we joined forces with the Interaction Design Lab at the Potsdam University of Applied Sciences. Our clients know their matter well and they had a serious and very secure technical prototype already in place. In very rough termns, this prototype allows to define which service is granted access to which set of (personal) data and defines access and update protocols. Since it is complex technology, however, the later end users are unlikely to understand all details.
Apart from that, trust is not a rational category. Obviously, the underlying technology must be robust, secure, and fulfill what the interface promises. But in their daily life, the users need to rely on their intuition and the experience with a system (even experts, who had checked the nuts and bolts before, rely on their intuition during later use when they are occupied with other tasks).
Therefore, our interface design had to address these expectations and communicate that the users are “at home” and their data is safe. We needed to understand the needs and habits of end users concerning their private data in detail. Through our ethnographic methods, we got to know rich stories about unorthodox ways people manage their bank accounts, about shared email passwords and credit cards, or about their web shopping experiences. Fueled by this inspiration, we created new and important ideas in a joint, co-creative workshop together with our research participants and with several senior managers from our client.
Following the Users’ Mental Models
The ideas from this workshop already contained the core of the mental models that we used to define the new identity management portal: For example, the portal allows its users to create various “personas”, that represent a set of data. The data for simple discussion forums can be different from that for casual shopping and from that for serious online business or eGovernment. Another feature, building directly on user statements, automatically checks what can be found online about a user (at least by simple means). It creates a “reflection” of the user’s online identity, and at the same time raises their awareness for privacy.
We created a user interface that brings the underlying technology and the perspective of the users together. Throughout the project, we focused strictly on putting the users in control and making security an experience for them.
To make sure we met the end users expectations, we had several intense feedback discussions. Following our prototyping traditions, we turned the design into an interactive and tangible product so that our test users could try it “live” and had a realistic impression as basis for their evaluation.
The management portal was on show at the Mobile World Congress 2011 in Barcelona and at the Cebit 2011.