Respecting conventions doesn’t mean that you have to slavishly follow them, that would be boring and unnecessary, BUT if you *are* going to break with convention then make sure it is very well sign posted, otherwise people will make mistakes.

I give you terminal 5 at Heathrow. 

Firstly a quick question – how long before an international flight do you need to get to the airport? 

The vast majority of people would say that the conservative answer is 2 hours but they don’t usually give it quite that long. 

Another quick question – how long before a flight to a European destination do you need to get to Heathrow? 

Again, most people will give you an answer around the 1 hour mark.

Now… you may already know this, but if you want to fly from London Heathrow Terminal 5 to Istanbul in Turkey (as I did the other day – yes the weather is beautiful, thank you!) they want you to get there not one, not two, but THREE hours before your flight.

We arrived an hour before our flight the other day and were severely reprimanded and had to be given ‘permission’ to proceed from the check in desk to try to get our flight. Fortunately (for us) the entire security software system crashed and massive queues meant that most flights (including ours) were delayed and we made our flight with plenty of time to spare.

So, given that getting to the airport 3 hours before the flight is apparently a big deal for BA, and given that T5 is relatively new, and given that in all my years of international flights, I’ve never been expected to be anywhere any earlier than 2 hours before the flight, you might expect that BA would make a big song and dance about this 3 hour requirement.

You’d be wrong.

They *do* make a big song and dance about the fact that we were leaving from T5 and that T5 is a new terminal. I definitely knew that because they advised me at almost every interaction I had with them regarding this flight (and these days there are quite a few touchpoints between purchasing the ticket and boarding the flight). But what did they tell me about time?

This is an excerpt from the email they sent me one week before the flight, specifically to help me to prepare for my upcoming flight:

IMPORTANT: For flights departing from Terminal 5, you must pass through ticket presentation and security at least 35 minutes before the flight departs. For other important information about passport, visa and UK domestic flight security checks, please visit ba.com/t5information.

So, honestly. Do they *really* expect me to turn up 3 hours early when this is the information they give me.

Perhaps they do, but I can tell you that a good portion of the passengers for the Istanbul flight were stuck in the security queue with us, having arrived much later than 3 hours before. And I doubt that it was because they were being naughty travelers, or that they liked the adrenaline rush of almost missing a flight. They just assumed, as we did, that turning up an hour before a flight from London to somewhere in Europe was the right thing to do, because that’s what we’ve done many times before.

This is what we do as humans. We make assumptions based on past experience and if we think we *know* how something works we don’t bother investigating it in detail, because we could spend our time and energy investigating things we think are new and interesting.

If people are making assumptions about your product, service or interface design and you’re *not* following the conventional approach, make sure whatever you’re doing differently is very clearly signposted. And then signposted again. Otherwise mistakes will happen.

And a customer who is making a mistake is very rarely a happy customer.

(disclaimer – yes, yes. I know that technical Istanbul is both European and Asian, doesn’t really make a difference to the discussion tho’)

Here is a new phone we got the other day. It’s our landline phone. Pretty cute huh? It’s called the Aqua by BT. Don’t buy it. I paid about £100 for a set of these phones. They are going to cost me a lot more than that in no time.

Here’s the thing. How do you end a call on a slide phone (which is what these are)? Simple – you close the slide, right? Well – yes, on every other slide phone that I’ve ever encountered, but not on this phone. Closing the slide does nothing… except closing the slide. So, when I went to make a call last night I discovered that, in fact, a call was still in progress. A call to a mobile phone, that had been connected for 8 hours. Ouch. I am *dreading* seeing this months phone bill because this isn’t the first time we’ve made this mistake. Although, this is probably the worst example.

We keep making this mistake because the slide-to-end-call convention is such a strong part of our model of how a slide phone works. We will keep making this mistake – despite the fact that we will be punished, seriously, by our telco.

As cute as these phones are, they’re going to be returned very soon because the experience of using them is so broken.

Moral to the story – if you’re designing something that has existing conventions associated with it – ignore them at your peril. Otherwise you’ll end up designing something that sucks as badly as this phone. And we don’t want that, do we.

End of rant.

Several weeks later, this arrives:

Dear Leisa

I am not a sensitive person by nature, but I have to say that I am feeling a little hurt. We’ve invited you into our Club, but you’ve clearly decided not to.

So, as a one-off attempt at sheer bribery, I‘m offering you your first, trial Club case HALF PRICE at just £47.88 (that‘s a ridiculously low £3.99 a bottle!). Plus, two FREE gifts, worth £30. That‘s an overall saving of nearly £80.

Sound good? Then click here to claim your HALF PRICE case and FREE GIFTS.

But you‘re probably not ready to join yet. You‘re probably thinking…

I can buy the wines anywhere.

Well you can‘t actually. The boutique wines we reserve for our Club Members never appear in the supermarket. And they are always offered to members at a lower price than non-members get them for.

It‘s just like one of those ghastly book clubs.

Er…sorry, not correct on this one either. Quite simply, you have no obligation to take any wine you don‘t want. You don‘t even have to pay us for any wines that don‘t blow your socks right off.

I‘m not the joining type.

If we explained that the reason we have a Club in the first place is because 40,000 people can buy better than 1, perhaps you‘d change your mind? If you join us, 40,001 people will buy better than 40,000.

Or maybe you‘ve just not got around to it. Which is fine. People who buy wine by the case tend to be busy.

So what would be a good reason?

Here‘s one good reason to test us out right now. We‘re keen to recruit new Members. So, for one last time I‘m offering you your first, trial Club case HALF PRICE at just £47.88

Take our HALF PRICE case NOW, and you‘ll receive a complimentary pair of beautiful Dartington Wine Glasses, completely FREE. Plus, a FREE professional lever corkscrew, worth £20.

Still not sure?

What is the worst thing that can happen? If you don‘t like the wines, I promise to refund you instantly, without any fuss whatsoever. If you agree that these wines are a big step better than you can get in the supermarket, you can look forward to a lifetime of feeling superior to non-members.

So why don‘t you join us now and find out what it‘s all about for yourself? Not next week, but right now.

Cheers

Rowan Gormley
Founder, Virgin Wines
www.virginwines.com/reasons3

0870 050 0305

The insight that the tone taken in this email gives me to this brand is profound, and frankly, I don’t want anything to do with a company who has this kind of attitude in their customer communications.

We’ve spoken before about positive ways to handle ‘abandonment’ – well, here is the flipside, a combination of guilt-tripping (‘I am not a sensitive person by nature, but I have to say that I am feeling a little hurt. We’ve invited you into our Club, but you’ve clearly decided not to’), cynicism (‘So, as a one-off attempt at sheer bribery…’) and smart talk (‘Er…sorry, not correct on this one either…’). Yes, consumers today are media literate and this level of ‘openness’ could potentially work well, but be nice about it. I’m supposed to enjoy buying wine, with this email VirginWine have put me right off my drink!

Take care with your tone – and of course, this applies to any kind of copy that you’re writing. And know that only *very* few brands can be anything but nice to their customer.

Interestingly, I’ve found that by moving countries but not changing my email address I’ve become an edge-case for some applications and websites that I used to use quite frequently and that you probably use now too.

iTunes, for example, wants me to use the UK iTunes store now rather than the Australian store. This is fair enough and, I’m sure, is all to do with licensing. Thing is, they also want me to register with the UK store, but when I go to register, they pick up the email address I’m using and tell me that my email address has already been registered. There doesn’t seem to be any way that I can update my profile to ‘move’ myself from Australia to the UK – the only option that iTunes gives me is to use the Australian iTunes store… which sounds well and good except I can’t use my UK credit card at the Australian store, and I’ve ditched all my Australian cards. The end result is that, unless I want to give iTunes a different email address and register with the UK store using that address, I can’t buy tunes from Apple. Annoying.

Similarly, PayPal deals very inelegantly with members who move countries. Again, there is not way that you can update your profile from one country to another. Rather, you have to close your old account and open a new one. You can’t transfer funds from the old account the new account either – you have to withdraw the funds, in my case to an Australian bank account (which, you guessed it, I’ve already closed).

So, what’s the point? Am I going to moan and complain because iTunes and PayPal have either not thought or not cared to create a better experience for people who move countries and don’t change their email address? Well, no. I’m sure that the number of people who are in my situation is relatively small, and as such, the effort required to improve the experience is better spent looking after the majority of their target audience.

This is one of the first times, though, that I’ve found myself as an ‘edge-case’ for two services that I would happily choose to use on a regular basis, and it is a rather unsettling experience. At this point, my desire to use their services is not outweighed by the effort required to make this possible. I’m having to find other places and ways to spend my money and, although I theoretically understand why they’re treating me so badly, the poor experience has removed any warm fuzzy feelings I had for either service.

What’s the moral to the story? I think, perhaps, that it’s not to try to eliminate edge-cases – all you achieve by doing that is to give everyone a very mediocre experience. Perhaps, though, be aware of instances where people who were previously smack in the middle of your target audience become edge-cases and try to make their edge-case experience not utterly impossible. Recognise that there are two types of edge-case audiences – edge-cases who don’t really care, and edge-cases who are quite fond of you but have just gotten into a tricky situation. Perhaps spend just a little more time looking after the latter. They’ll thank you for it.

Rob: ‘Hi, this is Rob from HSBC. Before I can continue this conversation I need to confirm some security details with you. Can you tell me your date of birth please’.

Leisa: ‘You must be kidding Rob. I have no reason to believe that you really work for HSBC. Why on earth would I just hand over my personal information like that?’

Now, I don’t know whether Rob was just improvising, or whether this is an official HSBC script, but it is wrong, wrong, wrong. What Rob and HSBC are doing here is treating people to NOT take care with their personal information. What is this going to do for HSBC and their customers? It’s going to make them both much more likely to get stung by fraudsters, and to both lose time and money for no good reason.

Surely HSBC should be going out of their way to educate their customers NOT to hand over personal information whenever some random person calls up asking for it.

Either way, Rob was not impressed. He did have a backup plan (I give him part of the information and he confirms the rest… which is slightly better), but he took *that* tone with me for the rest of the call. You know, that ‘you’re an irritating customer’ tone. Not a great start to the day.

You know what it reminds me of? And it’s something that more and more of us are guilty of participating in – especially those of use who are designing applications that support social networks. It reminds me of this:

This is the ‘find friends’ feature that we’re seeing on more and more sites (this one is taken from Facebook) where we are blithely asked to put in the full log in information for our email accounts, or our IM accounts or our other social network site accounts – and, more often than not – we do!

Now, clearly there is a big incentive to do so because these kinds of applications work well only when you’ve managed to connect with the people you know and care about, and using existing information like the contacts from your email or IM account makes this reasonably painless. The application does most of the work for you.

But do we really realise what we’re handing over when we give this log in information away? Do we realise how much we are trusting Facebook, for example, to play nicely with that information? Think of all the email and IM conversations you’ve had that are accessible using these login credentials… now think about the level of security at somewhere like, say, HM Revenue & Customs (where they recently ‘lost’ the personal information of millions of UK taxpayers), and now think whether somewhere like Facebook would have better or worse security… both now, and potentially in the future.

Sure, they *say* they’re not going to store or use that information… but are you really willing to take them at their word? Are you willing to TRUST Facebook (or any other site) that much?

We don’t really think much about this when we’re giving away our username and password, do we?

And why not? Because, just like Rob at HSBC, it’s almost as though we’re being pressured into just handing over the information otherwise we’ll get inferior service (and/or an attitude). We’re actually being trained to believe that handing over this information is the RIGHT thing to do.

Brian Suda calls this ‘Find Friends’ form an anti-pattern. He says in a recent Sitepoint article:

Another pitfall that you’ll want to avoid is sites that ask for the login details for your email account. This is a huge security hole. By handing over this information, you’re giving a random provider access to all your emails and friends, not to mention access to APIs through which they could edit and delete your information. And, as none of us want to admit, we often use the same passwords for many different services. Provide your email password to a site, and its owners can not only get into your email, but possibly your bank accounts (and a bunch of other services) as well. You should never give your password to anyone! Creating assurances of privacy lulls us into a false sense of security — it relaxes us into thinking everyone can be trusted and everything will be safe. This bad behaviour is exactly what phishers love to prey upon.

Enter design ethics. If ethics plays any part in the way that you’re designing your application or website, then this should be raising hairs on the back of your neck… you should be thinking that this is not right and that there is probably something you should be doing about this.

In fact, there are at least TWO somethings that I think we should be doing in this situation.

1. The first is that we should be doing our best to help our customers/users/members to protect themselves. We should be educating them about the risks of handing over this kind of information and we should NOT be normalising this kind of behaviour.
2. The second is that we should be looking for and encouraging alternatives to this ‘find friend’ functionality and we should be encouraging our clients/companies to opt for implementations that help our customers/users/members be more secure.

The kind of alternative that we should probably be looking for is something like OAuth which is an open protocol to allow secure API authentication in a simple and standard method from desktop and web applications. It is designed to help you get the information you need to give your end users a good experience without asking them to hand over personal information, like a username and password. Check out this demo of the current user experience. As far as I know, OAuth is not live on the web anywhere yet, but its cousin, OpenID is starting to be more widely adopted.

Of course, if we all had portable social networks, then that would also make things an awful lot simpler and more secure but it all seems quite a way off yet… why so far off you ask? Well…
So far, however, the drive to develop and promote these more secure alternatives is very much being driven by the more technical people on the web. There are lots of scary sounding discussions around exactly how these methods should work. Designers are, for the best part, not to be found in these conversations.

This is problematic from couple of perspectives.

1. Firstly – if anyone is going to be able to drive the uptake of something like OpenID or OAuth, then it is going to be UX people, the people who are designing the experiences and making recommendations about what constitutes a good experience. Unfortunately, too often by the time the techies get a look in, all the functional decisions have been made and it’s too late to retrofit what would potentially be a much better solution for our end users. We have a responsibility to know about these things and to promote them.
2. Secondly – from a user experience perspective, there are a lot of challenges to be found in OpenID and OAuth, primarily because you need to educate people about what is going on and also because you are typically moving them through quite a complex flow – including from one site or application to another and then back again. At the moment, the user experience of OpenID and OAuth are far from ideal, but rather than using this as a reason not to work with them, we should be seeing this as an opportunity to engage with these design problems and to use our experience and expertise to help get the user experience as good as it can be.

At any rate – looking after the security of our end users is now very much a part of the responsibility of the designer – whether it is through helping to educate those end users not to hand over information irresponsibly, or by guiding our clients/companies to use methods that better protect our end users. We need to be engaging in these discussions and helping to guide them both from the perspective of the businesses we’re working with as well as in the ongoing technical discussions about how these technologies work.

I think we have a responsibility to help protect our end user, even from themselves. To ignore this responsibility is unethical.

1. Might as well set a trap. This is the worst kind of failure (and the one I experienced – continue to experience – repeatedly from VirginMedia. You know this kind of failure, because you can feel the blatant disregard for your experience as a customer. These companies seem to go out of their way to avoid or ignore customer feedback. THis is clear in both their service design and any UI design you come across. It’s typified by long waits on hold, little and/or contradictory information provided, a strong sense that you (the customer) are being a pain in the butt and causing the company and it’s representatives unending trouble, user interfaces that are so poorly designed that it is inevitable you will not get to the end successfully, a sense of loneliness and hopelessness as a customer. Mistakes happen often. The company couldn’t care less.
2. Could try harder. Obviously some effort is being made. Most of the information you need is available and reasonable (sometimes good) design is in evidence, but there are still major customer experience failures and no obvious feedback channels. Often the solutions to these experience failures are quite simple. Frequently they’re as simple as building in more feedback or simple error prevention. But often… these easy fixes don’t happen. Contextual research is required to identify the pain points to enable these simple fixes to be designed and applied. There is a lot of potential for improvement here.
3. Thoughtful and Responsive.  Things still go wrong from time to time but you don’t mind so much because it doesn’t happen often and when it does, it is clear that an effort is being made to be responsive and supportive and to take responsibility for the failure. Failure is still frustrating, but it is no longer necessarily a negative exchange between the company and the customer.
4. Surprise and Delight. For some, failure is actually an opportunity to make contact with a customer and learn from them - and having the chance to surprise and delight them. Kathy Sierra wrote of screaming users:

   “As Henry Petroski writes in To Engineer Is Human: The Role of Failure in Successful Design, we learn more from our failures than our successes.  But only if we pay attention to the failures and figure out what to do right the next time.” 

   Every now and then I fire off an email in annoyance, and every now and then, an actual human emails me back much more quickly than I expected and resolved my failure. Jeff Turner of Blogbeat (now Feedburner) did this all the time. Even when the server was down and I annoyingly couldn’t get access to the data I wanted, his quick and helpful response would always make me smile and think well of his company.

So, what’s the moral?

Failure happens, but through contextual research and good service and interface design you can minimise the negative impact of these failures and actually turn them into positive points of contacts with your customers.

Oh, and think really seriously before you sign a contract with VirginMedia.

Of course there is… but seriously… how hard do you want to make it for me to engage with your service and give you my money?

Very silly.

It’s just…  by the time you get to the part in your project plan that says ‘Usability Testing’, there’s not much I can do. You’ve left things too late.

Sure, I know. That’s when you do the usability testing, isn’t it? In that mad rush when you’re trying to get everything coded up and launched. I know, because it usually means that we don’t get much time to do the testing, and it’s usually not with the finished product.

And, you know… that probably would be ok, if we’d have done some testing earlier on in the piece.

OK, so you might not call it testing. You might call it research. Or you might just call it putting some ideas in front of people who might be using your product in the future and seeing what they think.

No, we don’t need your finished product before we can test. Not at all. We’ve tested with scraps of paper in the past and discovered we were heading down the wrong path altogether. We’ve learned a LOT about how our design should work even with some ugly wireframes.

And the great thing is that scraps of paper and wireframes cost nothing… compared to the amount you’ve invested in getting to the ‘Usability Testing’ line item on the project plan.

Compared to the amount you’ll probably have to spend if you want to implement any of the things we’ll probably learn if we do that testing now.

Of course… between you and I…. we know that’s probably not going to happen anyway, is it. There’s no time for changes. There’s a launch date fast approaching, and hardly enough time to finish the work you have already.

We’re just ticking a box here, aren’t we. With the best of intentions.

It’s a shame tho’. We could have been a good team.

We could have got to a kick butt design, one that we *knew* would work. We could have stopped all this coding and re-coding. We could have had good strong answers to questions that the business was asking. We could have taken so much of the guesswork out of it.

We could have been launching this thing with out the sneaking suspicion we’d be back at the drawing board (literally) in the very near future.

But I’ll tell you what I’ve found, and you tell me that you don’t have time to do anything about it.

And hopefully, next time, we can work together from the beginning.

I think that would be a much better idea.

Of course, TicketMaster doesn’t let me use my work address for delivery, it has to be the mailing address for my credit card. So, from the very beginning, I had a bad feeling about this. It was a pretty good assumption that I was going to be home when they wanted to make the delivery.

(Why do so many companies work on the utterly flawed idea that so many of us are so able or prepared to not go to work for a day in order to receive their services? Do so many people not work these days?)

This is Secure Mail’s explanation:

Your secure delivery will be made between 9am and 5pm. To increase security our delivery agents constantly change their delivery routes and times which means we are unable to give a specific delivery time.

OK, so security. At least it’s on brand.

This morning, I receive a text message from Secure Mail (Murphy’s Law, not fifteen minutes after I’d left the house to go to work). They informed me that they’d tried to deliver my tickets but, surprise, surprise, I wasn’t there. To rearrange delivery, they said, I should go to their website.

So I did.

Please tell me if you can see what I am supposed to do now?

Yep, that’s the complete set of options on the Secure Mail website.

Where’s the bit that talks about re-delivery, missed a delivery, received an SMS? Any kind of keyword that I would see in this situation and identify that yes, that’s the right section for me.

As it happens, the section I’m supposed to go to is ‘Book your Delivery’. That made no sense to me as I was convinced that this was some kind of a courier service and that the Book Your Service was to initiate a courier service.

From what I can gather, SecureMail lets you know if they have something they need to delivery to you, either by If we are holding a secure mail item for you we will have let you know by text, calling card or letter.

What if, instead of saying ‘arrange delivery’ (even though that’s how the people at Secure Mail might think about it), you put a little section on that page that said something like ‘received an SMS, letter or calling card?’ or ‘did we miss you earlier? need to rearrange a delivery?’

I’m betting that a whole lot more people would find what is actually quite good functionality allowing me to re-schedule the delivery (even to my work address) on a day that suits me.

How could Secure Mail tell that this has worked? Well, I’d be looking for more transactions via the website and fewer phonecalls and contact form submissions. I’d be looking for shorter session times on the website, and less angry and frustrated customers.

And I’d be looking for blog posts the opposite of this – saying how great the Secure Mail service is because it let’s customers have more control over the crazy, annoying ‘we deliver when and where we want to, even though we’re delivering your stuff’ approach that far too many companies take.

More like the good stuff I’ll say one day about Ocardo, who let me choose a 1 hour window for my grocery delivery! What luxury is that. And they let me add items to my list after I’ve submitted my order! See, good delivery service. It can be done!

The trick is putting your customers at the centre of the design process.

D’uh.

I answered the phone, and a woman said she was from the Police.

She asked me to identify my husband.

Now… perhaps I watch too many episodes of CSI, but when some one says ‘can you identify this person’ it makes me kind of nervous. Particularly when they’re talking about a loved one.

With my past, present and future life flashing before my eyes, I tried as best I could to identify my husband. I asked the woman why she needed me to do this. She said the police were dealing with it and she’d get back to me. She asked me a few more details – was he a white male? What colour was his hair?

Then she put me on hold.

Now… perhaps I was over reacting, but at this stage I was physically shaking and imagining all kinds of horrible things I wouldn’t wish on anyone else.

Eventually (and, there was no hold music, just silence) she came back on the line and told me that my husband was using my debit card to pay for a few pounds worth of fuel. He’d lost his wallet on the tube a few days before so I’d loaned him my debit card… and because it said ‘Mrs’ (which, incidentally, I’d never asked for it to say) they’d assumed it was stolen and called the police.

So, for a few minutes, I thought that something dreadful had happened to someone I loved, because of the way that they handled that customer experience.

Now – hours later – I still feel powerful effects of that conversation.

Surely, people who work for the London Police don’t do that to people all day, every day. If so, it’s a miracle any of us are sane.

Surely, if someone had considered personas and user scenarios – there is no way that a call like that would ever have been made.

I whinge a lot on this blog about user experiences that piss me off. But this one has shaken me in an incredibly powerful way.

I’m not writing this so you say ‘oh, poor you’. I’m posting this so you think about how what you do might impact on peoples lives.

User experience is way more than not making my day frustrating. User experience might be not making me confront mortality when I just want to go get a sandwich.

Is that too much to ask?