Design & Technology November 16, 2017
The Paradox of the Login
Due to the richness of our digital lives we use more and more services that require a login. The role of the login increases, while its usability can be doubted. The classic login – username / password – requires a lot of the user. Time for an alternative!
For companies and services that you don’t visit often (eg water, insurance or energy companies), people massively reset their passwords because they forgot them or don’t know that they have one at all, start to create a new one and then get an error in the creation flow. It is, paradoxically, a rather user-unfriendly entrance to the promise of a user-friendly world. Behind the login these companies know who you are and your data is stored, but the road to that world leads past a user-unfriendly port. This of course doesn’t apply to Facebook or Bol.com, sites that you visit every day, but it does for places you visit sporadically, such as webshops where you buy something every three years.
The social login seems to be a good development, but it’s not used by many people yet and most organizations don’t offer it either. This method always requires a ‘linking moment’ from the service to your social network and people experience that as cumbersome.
Besides that, there are of course handy password tools, such as browsers that store login data for you, but they actually prove that there is something fundamentally wrong with the login. These tools offer no solutions in the long term, but are only hacks to circumvent the problem of the user-unfriendliness of the login.
Beyond the login
Together with its customers Dept always thinks about ways in which we can avoid the login and do the identification in an alternative way. For starters, an important thing to realize is that people usually visit a website for just one question or with a single goal and that after logging in they end up in an environment that is equipped for them to do every possible thing. And that’s strange. If someone wants to pay an invoice, the person doesn’t immediately click on an ‘invoice payment’ button, but on ‘log in’ and then enters an environment with dozens of options, from checking their balance to changing personal details. If all you want to do is pay your bill, you don’t have to see all those other options at all. The concept of ’my environment’ doesn’t necessarily fit the behavior or needs of people. If we acknowledge this and let go of ‘my environment’ as holy grail of personal service and start thinking more from task-oriented flows, we’ll create room to think of other ways of identification and offering personal service.
For example: you want to let your telephone provider know you’re moving. The provider asks for your zip code, house number and e-mail address – information that everyone knows about themselves. You’ll be identified based on those data. You’ll be welcomed without further personal information being shown and then asked to enter your new address. Then you’re asked how to confirm the change: by e-mail or text message. You’ll see part of your address and mobile number, so that you’re sure that it is the correct data. You choose e-mail, and get an overview of the change in your inbox: the old and new address and a button to confirm. You click, confirm, arrive back on the telephone provider’s webpage and you’re done. Just like that, without a login.
This is a cross-channel check based on data that is already known to companies. If your phone number is unknown, you will only receive an e-mail, or vice versa. But most companies have that information from their customers. This way you can easily offer personal service without the use of a login.
Is this safe?
Most IT departments start to baulk at the notion of new methods for self-service, but this method is just as safe as the traditional login. For comparison: with a password reset you have to enter your e-mail address. You then receive an e-mail with a new password. This method of service uses the same technique as a password reset and is therefore innovation without having to create anything new.
Do we already use this? Hell yes! We’re now implementing this way of service with three of our clients. At Waternet we used this method for changing your address. You can now do that on their website using your date of birth and postal code / house number. Previously, when moving, you had to create an account with My Waternet, even if you were leaving Amsterdam and would never use it again. That was a backward way of doing business. At De Alliantie we’ve done the same for requesting repairs in their social housing districts. In addition, we’re implementing this at other leading service providers in larger, structural ways, but more on that later.
For high-engagement platforms that require identification, such as your bank or social accounts, we’ll continue to use logins that you’ll remember because of the high frequency of visits. But for most other platforms it’s not necessary to tire customers with a cumbersome, mandatory login process. For them, self-service without logging in is the next big thing.