Usable Security and E-Banking: Ease of Use vis-à

Transcription

Usable Security and E-Banking:
Ease of Use vis-à-vis Security
Data collected in an evaluation of six Danish
web-based electronic banking systems
(DRAFT)
Morten Hertzum, Niels Christian Juul, Niels Jørgensen, Mie Nørgaard.
Roskilde University, Denmark
email: {mhz,ncjuul,nielsj,mnl}@ruc.dk
Table of Contents
Preface.................................................................................................................................................3
Introduction.........................................................................................................................................4
How to read the tables....................................................................................................................4
Browser messages..........................................................................................................................5
Heuristics........................................................................................................................................6
A taxonomy of ease-of-use problems in e-banking.......................................................................7
PC and browser configuration........................................................................................................8
Installation.........................................................................................................................................11
Danske Bank................................................................................................................................11
Nordea..........................................................................................................................................14
Jyske bank....................................................................................................................................17
Skandiabanken.............................................................................................................................20
Sydbank (certificate solution)......................................................................................................23
Sydbank (“key card” solution).....................................................................................................26
Basisbank.....................................................................................................................................31
Summary of tables........................................................................................................................34
Every day log on...............................................................................................................................36
Danske Bank................................................................................................................................36
Nordea..........................................................................................................................................38
Jyske bank....................................................................................................................................40
Skandiabanken.............................................................................................................................41
Sydbank........................................................................................................................................44
Basisbank.....................................................................................................................................47
Log off..............................................................................................................................................50
Danske bank.................................................................................................................................50
Nordea..........................................................................................................................................52
Jyske bank....................................................................................................................................54
Skandiabanken.............................................................................................................................56
Sydbank........................................................................................................................................58
Basisbank.....................................................................................................................................60
Money transfer..................................................................................................................................61
Danske Bank................................................................................................................................61
Nordea..........................................................................................................................................64
Jyske bank....................................................................................................................................66
Skandiabanken.............................................................................................................................68
Sydbank........................................................................................................................................70
Basisbank.....................................................................................................................................72
Weak passwords................................................................................................................................74
Danske Bank................................................................................................................................74
Nordea..........................................................................................................................................78
Jyske bank....................................................................................................................................80
Skandiabanken.............................................................................................................................81
Sydbank........................................................................................................................................83
Basisbank.....................................................................................................................................85
References.........................................................................................................................................86
Preface
This report contains data collected in an evaluation of six Danish web-based electronic banking
systems.
The report supplements an academic paper in which we interpret and discuss the evaluation results
and motivate the method used to obtain them:
Hertzum et al. Usable Security and E-banking: Ease of Use vis-à-vis Security. Proceedings of
OzCHI 2004, Wollongong, Australia.
The data was collected during June-August, 2003, and the draft version of the present report was
completed November 17, 2004.
Introduction
The evaluation comprised four tasks that a user of an e-banking (web-based electronic banking)
system must or is like to carry out: installation, log on, log off, and money transfer. In addition we
tested the systems' response to weak passwords.
The remainder of this introduction explains how the read the tables in which the evaluation results
are presented, and describes the hardware and software configuration of the PC used for the
evaluation.
How to read the tables
The walk-throughs are documented in tables of four or five columns. The columns are as follows:
1. column shows the number of the current page to reveal if any pages are revisited. For brewity,
we record the display of a window displaying a standard browser message using the
abbreviation "Security alert", "Security warning", or "Security warning". These three types of
messages are described below in the section Browser messages.
2. column holds the information offered by the system. Text shown in italics is the original text in
Danish as offered by the system. If an English term is not followed by an italized (ie. Danish)
term, the system has offered the English term.
3. column describes the correct user-action on the current page.
4. column holds the heuristic evaluation (HE) comments. The comments are based on a set of 12
heuristics presented below in the section Heuristics.
5. column holds the number of the category in which we put the problem. The categories are
defined in the section A taxonomy of ease-of-use problems in e-banking. (Only problems found
during walk-through of the installation task were assigned categories).
After each table we add a few illustrative screen dumps as examples and some additional HE
comments – usually more general ones regarding the system as a whole.
Browser messages
During the walk-throughs some of the system responses come from the browser. Please note that
these messages are not part of the Internet banking system itself, but may be believed so by the
novice user. The messages from the browser are not counted as independent pages in the tables
below. The page number in the table refers to the system page on which the message pops up. The
following three types of messages are generated by the browser:
Illustration 1 Browser pop-up message: Security
Alert.
warning.
“Security alert” is used to describe the browser
message: “Security alert: You are about to view
pages over a secure connection. Any information you
exchange with this site cannot be viewed by anyone
else on the Web”. Which includes the check box: “In
the future, do not show this warning” and the
buttons: “OK” and “More info”. When leaving a
secure connection the browser will provide a similar
message.
“Security Warning” describes a browser pop-up
message such as: “Security warning: Do you want to
install and run “C:\DOCUME~1\INFM_~1\LOCALS~1\Temp\JVMD0.tmp” signed on an
unknown date/time and distributed by: Bankernes
EDB Central. Publisher authenticity verified by
VeriSign Class 3 Code Signing 2001-4 CA. Caution:
Bankernes EDB Central asserts that this content is
safe. You should only install/view this content if you
trust Bankernes EDB Central to make that assertion.
SIGNED WITH PERMISSIONS – Full permissions.”.
The message includes the check box such as:
“Always trust content from Bankernes EDB Central”
and the buttons “Yes”, “No” and “More info”.
“Security information” describes the browser
message such as: “Security information. This page
contains both secure and non secure items. Do you
want to display the non secure items?” The message
includes the buttons: “Yes”, “No” and “More info”.
information.
The browser messages inform the user that danger lies ahead, for example, that his actions may
cause him to loose data. Therefore, the system's misuse of a warning sign be regarded as a
usability problem, and will mentioned in the tables below. One browser message may cause
several usability problems. We have, however, chosen to count each browser message as one
whole problem. In the final count (see “Summary of tables” below) one browser message thus
equals one usability problem each time it appears in a sequence.
Heuristics
As mentioned above we estimate breakdowns and problems on the basis of a collection of
heuristics. Heuristics 1, 2, 3, 4, 5, 6, 7, and 8 are sampled from Nielsen and Molich (1990).
Heuristics 3, 4, 5, 8, 9, 10, and 11 are sampled from Shneiderman (1998). Finally we added one
heuristic, Heuristic 12, that we find could be of importance to our main goal. Thus we make our
usability evaluation on the basis of the following heuristics:
No. Heuristic
How we use the heuristic in the investigation
1
Simple and
natural dialogue
Dialogues should not contain irrelevant or rarely needed information.
Every extraneous unit of information in a dialogue competes with the
relevant units of information and diminishes their relative visibility.
All information should appear in a natural and logical order.
2
Speak the user's
language
The dialogue should be expressed clearly in words, phrases and
concepts familiar to the user rather than in system oriented terms or
specific terms used in banking circles.
3
Minimize user
memory load
The user should not be required to remember information from
previous sites or tasks. Neither should he be obliged to remember
predefined codes.
4
Be consistent
Consistent sequences of actions should be required in similar
situation; identical terminology should be used in prompts, menus etc.
Consistency in colour, fonts layout etc. should also be employed.
5
Provide
informative
feedback
For every action there should be a system feedback. For instance
when logging off the user should receive information that he has
indeed succeeded in doing so.
6
Provide clearly
marked exits
A system should never capture users in situations that have no visible
escape. Users often choose system functions by mistake and will need
a clearly marked “emergency exit” to leave the unwanted state
without having to go through an extended dialogue.
7
Good error
messages
Reading an error message should enable the user to correct the error
1
rather then just informing him that an error has occurred.
8
Offer error
prevention and
simple error
handling
The system should preferably be designed so that users cannot make
errors. For example by preferring menu selection to form fill in.
9
Permit easy
reversal of
actions
As much as possible actions should be reversible. This feature
relieves anxiety since the user knows that errors can be undone thus
encouraging unfamiliar options.
1The heuristic about error messages is relevant only for the evaluation of the systems' response to
weak passwords (see the chapter Weak Passwords). During the remainder of the evaluation we
behaved “correctly” and did not trigger error messages. Note also that the browser messages
discussed above in section Browser Messages are warnings, not error messages.
10
Design dialogs to Sequences of actions should be organized into groups with a
yield closure
beginning, middle and end. The informative feedback at the
completion of a group of actions gives users the sense of
accomplishment and satisfaction with the system such as( when
making a money transfer) the system e.g. informs: “Finally you need
to sign the order to transfer the amount”.
11
Support internal
locus of control
Experienced operators strongly desire the sense that they are in charge
of the system and that the system responds to their actions. Make
users initiators of actions rather than responders to actions. With
regard to this heuristic we do accept that a system such as an ebanking system to some extent demands user response such as signing
in with a password. We do find however that e.g. browser pop-up
messages or pop-up windows that close automatically are in conflict
with this heuristic.
12
Provide
sufficient and
easily accessible
help
The system should provide the user with the possibility to obtain
thorough and sufficient help whenever it is needed. This could be as
e.g. examples of how to fill in dates or how to create a strong
password.
A taxonomy of ease-of-use problems in e-banking
The following table defines four categories of ease-of-use problems. The categories group ease-ofuse problems according to how they may be fixed eg. easily or only at the cost of weakening
security.
Name
Definition
Fixable but securityrelated
An aspect of the user interface that reduces ease of use, but where
modifying this part of the interface would weaken security.
Straightforwardly
fixable
Ease-of-use deficiences that we believe can be fixed without weakening
security or introducing other problems.
Platform-related
Ease-of-use problems that are due to the underlying platform, for
example browser pop-up messages that may confuse the user and which
are outside of the direct control of the bank.
Undue simplification
Ease-of-use problems likely to be experienced by the more informed
user, who may be rightly confused if the user interface describes distinct
features by the same name, for example both password and private key
by the name "code".
Fixable but security-related ease-of-use problems include authentication mechanisms that require
the user to remember a randomly generated eight-character password, where the use of a more
easily remembered password would weaken security.
Straightforwardly fixable ease-of-use problems include confusing terminology such as labelling
the button that a new user must press "Functions" rather than "New user", and where choosing the
more user-friendly label seems seems not to have no undesirable consequences. The category also
includes the use of different phrases such as "code" and "password" to denote the same item,
something that can be fixed simply by using a consistent terminology.
Platform-related deficiencies originate from the underlying software and as such, cannot be fixed
by changing the bank's software. For example, the browser pop-up message "Security alert" is
shown by the browser used on our test machine when a session that uses a secure socket
connection is invoked by some user action. Possible solutions to platform-related deficiencies
include:
•
Eliminate whatever triggers the platform-related deficiency. For example, omit the use of a
secure socket connection to eliminate the "Security alert" message. This solution radically
challenges the whole idea of using the Internet as an infrastructure, and is discussed in more
detail in ..
•
Encourage the user to read a text that explains the relevant browser messages etc. prior to
performing the installation. The benefit of this approach is to provide the user with an
opportunity to obtain some degree of understanding of the security issues related to her use of
the Internet banking system. The difficulty is that many users may simply choose to omit the
reading and studying of such general, explanatory material.
•
Provide on-the-fly explanation of the browser messages, for example "Next a pop-up message
will appear saying that .. This means that .. You may safely ..". This solution may be difficult to
implement, because different platforms (ie. combinations of browsers, versions, etc.) may give
rise to different browser messages. Realistically, only a few, common platforms can be covered.
If implemented, this type of solution should probably include an option for short-cutting the
explanatory messages altogether, since when first read and understood, repeating them at
subsequent sessions is irrelevant and increases the number of steps the user must go through.
Undue simplification is distinct from the other types of deficiencies because it may reduce the
amount of complex terminology presented to the user, and so in some sense facilitates ease of use.
When we label a feature or aspect of the user interface as belonging to this category, it reflects our
point of view that it is desirable that the user is assisted in building some minimal level of
understanding of the relevant, basic security issues, such as the distinction between a private key
stored on hardware and a password remembered by the user. Moreover, the informed user who
already understands eg. the password/key distinction is likely to be confused if the interface
describes them as if they were the same.
PC and browser configuration
The PC used for the evaluation was equipped with a Pentium III 866 MHz processor with
Windows 2000 and the browser Internet Explorer 6.0. The Internet was accessed via a broadband
connection.
The browser's security settings are set to “Custom” and the privacy to “Medium” (see Illustration
1).
Illustration 4 Browser security settings. The settings concerning
cookies are set to medium.
The Browser is set to prefer English (see Illustration 2).
Illustration 5 Browser language settings. The
browser prefers English to Danish.
The advanced security settings are shown in Illustration 3.
Illustration 6 The advanced browser security settings.
The browser always check for newer versions of pages (see Illustration 4).
Illustration 7 The browser always checks for newer
versions of the page
Finally, the browser's auto complete feature was used for web addresses, forms and user names
and addresses on forms.
Installation
The installation task in each e-bank is described in a separate section. Each section contains the
subsections “Intent”, “Steps and actions”, “Examples”, and “Additional comments”. The
subsection "Steps and actions" contains the core data in the form of a table. These four subsections
will reappear in subsequent chapters as well, to describe the other tasks.
However, since the installation of an Internet bank is for most solutions the largest and most time
consuming task, installation is described also by means of two additional paragraphs: The
paragraph “Preconditions and available Instructions” lists the items and information provided by
the bank in order to make the installation possible. This is information such as pin code and initial
password. The paragraph “Information vs. instruction” comments on the level of information,
whether it be in the form of instructions or thorough information.
The overall structure of the subsections describing the installation sequences is thus: “Intent”,
“Preconditions and available Instructions”, “Steps and actions”, “Examples”, “Information vs.
instruction” and “Additional comments”.
Danske Bank
Intent:
To run Danske Netbank for the first time (24.6.2003).
Preconditions and available Instructions:
Before the installation Danske bank provides the user with:
1. a letter including a 4 digit pin code,
2. a letter including a 6 character agreement number and
3. an instructional pamphlet.
The information enclosed in the pamphlet is however neither sufficient nor correct. The
information is very general, but Danske bank makes a fine attempt to explain basic system features
in a user friendly manner. Since the pamphlet is incorrect we have not used it's instructions in the
following sequence.
Steps and actions:
Pp
1
System information/actions
www.danskebank.dk
User actions
Click on button “Log on”
Several menu buttons including “Log on”
1
1
2
Scroll menu unfold several links including
“Danske Netbank”
Click on “Danske Netbank”
Browser pop-up message: “Security alert”
“OK” is clicked, check box
left unchecked
Title: “Log on”(“Danske bank log-on”)
Fields: “Agreement number” and “Password”
(“Aftalenummer” and “Kodeord”)
Buttons: “OK”, “Cancel” and “Functions” (“OK”,
“Annuller” and “Funktioner”)
Click “Functions”
Breakdowns or small
problems
Problem
category
Not natural language – the
user cannot log on – he is not
yet initialized
2
The language is not user
friendly and may leave the
user worried
3
No sense of internal locus of
control
3
The term “Functions” is not
natural dialogue
2
The feedback is not very
useful
2
2
A scroll menu unfolds:
Choose “New agreement”
“New agreement”, “New pin code”, “Change password”,
“Recreate key”, “Delete key”, “Save key”, “Key on
floppydisc”(“Ny aftale”, “Ny pinkode”, “Skift
kodeord”, “Gendan nøgle”, “Slet nøgle”, “Gem nøgle”,
“Nøgle på diskette”)
3
Pop up message:
Title: “New agreement” (“Ny Aftale”)
Fill in fields and press
“OK”
Fields: “Agreement number”,“Pin code”,
“New password”, ”Confirm new password”
(“Aftalenummer”, “Pinkode” , “Nyt
kodeord”, “Bekræft nyt kodeord”)
Buttons: “OK”, “Cancel” (“OK”, “Annuller”)
4
Title: “Information” (“Information”)
Click “Yes”
Text: “Danske Bank has updated your key. You should
save a copy. Do you wish to save a copy now?”
(“Danske Bank har opdateret din nøgle. Du bør derfor
snarest tage en sikkerhedskopi. Ønsker du at tage en
sikkerhedskopi nu?”)
The term “New user” should
be preferred to “New
agreement” according to the
request for natural dialogue
2
The term “key” may not be
user language
2
No help is offered
2
Though the system do hold
information about how to
create strong passwords this
information is not accessible
from page 3. This fact may
cause the user mental
overload
2
The user needs to fill in 2
fields with codes the bank has
provided for him. This causes
a heavy memory load
2
Terminology is inconsistent
(mixes Danish and English
terms)
3
The text holds difficult
security terms which are not
explained
1
A path name may not be
user's language
3
The warning sign does not fit
the text
2
Which task (the Danish text
uses the word funktion
(function)) is the text
referring to? Not a simple
dialogue
2
The welcome text is easily
missed which results in a bad
closure
2
Buttons: “Yes” and “No”
5
Pop up message: “Save as” (“Gem som”)
Accepts default path
A default path is shown in the field
6
Pop up message:
Click “OK”
Text: (warning sign ) “Information. The task is correctly
fulfilled” (“Information. Funktionen er korrekt
gennemført”)
Button: “OK”
7
Title: “View of account” (“Kontooversigt”)
Text: “This is your first log on” (“Det er første gang du
logger på netbanken”)
Examples:
Illustration 8 Screen dump of the message on
page 3. The user has to fill in agreement
number, pin code and new password (x2).
Information vs. instruction:
The information level is at an instructional level.
Additional usability comments:
1. No examples are available to the user.
2. The system offers no way for the user to exit but to log out of the entire system or use the
backtracking possibilities provided by the browser.
3. Help is very limited. The system does provide some extent of advice regarding the creation of
strong passwords. It may, however, not be sufficient.
Nordea
Intent:
To run Nordea Netbank for the first time (23.6.2003).
Nordea provides the user with
1. one letter including a 4 digit pin code,
2. a letter including a 10 digit agreement number (which is not similar to the account number) and
3. a third letter which includes a few instructions about how to get the installation started. These
instructions are however not sufficient nor entirely correct.
Steps and actions:
Pp
1
www.nordea.dk
User actions
Click menu button:
“Private customers”
Several menu buttons including “Private customers”
(“Privatkunder”)
(A letter from the bank instructs the user
to chose “Internet Bank” (“Netbank”)
followed by “Get started” (“Kom godt
igang”))
2
Title: “Private” (“Privat”)
Click “Self service”
Text: A side menu with 11 buttons including “Self
service” (“Selvbetjening”).
2
Scroll menu unfolds 10 buttons including “Internet
Bank” (“Netbank”).
Click “Internet bank”
Breakdowns ( ) or small
problems
Problem
category
Neither button “Netbank” nor
“Kom godt igang”exists on
www.nordea.dk
2
No help is offered
2
There is no logic in using the label
“Private customers”
2
There is no apparent logic in using the
label “Self service” - everything the
user does on a web page could be
labeled “Self service”
2
(At this point the user
recognizes the instructions from the
letter)
2
Scroll menu unfolds 10 buttons including “Get
started” (“Kom godt igang”)
Click “Get started”
3
Title: “Get started” (“Kom godt igang”)
Click “Log on”
Text: (excerpt) “Under “Internet bank” you will
choose “log on” followed by “new user”. On the
page “new user” you have to fill in agreement
number, user name (e.g. your own name) and your
five digit pin code. Hereafter you choose your
personal password” (“Under punktet Netbank skal
du vælge Log på og derefter Ny Bruger. I det
billede, der hedder Ny Bruger, skal du taste dit
aftalenummer, brugernavn (fx. Dit navn) og din
femcifrede pinkode. Herefter vælger du dit
personlige kodeord.”)
3
4
Title: “Internet bank” (“Netbank”)
Side menu includes button: “New user” (“Ny
bruger”)
The amount of text is rather large and
covers many different types of
information.
The explanation of the many following
steps may cause an increased memory
load.
2
The term Log on does not cover the
action about to take place (installation).
It causes confusion that this button does
not open the actual log on site.
2
“OK” is clicked,
check box left
unchecked
The language is not user friendly and
may leave the user worried
Click “New user”
Help offers the opportunity to make a
search among issues related to logging
on
No sense of internal locus of control
2
3
3
2
5
Title: “New user” (“Ny bruger”)
Fill in fields
Fields: “Fill in agreement number”, “Fill in
username”, “location of key” (“Indtast
aftalenummer”, “Indtast brugernavn” ,
“Sikkerhedsnøgle placering”)
Click “Log on ”
The term “key” (which in the Danish
text actually says “Security key” is not
user friendly language)
Some confusion concerning “user
name” - how is it different from a
password?
Button: “Browse” (“Gennemse”)
The user have to fill in two codes which
are issued by the bank and cause him a
heavy memory load.
Fields: “Fill in pin code”, “Fill in personal
password”, “Repeat personal password”, (“Indtast
pin kode”, “Indtast personligt kodeord”, “Gentag
personligt kodeord”)
2
2
1
Buttons: “Log on”, “Cancel” (“Log på”,
“Annuller”)
5
Pop-up message: (warning sign) “Your key will be
generated when pressing ok. This may take several
minutes.” (“Din sikkerhedsnøgle vil blive genereret
ved trk på ok. Vær opmærksom på at det kan tage
flere minutter.”)
Click “OK”
The warning sign is not appropriate for
this kind of message
The term “key” (which in the Danish
text actually says “Security key” is not
user friendly language)
Button: “OK” (“OK”)
6
Title: “Kontooversigt” (“view of account”)
Text: “Velkommen NN” (“welcome NN”)
Examples:
Illustration 9 The many scroll menus on page 2. Note that there is a "Log on" buttonin
addition to "Get started" in the last menu.
2
2
Illustration 10 Screen dump of page 3. Many various types of information is presented on this page.
Nordea Netbank provides the possibility to obtain general information and ensures understanding
by displaying a variety of links and search fields. The search engine lets the user search between
issues relating to the current task which to the novice user is a great help.
1. The system offers an explanation of various difficult security expressions and provides
examples of strong passwords. However the user is not presented with all of these explanations
and may have to seek out this information by himself by using for instance the help function.
2. The system fails to provide easy reversal of actions as well as presenting obvious exits.
Jyske bank
Intent:
To run Jyske Netbank for the first time (6.6.2003). Jyske Netbank uses a "key card" (see picture
below) and there is not installation procedure. The procedure the user must go through to run Jyske
Netbank for det first time is exactly the same as for every-day log on.
Initially, Jyske bank has provided the user with:
1. a letter including the “key card” (see picture below) and
2. limited written instruction on how to use it.
Illustration 11 This is what the “key card” looks like. It measures the
size of a credit card. Picture from www.jyskebank.dk.
Steps and actions:
Pp
1
www.jyskebank.dk
Several menu buttons including “Begin Jyske Netbank”
(“Start Jyske Netbank”)
1
User actions
problems
Click on menu button
“Begin Jyske
Netbank”
“OK” is clicked, check The language is not user friendly
box left unchecked
and may leave the user worried
control
2
Title: “Log on and user identification”, “Welcome to
Internet bank” (“Tilslutning og brugeridentifikation”,
“Velkommen til Netbank”)
Problem
category
Fields are filled in
“OK” clicked
Fields: “Fill in customer number (social security
number)”, “Fill in key-card number” (“Indtast dit
kundenr. (CPR-nr.)”, “Indtast dt nøglekortnr.”)
For the novice or elderly user
the “key card” can be difficult to
use. There is a lot of numbers in
a rather small font which may
cause problems
3
3
1
Buttons: “OK”, “Reset” (“OK”, “Nulstil”)
3
Title: “Log in and access control” (“Tilslutning og
adgangskontrol”)
Key and password are
filled in
Text: “Does key number 17.ME figure on your key-card
number XXXXXX?” (Findes nøglenr. 17.ME på dit
nøglekortnr. XXXXXX?”)
“OK”, is clicked.
Fields: “Yes. Fill in the 4 characters of the key at 17.ME”,
“Fill in password”, “No. Do not fill in your key and
password. Log out of Jyske Netbank and contact your
branch of Jyske Bank ” (“Ja. Indtast den 4-cifrede nøgle
der står ved 17.ME”, “Indtast dit kodeord”,“Nej. Du må
ikke indtaste din nøgle og dit kodeord. Afslut Jyske
Netbank og kontakt din Jyske Bank afdeling”)
Buttons: “OK”, “Reset” (“OK”, “Nulstil”)
For the novice or elderly user
the “key card” can be difficult to
use. There is a lot of numbers in
a rather small font which may
cause problems
The user has to remember a
password which causes some
memory load
1
1
4
Title: “Accounts and payments” (“Konti og betalinger”)
Text: “If necessary press authorization to see which
accounts you hold authority” ( “Tryk evt. på fuldmagt for
at se hvilke konti du har fuldmagt til”)
Left menu includes the button “Authorization”
(“Fuldmagt”)
Menu button
“Authorization” is
clicked
No accounts are shown at this
page even though the title
clearly suggests it. The result is
confusing and disturbing.
This step seems unnecessary and
the user may wonder why he has
to take additional actions in
order to view his accounts.
2
2
2
The menu button
“Authorization” is not clearly
marked.
5
Title: “View of accounts” (“Oversigt over konti”)
Lack of closure.
2
The accounts are shown.
Examples:
Illustration 12 Screen dump of page 2.
Illustration 13 Screen dump of page 3.
The system offers no other introduction or information but the content of the web page. The
system prefers to provide clear instructions and not understanding or thorough information. The
user can obtain thorough information about specific security issues such as certificates but this
information is however not on a novice level and very poorly marked in the menus.
1. The user can obtain thorough and sufficient help using the “Help” button. Help includes many
illustrative examples but is unfortunately not clearly marked.
2. As for easy reversal of actions the system offers a reset button in an attempt to prevent the user
from using the browser navigation.
3. If using the browser backtracking abilities the user will (rather confusingly) be returned to the
front page.
Skandiabanken
Intent:
To open Skandiabank Netbank for the first time (12.6.2003).
Before the installation Skandiabanken has provided the user with:
1. one letter including an 8 character pin code and
2. a letter including an 11 digit user number (which is similar to the account number).
The last letter refers to an on line “step-by-step guide” to installation.
Steps and actions:
Pp
1
www.skandiabanken.dk
User actions
Breakdowns ( ) or
small problems
Problem
category
“Internet bank” is clicked
Menu includes button “Internet bank” (“Netbank”)
2
Title: “Welcome to Internet bank” (“Velkommen til
Netbank”)
“...is it the first log on click
here” is clicked
Menu includes text/button “...is it the first log on
click here”, (“...er det første gang, så klik her”)
3
Adobe Reader opens “Guide to installation”
(“Vejledning”)
Adobe reader is closed
“Guide to installation” is
difficult to use unless in
printed version. The text holds
too much information only to
be read from the screen, and
may cause a heavy mental load
2
2
It may send the signal, that
installation is complicated and
difficult
2
Title: “Welcome to Internet bank” (“Velkommen til
Netbank”)
Click “Log on Internet
bank”
Menu includes button “Log on Internet bank”,
(“Log på netbank her”)
2
Browser pop-up window: “Security alert”
“OK” is clicked and check
box left unchecked
The language does not
correspond with the attempted
action: installation
user worried
control
3
Browser pop-up window: “Security warning”
“Yes” is clicked and check
box left unchecked
Title: “Log on” (“Log on”)
Field: “Fill in user number” (“Indtast
brugernummer”)
Check box: “Remember user number” (“Husk
Brugernummer”)
User number filled in
leaving check box
unchecked
Click “OK”
3
3
Language is not user friendly
Warning sign is in contrast
with content.
control
3
2
3
3
3
The user has to fill in a user
number which increases
mental memory load
1
4
Title: “Log on” (“Log on”)
Radio button: “Go on line with the bank” (“Gå
online med banken”)
Fields: “Password”, “Signature file” (a field
proposes a default path to the “signature file”.
Additionally there is a “view” button)
(“Underskriftskode”, “Underskriftsfil”)
Radio button: “I have received a pin code from the
bank. Create a new signature file” (“Har modtaget
pinkode fra banken. Dan ny underskriftsfil”)
Click radio button “I have
No examples of how to create
received a pin code from the strong passwords.
bank. Create a new signature
Using the expressions
file”
“Uderskriftskode” and
Click “OK”
“Underskriftsfil” for password
and key may cause problems
to the novice user who cannot
distinguish between the two.
Furthermore the terms especially signature file - are
not “The user's language”
1
1
Buttons: “OK”, Return” (“OK”, “Retur”)
5
Log on site:
Fields: “Pin code”, “Repeat pin-code”, “New
password”, “Repeat new password”, “Path to the
signature file” (a default is proposed. Additionally
there is a “view” button), “Name of “signature file”
(“Pinkode”, “Genindtast pinkode”, “Ny
underskrift”, “Genindtast ny underskrift”, “Sti til
underskriftsfil”, “Navn på underskriftsfil”)
The 4 fields are filled in
correctly
“OK” is clicked using the
default path
The pdf- file “Guidance”
offers very limited information
about how to create a strong
password
The expressions “path” and
“signature file” are not
necessarily “The user's
language”
Buttons: “OK”, “Return” (“OK”, “Retur”)
There is an inconsistent use of
“Signature” and “Signature
code” (“Underskrift” and
“Underskriftkode”)
2
3
2
1
The user has to fill in the pin
code which increases the
mental memory load
6
Blank page.
Text: “Generating key” in lower left corner of the
browser window
No user action required.
Next window pops up
automatically
Poor feedback.
Lack of internal locus of
control
Nor user's language
5
7
Short re-appearance of page 5
Title: “View of accounts” (“Kontooversigt”)
Examples:
No user action required.
Page closes automatically
after ½ a sec.
2
2
2
Poor system feedback
2
No internal locus of control
2
Lack of closure – there is no
“welcome message”
2
Illustration 14 Screen dump of page 3. The guide to installation is full of useful
examples. Unless it is printed out on paper it is however useless since the user clearly
cannot remember 4 pages of information.
The system provides a printable guide through the entire installation. It generally prefers
instruction as opposed to understanding and thorough information (e.g. “Guidance” and
“Instructions”).
1. Help is accessible from the top of every page, but it may not be sufficient since the user has to
search within various help topics or FAQs.
2. The only options to reverse actions or exit from a task are provided by the browser. However if
using the browser navigation to backtrack the user is returned to the initial page “Welcome to
the Internet bank”. This may be confusing system feedback.
Sydbank (certificate solution)
Intent:
To open Sydbank Netbank (using the certificate solution) for the first time (15.6.2003).
Before installation Sydbank has provided the user with:
1. a letter including an 8 character user number (which is different from the account number) and a
8 character password.
The user has provided Sydbank with an initial phrase (max. 10 characters) which is to be used
instead of a pin code.
Steps and actions:
Pp
1 www.sydbank.dk
User actions
Click “Start Internet bank”
Menu buttons include “Start Internet bank” (“Start
Netbank”)
1 Browser pop-up message: “Security alert”
Click “OK”
Breakdowns ( ) or
small problems
Problem
category
Navigation is difficult. One
button is called “Gammel
Netbank” (“old Internet
bank”) and another “Start
Netbank” (“Start Internet
bank”). Both are difficult to
find.
2
user worried
control
1 Browser pop-up message: “Security information”
Click “Yes”
Language is not user friendly
3
3
3
control
3
2 Scroll menu presents a choice between: “Introduction Click “Get started”
and technical issues”, “Signing up”, “Get started” and
“Investment” (“Introduktion og
teknik”,”Tilmelding”, “Kom godt igang” and
“Investering”)
Clicking ”Get started”
reveals a new button called
“Get started”. In this case
there should not be
consistency between these
two labels
2
3 Title: “Get started” (“Kom godt igang”)
Fill in user number and
disposable password
Initially the two fields are
difficult to spot
Click “Log on”
Terminology can be
confusing. “Password”
(“Kodeord”) may suggest to
the user a personal password
but in this case it is a
disposable password from
the bank
2 Title: “Welcome” (“Velkommen”)
Click “Get started”
Text: “If this is first time you use the new Internet
bank it may be to your advantage to view our
introduction which can be found under “Get started””
(“Hvis det er første gang, du skal til at bruge den nye
NetBank, kan det være en fordel at gennemgå vores
introduktionsforløb, som du kan finde under "Kom
godt i gang””)
Menu buttons include “Get started” (“Kom godt
igang”)
Text: (A flash presentation of the Internet bank.)
Fields: “User number” and “Password”
(“Brugernummer” and “Kodeord”)
Buttons: “Log on” and “Help” (“Log på” and
“Hjælp”)
User has to fill in two codes
provided by the bank – this
causes increased memory
load
2
1
1
4 Title: “Welcome -> change password -> read
certificate .-> accept terms” (“Velkommen-> skift
kodeord -> indlæs certifikat -> accepter vilkår”)
Click “Continue”
“Security solution” may not
be the users language
Text: “During this log on you will have your “security
solution” to Sydbank opened. Hence the sequence is
somewhat different from the ordinary one” (“Ved
denne pålogning skal du have åbnet din
sikkerhedsløsning til Sydbank. Forløbet er derfor
noget anderledes end det normalt vil være”)
2
Buttons: “Continue” and “Cancel” “Fortsæt”and
“Afbryd”
5 Tilte: “Welcome -> change password -> read
Fill in initial phrase
Fill in password
Text: “Now you have to fill in your initial phrase. The Click “Continue”
initial phrase must be typed in precisely as you wrote
it on the form to Sydbank” (“Du skal nu indtaste dit
mærke. Mærket skal angives præcist som du angav
det på blanketten til Sydbank”)
Field: (to fill in initial phrase)
Text: “Here you need to change your password and
you need to pick one which on one hand is easy to
remember to you but hard to guess to others. The
password should be minimum 8 characters long and
preferably contain both ciphers and letters” (“Her
skal du ændre dit kodeord, og du skal vælge et
kodeord, der på samme tid er let at huske for dig men
svært at gætte for uvedkommende. Kodeordet skal
være mindst 8 karakterer langt og helst bestå af både
tal og bogstaver.”)
The user is required to
remember his password and
a initial phrase he chose
minimum a fourth night ago
which increases memory
load
The field to fill in the initial
phrase holds no way to
prevent errors since the user
himself chooses the length
and content of the initial
phrase
Lack of continuity in button
terminology. “Afbryd”
(previous page) and
“Annuller” are both used to
describe cancellation
1
1
2
1
The system does not provide
understanding for strong
passwords and delivers no
examples to guide the user
Fields: “Fill in new password” and “Repeat new
password” (“Indtast nyt kodeord” and“Gentag nyt
kodeord”)
Buttons: “Continue” and “Cancel” (“Fortsæt”and
“Annuller”)
6 Pop-up message: “You password has been changed.
The password you received from (-) cannot be used
anymore however you still need to use the user
number” (“Dit kodeord er nu ændret. Kodeordet som
du modtog fra (-) kan ikke anvendes mere, men du
skal forsat anvende brugernummeret”)
Click “OK”
A word is missing in the
message, which results in a
strange unnatural dialogue
The intent of the message is
to tell the user not to throw
out the paper containing both
initial password and user
name. However it fails to do
so in an awkward dialogue
that leaves the user puzzled
2
2
2
No help is offered to
understand this message
A path may not be user's
language
Text: “To use the Internet bank you need to load a
certificate onto your PC” (“For at benytte netbanken
skal du have indlæst et certifikat på din PC”)
(Further information about certificates)
2
“The certificate is saved on the following path”
(“Certifikatet gemmes i nedenstående stiangivelse”):
Field: (containing a default path)
(Additional information about certificates)
Buttons: “Continue” and “Cancel” (“Fortsæt” and
“Afbryd”)
7 Browser pop-up message: “Security warning”
Click “Yes”
Language is not user
friendly. Warning sign may
be in contrast with content
control
3
3
8 Text: “The certificate is being read...” (“Certifikatet
er ved at blive indlæst...”)
certificate -> accept terms” (“Velkommen-> skift
No action is required. This
window automatically turns
into the next after a few
seconds
Not a clear response from
the system. The page is
almost identical to page 6
(This is the anticipated
response to user actions
taken in step 6)
Fill in password
There is no print version of
the agreement. The user
must read a long text (which
is, by the way, not prepared
for the current media) and
remember about 4 pages
before accepting. This step
increases the load on the
user's memory dramatically.
2
2
Lack of locus of control
Text: “The certificate which you need to log onto the
Internet bank has been loaded to your PC. The
certificate expires (...) Now you only need to...”(more
text) (“Indlæsning af certifikatet på din PC som du
skal bruge ved efterfølgende pålogning til Netbanken
er nu fuldendt. Det indlæste certifikat udløber (...) Nu
mangler du bare...”)
Buttons: “Continue” and “Cancel” (“Fortsæt” and
“Afbryd”)
Click “OK”
Text: The entire agreement between bank and
customer (about 4 printed pages)
Field: “Confirm by filling in your password and
clicking OK” (“Bekræft ved at indtaste dit kodeord
og klikke OK”)
2
Click “Yes”
Language is not user
friendly. Warning sign may
be in contrast with content.
control
11 Text: “Your password has been changed. In a moment No user action required. This
you can get started” (“Dit kodeord er blevet ændret.
page closes automatically in a
Det varer et øjeblik før du kan komme igang”)
few seconds.
This is no logic response to
the user action of previous
steps. Password was changed
several steps ago.
Automatic closure results in
missing internal locus of
control
12 Title: “View of account” (“Kontooversigt”)
Lack of closure. (There is a
small welcome notice but it
drowns in the additional
informations on the page.)
3
3
2
2
2
Examples:
Unfortunately no examples are available.
Sydbank succeeds in providing a thorough information about the meaning of various security
concepts and how to use the system. Since this information consists of both a long piece of text as
well as a flash application it is however likely to cause confusion to the user.
1. The user can get help by clicking a “Help” button on top of every page. Help consists of both a
search field and an index which provides a stepwise walk-through the installation.
2. Help provides an explanation of some but not all of the crucial security words.
3. Reversal of actions and exit is provided only by the browser.
4. The system provides the user with a fine sense of progression during the completion of the
installation. Pages 4-10 shows how tasks have been grouped and hence leaves the user with a
fine sense of closure when completing a certain task (see example of page 4 above).
Sydbank (“key card” solution)
th
Since the installation failed and the task thus unaccomplished we have chosen not to include the 5
row: “Problem category” in the table below.
Intent:
To run Sydbank Netbank (using the key card solution) for the first time (5.8.2003).
Before installation Sydbank has provided the user with:
1. a letter including the “key card”,
2. limited instructions about how to activate the card
3. a letter including an 8 character user number (which is different from the account number) and a
8 character password.
The user has provided Sydbank with an initial phrase (max. 10 characters) which is to be used
instead of a pin code.
In order to use Sydbank's “key card solution” the user initially need to have a certificate solution
running.
Steps and actions:
Initially the user has to carry through the installation of the certificate solution according to the
sequence above. The installation of the “key card” solution follows immediately:
Pp
1 Title: “View of accounts” (“Kontooversigt”)
User actions
Breakdowns ( ) or small problems
Click “Security”
7 links including “Security” (“Sikkerhed”)
2 Title: “Security solution” (“Sikkerhedsløsning”)
Text: (excerpt): “You have logged on using a
certificate” (“Du er logget på med en
certifikatløsning”)
Click “Activate key card
solution”
Links: “Change certificate solution”, “Activate key
card solution” (“Ændr certifikatløsning”, “Aktiver
nøglerkortløsning”)
3 Title: “Activation of key card solution” (“Aktivering
af nøglekortløsning”)
Click “OK”
Text: (excerpt) “When receiving the key card you
have to activate the key card. You do this with the
function “Change key card solution”” (“Efter
modtagelse af nøglekortet skal du aktivere
nøglekortet. Det gør du i funktionen “Ændr
nøglekortløsning””)
No useful help is provided. There is no such
function as “Change key card solution” on the
page
The feedback is confusing – the user has just
clicked “Activate key card solution” and is now
asked to click “Change key card solution” .
Either there is a problem with consistency or
there is a function missing
Buttons: “OK”, “Cancel” (“OK” and “Fortryd”)
4 Text: “Your key card solution is now activated”
(“Din nøglekortløsning er nu aktiv”)
Click “OK”
Surprising feedback that does not respond to the
conducted action
Click (“Log off”)
Surprising feedback that does not respond to the
action just made
Text: (excerpt) “You have logged on using a
certifikatløsning.”)
Links: “Change certificate solution”, “Change key
card solution” (“Ændr certifikatløsning”, “Ændr
Menu includes button “Log off” (“Afslut”)
The only sign of change of status is the slight
change of words: “Change key card solution” in
stead of “Activate key card solution”
5 www.sydbank.dk
Click “Start Internet bank”
The top menu holds the button:“Start Internet bank”
(“Start Netbank”)
Click “OK”
6 Text: (excerpt) “Welcome to the new Internet bank”
(“Velkommen til den nye netbank”)
Fill in user number
The language is not user friendly and may leave
the user worried
Fill in password
Click “Log on”
“Hjælp”)
The help offered by the search engine is very
limited
Help offered by the dialogue is insufficient –
how should a user log on using a “key card
solution”?
The system does not offer to remember the user
number. And since the user number cannot be
changed the user may risk mental memory
overload
There is no information about using the key
card or fields to fill in the numbers
7 Text: “Your password has been accepted. The system No user action required. The
is currently getting hold of your certificate. It will
page closes automatically
only take a moment before you are logged on” (“Dit
kodeord er accepteret. Systemet er i øjeblikket i færd
med at hente dit certifikat. Det varer kun et øjeblik,
så er du logget på”)
The language may not be user friendly
Text: “Note: After an idle period the system will
automatically end your log in session and you will be
asked to log on once again ” (“Efter nogen tid uden
aktivitet på systemet, vil din login automatisk blive
afsluttet og du vil blive bedt om at logge på igen”)
Button: “Cancel” (“Afbryd”)
Click “OK”
Click “Daily finances”
the user worried
Top menu: “View”, “Daily finances”, “Investment”,
“Housing”, “Contact”, “Guidance & appliance”,
“Security” (“Overblik”, “Daglig økonomi”,
“Investering”, “Bolig”, “Kontakt”, “Vejledning &
tilmelding”, “Sikkerhed”)
1 Scroll menu unfolds 4 links including “Payments and Click “Payments and
transfers” (“Betalinger & overførsler”)
transfers”
1 Scroll menu unfolds 4 links including “Transfers”
(“Overførsler”)
Click “Transfers”
8 Title: “Transfers” (“Overførsler”)
Text: “You have no account from which you can
withdraw money. Hence you cannot make payments
using the Internet bank” (“Du har ingen konto at
hæve på. Du kan derfor ikke foretage betalinger i
netbanken”)
Not user's language: What is the actual
difference between the two words?
No way to reverse actions
Poor error message
No help or information
Top menu: “View”, “Daily finances”, “Investment”,
“Housing”, “Contact”, “Guidance & appliance”,
“Security” (“Overblik”, “Daglig økonomi”,
“Investering”, “Bolig”, “Kontakt”, “Vejledning &
Text: (excerpt): “You have logged on using a
certifikatløsning.”)
Links: “Change certificate solution”, “Change key
card solution” (“Ændr certifikatløsning”, “Ændr
Click “Change key card
solution”
No way to reverse actions
9 Title: “Changing key card solution” (“Ændring af
nøglekortløsning”)
Click “Activate new key card
–...”
This is no simple and natural dialogue
No help is offered
Radiobuttons: “Order new key card” and “Activate
Fill in correct card number
new key card – please note that your present key card
Click “OK”
will be erased and hence cannot be used any more”
(“Bestil nyt nøglekort” and “Aktiver nyt nøglekort
(vær opmærksom på at dit eksisterende nøglekor
slettes og derfor ikke kan benyttes mere” )
Field: “Fill in key card number from the new key
card” (“Indtast nøglekortnummer fra det nye
nøglekort”)
Buttons: “OK” and “Cancel” (“OK” and “Fortryd”)
9 Same text as previous, except from the text above the (Repeat filling in the correct
No help offered (e.g. The number of the Hotline)
title:
key card number with the
Poor error message since
same result)
“You have not filled in the key card number
correctly. Please try again. If the number is not
Eventually the attempts are
accepted please contact the Hotline” (“Du har
canceled and the user logs off.
indtastet nøglekortnummer forkert. Prøv igen. Hvis
nøglekortnummeret stadig ikke accepteres kontakt
Hotline”)
Examples:
Illustration 15 Screen dumps of page 2. This page offers the possibility to activate the “key
card”.
Illustration 16 Screen dump of page 8. After re-log on the user is met with this
message: “You do not have an account to withdraw from. Thus you cannot
make payments using Netbanken”.
Illustration 17 Screen dump of page 4. The “key card” is now active – but what does that
mean. When trying to use the “key card” after a re-log on it is however clear that the
system does not work where as the question as to what is wrong remains unanswered. See
screen dump of page 8.
Illustration 18 Screen dump of page 6. When trying to activate key card again
this page appears. After several attempts it is clear that the number on our “key
card” is not valid, and we are left to contact Hotline.
The key card arrives with a short letter with instructions of how to initialize the solution. The
information offered in this letter (and by the system as a whole) is however rather shallow and
neither informative nor sufficiently instructive.
1. Sydbank Netbank provides absolutely no useful help or information with regard to initializing
the key card.
2. The system feedback and terminology seems sometimes random and the user is left without any
feeling of internal locus of control before simply giving up installation sequence.
Basisbank
Intent:
To run Basisbank for the first time (29.7.2003).
Before the installation Basisbank has provided the user with:
1. a “pin-letter” including a 4 digit access code and a 8 character “key activating code” and
2. an email including a 7 digit user number (which is not identical with the account number). The
email includes a few basic instructions about how to perform the installation.
Steps and actions:
Pp
1 www.basisbank.dk
The menu includes the button “Log onto the bank” (“Log på
banken”)
User actions
Breakdowns ( )
or small
problems
Problem
category
Click “Log onto the
bank”
Click “OK”
The language is not
user friendly and
may leave the user
worried
3
3
No sense of internal
locus of control
2 Title “Front page” (“Forside”)
Fields: “Reg. and user no.” and “Access code” (“Reg. og
brugernr.” and “Adgangskode”)
Click “I have received
new codes from the
bank”
Links: 4 links including “I have received new codes from the bank”
(“Jeg har modtaget nye koder fra banken”)
Buttons: “OK” and “Cancel” (“OK” and “Fortryd“)
3 Title: “Activate on line access” (“Aktiver online adgang”)
Fields: “Reg.no.”, “User no.”, “Key activating code”, “Email
address”, “Signature code”, “Confirm signature code” (“Reg. nr.”,
“Brugernr.”, ”Nøgleaktiveringskode”, “Email adresse”,
Underskriftkode”, “Bekræft underskriftkode”)
Fill in the 6 fields
Click “OK”
There is a pause for
about 7 seconds with
total lack of system
response
This page holds
many fields to fill in
and increases
memory load
It makes no sense to
fill in email address,
since the bank has all
ready got it
“Nøgleaktiveringsko
de” (“key activating
code”) is not user's
language
2
1
2
2
1
Poor help with
regard to creating a
strong password
3 Pop-up message: (warning sign) “The key has been generated and
saved to disc” (“Nøglen er nu genereret og gemt på disc”)
Click “OK”
The term “key” has
never been
introduced and the
system offers no help
to examine it
2
4 Text: “As this is the first time you log onto the bank you need to
change your access code” (“Da dette er første gang du logger på
banken skal du ændre din adgangskode”)
Fill in fields.
Click “OK”
Fields: “Fill in your access code - appears in your PIN-letter”, “new
access code (4 digits)” and “confirm new access code” (“Indtast
din adgangskode – fremgår af dit PIN-brev”, “Ny adgangskode (4
cifre)” and “Bekræft ny adgangskode”)
User has to
remember access
code which increases
memory load
1
4 Pop-up message: “Signing” (“Signering”)
Field: “Fill in signature code” (“Indtast din underskriftskode”)
Fill in field
Click “OK”
User has to
remember signature
code which increases
memory load
1
2
No sense of internal
locus of control
5 Title: “Message”(“Meddelelse”)
Click “Back”
Text: “You have changed your access code. Remember to use the
new code next time you log on” (“Du har nu ændret din
adgangskode til banken. Husk at bruge den nye kode næste gang
du logger på”)
Button: “Back” (“Tilbage”)
Content: see top of table
2 Pop-up message: “Signing” (“Signering”)
Field: “Fill in signature code” (“Indtast din underskriftskode”)
Fill in the 2 fields
Click “OK”
Fill in field
Click “OK”
6 “View of account” (“Kontooversigt”)
Text: “Welcome” (“Velkommen”)
Examples:
Illustration 19 Screen dump of page 3. The registration number is filled in by
default but the user has to fill in his email address even though he has already
provided this information earlier.
User has to fill in
two codes which
increases memory
load
1
Basisbank provides the account holder with an email that instructs him how to carry through the
initial log-on. The information level aims at instructing the user and does not create an
understanding of security issues concerning the system.
1. The system does not provide any help (additional to the email instructions) with regard to the
installation, whereas the sequence of an every-day log on (this sequence is included in the
installation, see last three rows in the table above) provides a “Help” button. This inconsistency
is inconvenient and uncalled for.
2. Furthermore the help provided is rather poor since the user must choose between only three
issues “Your money and you” (“Du og dine penge”), “Products” (“Produkter”) and “Technical
issues” (“Teknik”) or be able to perform a search filling in keywords.
3. The system fails to provide error prevention since it is possible to fill in an infinite amount of
both letters and digits in fields such as “Access code” (“Adgangskode”). The access code used
in Basisbank never requires anything but 4 digits.
4. The system fails to provide exits, and the user have to close the browser or retype a path to get
away from the system. Opportunity to reverse actions is provided solely by the browser.
5. The system seems to require some information, which is not necessary. The user has previously
provided his email address to the bank, and the registration number is the same to every
customer in the bank. These requirements seems unnecessary.
6. At some points the system uses the registration number together with the “User number” hence
signaling that they belong together as registration number and account number. This is not the
case: The user number is a unique user identification number issued by the bank.
Summary of tables
The table below summarizes the number of steps, secrets and security phrases the user encounters
during the successful installations above. It concerns the number of user actions acquired in the
installation of the 6 banks (row 1), the number of problems encountered during these installations
(row 2), the amount of user input (row 3), and finally the number of security phrases the user
encounters during the installation (row 4).
How to read the 4 rows
Comments to row 1; number of user actions
We regard a user action as an occasion where the user is required to do something. On one page
the user may for instance be required to fill in 3 fields and clicking ”OK”, thus resulting in a total
of 4 user actions.
Comments to row 2; number of problems
The problems in row 2 have been arranged in the three categories mentioned in the paragraph “A
taxonomy of ease-of-use problems in Internet banking”. We find it necessary to point out that one
problem can occur more than once in each sequence, and that such a problem is counted as one
problem every time it occurs.
Comments to row 3; amount of user input
The user input is subdivided into 5 categories:
1. Initial ID (used to ID the user during initial log on),
2. permanent ID (used to ID the user during any later log ons),
3. initial password (used verify user identity),
4. permanent password (used to access the key in later log ons) and
5. other (input provided by the user for other or unknown reasons).
The input written in (parenthesis) in row 3 are optional for the user to remember and the notation
(x2) indicates that the user has to type in the secret twice. With regard to the secrets to remember
we have chosen to count the social security number (“CPR-nummer”), in spite it is a code which
most Danes remembers alongside their names and as such does not put much load onto the user's
memory.
Comments to row 4; number of security phrases
As for Jyske Bank the security concepts “User identification” and “Access control” merely appear
as headings. The term “Authorization” is a menu item, but not strictly related to the security-during
installation-issue. All three have, however, been included in the count of security concepts.
The browser pop-up messages include following difficult terms, of relevance to row 4: “Security
alert”, “Secure connection”, “Security warning”, “Signed”, “Publisher authenticity”, “VeriSign
Class 3 Code Signing 2001-4 CA. Caution”, “SIGNED WITH PERMISSIONS – Full
permissions”, “Security information” and “Secure and non secure items”. These terms are
considered to be difficult security phrases and are included in the total count “Total including
browser messages” underneath the list of phrases.
Danske bank
1
User actions
2
Problems
3
4
User input
Nordea
Jyske bank
Skandiabanken
Sy
13
14
9
15
19
1
1
1
3
4
5
2
11
12
4
11
15
3
4
2
2
6
8
Initial ID
1.
Permanent
ID
(same as initial ID - the system 2.
remembers the ID)
User name ( the system
remembers the ID)
(same as initial ID)
(same as initial ID – the
system remembers the ID)
(same
Initial
password
2.
Pin code
3.
4 digit key
2.
2.
I
4.
Password
3.
I
Permanent
password
3.
Password (x2)
4.
Password (x2)
Other
4.
Path to copy of key
5.
Location of key
1.
“Agreement”
1.
2.
“Agreement number”
3.
“Pin code”
4.
Security phrases
Agreement number
Pin code
1.
3.
Agreement number
1.
Customer number (CPR
number)
2.
“Key card number”
1.
User number
Pin code
1.
U
(same as initial password, both 3.
key and password)
Password (x2)
4.
P
“User name”
1.
“Customer number”
1.
“User number”
1.
“
2.
“Agreement number”
2.
“CPR number”
2.
“Signature code”
2.
“
3.
“Five digit pin code”
3.
“Key card number”
3.
“Signature file”
3.
“
“Password”
4.
“Personal password”
4.
“Key number”
4.
“Pin code”
4.
“
5.
“Key”
5.
“Safety key”
5.
“4 digit key”
5.
“Signature”
5.
“
6.
“Safety copy”
6.
“Location of safety key”
6.
“Password”
7.
“User identification”
8.
“Access control”
9.
“Authorization”
Total incl. browser messages:
8
8
11
12
Total
14
Every day log on
In the sequence we test the every day log on and how the system reacts when the user types in the
wrong password. The latter is not directly documented in the tables, but commented upon in the
paragraphs “Additional usability comments”.
From this point and on we only test Sydbank's certificate solution since we did not succeed in
activating the “key card” solution.
Danske Bank
Intent:
To log onto Danske Netbank (6.6.2003).
Steps and actions:
Pp
1 www.danskebank.dk
Menu buttons include “Log on” (“Log på”)
User actions
Click on “Log on” (“Log
på”)
1 Scroll menu reveals buttons including “Danske
Netbank”
Click on “Danske
Netbank”
Click “OK”
the user worried
3 Title: “Log onto Danske Netbank” (“Log på Danske
Netbank”)
Some additional text is shown but the window closes
too fast to enable the user to read it.
4 Pop up message:
Title: “Danske Bank Log on”
Fields: “Agreement number” and “Password”
(“Aftalenummer” and “Kodeord”)
No user action is
required. Window closes
automatically in about 1
sec.
Poor system feedback. The user has no time to
read the content of the page and is left confused
Check agreement number
(presented in a scroll
menu) and fill in
password. Click “OK”
User has to remember his password and may
additionally have to choose between several
agreement numbers in case he has more than one
account – this increases memory load
Buttons: “OK”, “Cancel” and “Functions” (“OK”,
“Annuller” and “Funktioner”)
5 View of accounts
Examples:
Illustration 20 Screen dump of pop up message on page 4.
The system remembers the agreement number in a scroll
menu.
Automatic closure of window means lack of
internal locus of control
The label “Functions” may cause confusion –
what is the use for this button during log on?
Illustration 21 Screen dump of page 5. After filling in the correct
password the user enters the view of accounts.
1. Danske Netbank's log on sequence provides no help whatsoever. The button “Help” (“Hjælp”)
is unaccessible from page 4 where a user might want help to perform the correct actions.
2. There seems to be a potential problem with memory load with regard to agreement number: The
system remembers agreement numbers and presents them in a scroll menu but a user with many
accounts may experience difficulties when trying to remember which account number is
attached to which account.
3. No exits are offered.
4. Error messages are very helpful and are concerned with solving the problem rather than just
informing that there is a problem.
Nordea
Intent:
To log onto Nordea Netbank (23.6.2003).
Steps and actions:
Pp
1 www.nordea.dk
Menu includes button “Log on” (“Log
på”)
User actions
Click on “Log on” (“Log
på”)
1 Scroll menu opens several buttons
including “Internet bank” (“Netbank”)
Click on “Internet bank”
(“Netbank”)
Surprising feedback on the previous action (clicking ”Log
on”)
Click “OK”
The language is not user friendly and may leave the user
worried
3 Field: “Choose username” (“Vælg
brugernavn”)
Fill in password accepting
default user name.
The label “Log on” has been used previously to another
button
Click “Log on”
The button “Find key” is confusing. There is apparently
no need for it
Button: “Find key” (“Find
sikkerhedsnøgle”)
Field: “Fill-in password” (“Indtast
kodeord”)
Buttons: “Log on”, “Cancel” (“Log på”,
“Annullér”)
4 View of account
Memory load is increased due to the password
Examples:
Illustration 22 Screen dump of the scrool menu on page 1.
1. Help is easy accessible, but offers no thorough assistance. On page 3 the provided help to
“Ordinary Log on” (“Almindelig Log på”) is as follows: “You have to choose user name and
fill in your personal password if you all ready got Internet bank or mail” (original text: “Har du
allerede Netbank eller Mail, skal du vælge brugernavn og indtaste dit personlige kodeord”).
This information is quite obvious when examining page 3, whereas questions regarding “what is
a personal password” or “I have forgotten my password are left unanswered.
2. Error messages with regard to wrongly typed password is informative and instructive: “There is
an error in the typed password – you may try again. Now you got 4 attempts left before access
is terminated. If you do not remember your personal password you can order a new pin code at
your local branch. (Error 15756)” (original text: “Der er fejl i det indtastede kodeord – prøv
evt. igen. Du har nu 4 forsøg tilbage før din adgang bliver spærret. Kan du ikke huske dit
personlige kodeord kan du kontakte din egen filial for at bestille en ny pinkode. (Fejl 15756)”)
Jyske bank
Every day log on is the same sequence as installation (see above).
The system offers a short error message as response to the wrong “key card” number. At this point
the system could have chosen to provide an example of where to find the desired code. It does
however not.
Illustration 23 The system responds with this error message: "Error in typed in "key card" number. Please try again".
The red sign blinks between the word "stop" and the warning sign !
Skandiabanken
Intent:
To log onto Skandiabanken (29.7.2003)
Steps and actions
Pp
1 www.skandiabanken.dk
User actions
Click on “Internet bank”
Menu includes “Internet bank” (“Netbank”)
2 Title: “Welcome to Internet bank”
(“Velkommen til netbank”)
Click on “Log onto the
Internet bank”
Text: (exerpt) “You enter the Internet bank
by clicking on the header “Log onto
Internet bank”” (“Du går i netbank ved at
klike på fanen “Log på Netbank”)
Click “OK”
3 Browser pop-up message: “Security
warning”
Click “OK”
worried
worried
3 Title: “Log on” (“Log på”)
Fields: “User number”, “Signature code” (a
default path is shown), “Signature file”
(“Brugernummer”,“Underskriftkode”,
“Underskriftfil”)
Buttons: “Browse”, “OK”, “New user/pin
code”, (“Gennemse”, “OK” and “Ny
bruger/pinkode”)
4 Title: “View of accounts”
(“Kontooversigt”)
Examples:
Fill in fields
Click “OK”
The attempt to prevent errors by using a scroll menu to
present the user's various account numbers may cause a
mental overload since it is hard to remember which number
belongs to which account
“Signature file” may not be user language
Memory load is increased due to the signature code
Illustration 24 If the user has unread messages the system opens on the "in box page". Otherwise the
system opens on the view of accounts.
Illustration 25 The error message is short but in-instructive. "Error message. User number or password has been
filled in wrongly".
1. There seems to be a problem with consistency since the system does not always open on the
same page. If there is messages from the bank the system opens on “Information form the bank”
(“Informationer fra banken”). Otherwise it opens directly onto the “View of accounts”
(“Kontooversigt”). This design is in conflict with the heuristic concerning internal locus of
control.
2. Error messages simply states where the error may be.
Sydbank
Intent:
To log onto Sydbank (24.6.2003 and 29.7.2003)
Steps and actions:
a) Unsuccessful try to log on (24.6.2003).
Pp
1 www.sydbank.dk
The top menu includes the button “Start Internet
bank” (“Start Netbank”)
User actions
Click “Start Internet
bank”
Click “OK”
worried
Fill in user number
The help offered by the search engine is very limited
Fill in password.
The system does not offer to remember the user number.
And since the user number cannot be changed the user
may risk memory overload
Click “Log on”
“Hjælp”)
3 Text: “Your password has been accepted. The
system is currently getting hold of your certificate. It
will only take a moment before you are logged on”
(“Dit kodeord er accepteret. Systemet er i øjeblikket
i færd med at hente dit certifikat. Det varer kun et
øjeblik, så er du logget på”)
automatically end your log in session and you will
be asked to log on once again ” (“Efter nogen tid
uden aktivitet på systemet, vil din login automatisk
blive afsluttet og du vil blive bedt om at logge på
igen”)
(After 17 minutes of
No system response
no system response
No help provided
the user is left with no
choice but to click
The term “Certificate” is used without explanation which
cancel)
may cause the user worries
Poor sense of internal locus of control
The promise to end the log in after an idle period is not
fulfilled
Examples:
Illustration 26 Screen dump of page 3. The system informs the user that it is trying to locate
the certificate and that it will only take a moment before the user is logged on. It may,
however, easily take as long as 30 minutes.
Steps and actions:
b) Successful try to log on (29.7.2003).
Pp
www.sydbank.dk
The top menu holds the button: “Start Internet bank”
1 (“Start Netbank”)
User actions
Click “Start Internet
bank”
Click “OK”
The language is not user friendly and may leave the
user worried
Fields: “User number” and “password”
Fill in user number
The help offered by the search engine is very limited
Fill in password
The system does not offer to remember the user
number. And since the user number cannot be changed
the user may risk memory overload
Click “Log on”
Buttons: “Log on” and “Help” (“Log på” and “Hjælp”)
3 Text: “Your password has been accepted. The system is No user action
currently getting hold of your certificate. It will only
required. The page
take a moment before you are logged on” (“Dit
closes automatically
kodeord er accepteret. Systemet er i øjeblikket i færd
med at hente dit certifikat. Det varer kun et øjeblik, så
er du logget på”)
automatically end your log in session and you will be
asked to log on once again ” (“Efter nogen tid uden
aktivitet på systemet, vil din login automatisk blive
afsluttet og du vil blive bedt om at logge på igen”)
Click “OK”
user worried
Examples:
Illustration 27 Screen dump of the error message the user receives when typing in both wrong user number and
password. The message seems to suggest that the password holds the error (which is not entirely correct) bur does
not provide any thorough help. The message is a follows: “The information filled in is wrong. Please note that the
system is case sensitive when it comes to the password”.
1. Ability to reverse actions or exit specific tasks is provided solely by the browser
2. The error message is neither entirely correct nor very useful.
Basisbank
Intent:
To log onto Basisbank (29.7.2003)
Steps and actions:
Pp
1 www.basisbank.dk
User actions
Click “Log on”
Various top menu buttons e.g. “Log on”
(“Log på banken”)
Click “Yes”
2 Browser pop-up message: “Security
warning”
Click “OK”
worried
worried
Accept default account number User has to remember several codes which increases
in scroll menu
memory load
Fields: “Reg. and user no.” (scroll menu) and
“Access code” (“Reg. og brugernr.” and
Fill in access code
“Adgangskode”)
Click “OK”
Links: 4 links including “I have received
new codes from the bank” (“Jeg har
modtaget nye koder fra banken”)
Buttons: “OK” and “Cancel” (“OK” and
“Fortryd”)
2 Pop-up message: “Signing: Fill in password” Fill in password
(“Signering: Indtast underskriftskode”)
Click “OK”
Buttons: “OK” and “Cancel” (“OK” and
“Fortryd”)
User has to remember a password which increases
memory load
Examples:
Illustration 28 Screen dump of page 2. “User number” (“Bruger nr.”) appears together with the registration number
as if it was the account number. It is, however, not.
Illustration 29 Screen dump of pop-up
message on page 2. When filling in the
wrong password and clicking "OK"
nothing happens. There is no system
response whatsoever and the user
must terminate the task by clicking
"Cancel" or closing the window with
the x-button in the upper right corner.
1. The system may not provide sufficiently help since the user has to look for e.g. explanations of
terms within a search index of just 3 issues.
2. The system does not provide error messages when the user have typed in the wrong password.
The system simply freezes which must be regarded as a very unfortunate lack of feedback.
Log off
Danske bank
Intent:
To log off Danske Netbank and attempt a quick re-log on (6.6.2003).
Steps and actions:
Pp
User actions
Click on “Log off”
Menu buttons include “Log off” (“Log af”)
2 Text: “Getting information...” (“Henter
oplysninger...”)
Additional text is displayed but the window closes to
fast to enable the user to read it.
No user action required. Window
closes automatically in about 1
sec.
Leaves the user without any sense of internal
locus of control
Action cannot be reversed
Click “Yes”
3 Text: “You have succeeded in logging off Danske
Netbank” (“Du er nu logget af Danske Netbank”)
(After clicking “Log onto Danske
Netbank once more” an ordinary
log on session follows. For details
see table above)
The language is not user friendly and may
leave the user worried
Link: “Log onto Danske Netbank once more” (“Log
på Danske Netbank igen”)
Examples:
Illustration 30 Screen dump of page 3. Danske bank provides status message
from the system (“You are logged off Danske Netbank”) as well as the
opportunity to log on quickly again.
There is no additional comments.
Nordea
Intent:
To log off Nordea Netbank and attempt a quick re-log on (23.6.2003).
Steps and actions:
Pp
1
User actions
Click “Log off”
Menu includes the button “Log off” (“Log af”)
2
Click “Yes”
the user worried
Blank page
No user action needed. This page
closes automatically in ½ a sec.
Nordea web page entitled “Private” (“Privat”)
containing various informations about products
etc.
(From this point follows an
ordinary log on including user
identification. For details see table
above)
Poor system feedback – no information about
log off status
3
This page also includes a button “Log on” (“Log
4 på”)
User experiences no sense of closure
No reversal of action
Examples:
Illustration 31 From page 1 the user clicks "Log off" to exit and ends on page 4 (next example).
Illustration 32 Screen dump of page 4. There is no thorough information about log off
status on this page.
No additional comments.
Jyske bank
Intent:
To log off Jyske Netbank and attempt a quick re-log on (4.7.2003)
Steps and actions:
Pp
User actions
Click “Close Jyske
Netbank”
The link is marked in clear yellow as if “Close Jyske
Netbank” is the title of the current page. This is not
consistent with the rest of the system
Click “OK”
No possibility to reverse actions
Click “Yes”
user worried
3 www.jyskebank.dk
(From this point
follows the ordinary
log on including
identification of the
user. See table above)
Several menu links including “Close Jyske Netbank”
(“Afslut Jyske Netbank”)
2 Text: “Jyske Netbank has been closed correctly. Press
OK if you wish to go to Jyske Banks home page”
(“Jyske Netbank er nu afsluttet korrekt. Tryk på OK hvis
du ønsker at gå til Jykse Banks hjemmeside”)
Home page includes button “Start Jyske Netbank”
(“Start Jyske Netbank”)
Examples:
Illustration 33 Screen dump of page 1. The link “Afslut Jyske Netbank” in the left side menu is
marked with the colour yellow as if it was the current page. All other links are white.
1. The system does only to some extent provide reverse and exit possibilities.
2. If the user uses the browser's navigation buttons he is returned to Jyske Banks homepage which
may be a confusing system feedback.
Skandiabanken
Intent:
To log off Skandiabanken (23.6.2003)
Steps and actions:
Pp
1
User actions
Breakdowns ( ) or
small problems
Click “Log off”
The menu includes the button “Log off” (“Log af”)
2
Title: “Log off” (“Log af”)
Click “Yes”
This page is an unnecessary
feedback upon the previous
action (pressing “Log off”)
Click link
No reversal of action
Text: ”Do you want to log off?” (“Skal der logges af?”)
Buttons: “Yes” and “No” (“Ja” and “Nej”)
3 Text: “You have logged off the system. Thank you for your visit” (“Der er
logget af systemet. Tak for besøget”)
Link to Skandiabankens home page
www.skandiabanken.dk
4 Menu includes “Internet bank” (“Netbank”)
(Hereafter follows ordinary
log on, see table above)
Examples:
Illustration 34 Screen dump of page 2. The systems wants to make sure tha the user actually want to exit. There is no
call for that extra check-up.
There is no additional comments.
Sydbank
Intent:
To log off Sydbank Netbank immediately followed by an attempt to re log-on (28.7.2003).
Steps and actions:
Pp
System
information/actions
1 Title: “View of account”
(”Kontooversigt”)
User actions
Click “End”
Menu includes button “End”
(“Afslut”)
2 Home page:
www.sydbank.dk/sydbank_privat/
Menu includes button “Start Internet
bank” (“Start Netbank”)
1 Title: “View of account”
(”Kontooversigt”)
Click on “Start Internet
bank”)
Lack of closure
(At this point actions can sometimes still be reversed)
Poor system feedback – no system status
See below in “Additional usability comments”
Examples:
Illustration 35 Screen dump of page 1. When clicking "Log off" ("Afslut" in the top right corner) the system turns
directly to page 2 (next example).
Illustration 36 Screen dump of page 2. The system offers no specific information that the user has
successfully been logged off.
1. At some occasions, like the sequence above, it seems to be possible to reenter “View of
accounts” (“Kontooversigt”) without having to provide any identification. Though this problem
is not directly related to the heuristics we use in the current examination it is however a big
problem for security and hence the user's confidence in the system.
Basisbank
Intent:
To log off Basisbank followed by an attempt to re-log on (4.7.2003).
Steps and actions:
Pp
Top menu includes link: “Log off the bank“ (“Log af banken”)
User actions
Click “Log off the
bank”
Click “Yes”
2 Text: “You have now been logged off” (“Du er nu logget af
banken”)
Click on “Log on”
Menu includes “Log on” (“Log på banken”)
Click “OK”
(Hereafter follows
ordinary log on, see
table above)
Fields: “Reg. and user no.” (scroll menu) and “Access code” (“Reg.
og brugernr.” and “Adgangskode”)
Links: 4 links including “I have received new codes from the bank”
(“Jeg har modtaget nye koder fra banken”)
Examples:
Illustration 37 Screen dump of page 2. Clear system feedback: "You have
been logged off".
problems
No reversal of actions
Money transfer
This task concerns transferring money between accounts in two different banks. We perform this
task without previously participating in any kind of introduction/demo if such is present.
Danske Bank
Intent:
To transfer money from an account in Danske Bank to an account in another bank (31.7.2003).
Steps and actions:
Pp
1 Title: “View of accounts” ( “Kontooversigt”)
User actions
problems
Click “Payments”
13 links including “Payments” (“Betalinger”)
2 Title: “Payments” (“Betalinger”)
Click “Transfer”
9 links including “Transfer” (“Kontooverførsel”)
3 Title: “Transfer” (“Kontooverførsel”)
Fields: “Choose account” (scroll), “Text to extract”, “Amount”
(including currency scroll menu), “Date” (“Vælg konto”, “Tekst på
kontoudskrift”, “Beløb”, “Dato”)
Fill in fields
Click “OK”
The scroll menu concerning currency is
in conflict with simple and natural
dialogue. There is no need for it since
only one currency can be chosen
Error prevention could be improved.
The field “Amount” holds for instance
room for as much as 20 characters (both
letters and digits)
Check box: “Forward receipt” (“Tilsend kvittering”)
Menu link: “Transfer on behalf of” (“Overførsel på vegne af”)
Fields: “Choose recipient” (scroll), “Or fill in account number”,
“Text on recipient's extract” (“Vælg modtager”, “Eller indtast
kontonummer”, “Tekst på modtagers kontoudskrift”)
The labels and titles of the fields could
be clarified
Check box and field: “Save as recipient” (“Gem som fast
beløbsmodtager”)
Menu link: “Message” (“Meddelelse”)
Buttons: “OK” and “Clear” (“OK” and “Ryd felter”)
4 Text: “Getting information. Please wait...” (“Henter oplysninger –
vent venligst...”)
No user action is
needed. The window
closes automatically in
½ a sec.
Poor feeling of internal locus of control
No user action needed.
The following pop-up
message pops up
automatically in ½ a
sec.
Fill in password
The phrase “Digital signature”
(“Digital underskrift”) has not been
used before
Fields: “Choose account” (scroll), Text to extract”, “Amount”
beløbsmodtager”)
3 Pop-up message: “Digital signature” (“Digital underskrift”)
Text: (excerpt) “Do you accept the following?” (“Vil du acceptere
følgende?”)
Field: “Password” (“Kodeord”)
Buttons: “OK” and “Cancel” (“OK” and “Annuller”)
Click “OK”
The user has to remember a password
which increases load on mental memory
After this point there is no easy reversal
of actions
4 Text: “Getting information. Please wait...” (“Henter oplysninger –
vent venligst...”)
No user action is
needed. The window
closes automatically in
½ a sec.
Fields: “Choose account” (scroll), Text to extract”, “Amount”
beløbsmodtager”)
Examples:
Illustration 38 Screen dump of pop up-massage on page 3. At this
point the user has to sign the order.
Poor sense of internal locus of
control
No sense of closure
Illustration 39 Screen dump of page 3 (after the transfer). Note the diminutive feedback marked
by green dot in the very bottom of the page: “The transfer has been executed”.
1. In order to get proof that this task has indeed been accomplished the user has to enter “View of
accounts” after the sequence. This is poor system feedback.
Nordea
Intent:
To transfer money from an account in Nordea to an account in another bank (7.8.2003).
Steps and actions:
Pp
User actions
Click “Payments and transfers”
10 links including “Payments and transfers”
(“Betalinger og overførsler”)
1 Scroll menu unfolds 6 links including “Transfer
money” (“Overfør penge”)
Click “Transfer money”
2 Title: “Transfer money” (“Overfør penge”)
Fill in fields
Fields: “To be deducted from” (scroll menu of
accounts), “Text to own extract” (“Hæves på”,
“Tekst til eget kontoudskrift”)
Click “Send”
The number 30 in the message “Message to
recipient (Max. 40 characters) 30” is
confusing
It is possible to fill in 13 digits in field:
“Amount” but the size of the field only
allows the user to view 11 digits at a time –
poor error prevention
Radio buttons: “Once” and “Several times” (“En
gang” and “Flere gange”)
Fields: “Amount”, “Date of payment”, “Receiver”,
“Name”, “Registration number”, “Account number”
(“Beløb”, “Betalingsdato”, “Beløbsmodtger”,
“Navn/Kendenavn”, “Reg.”, “Kontonr.” )
If the user has several accounts choosing
between account numbers may increase
memory load
Check box. “Save recipient” (“Gem
beløbsmodtager”)
Field: “Message to recipient (Max. 40 characters)
30” (“Meddelelse til beløbsmodtager (Max. 40 tegn)
30”)
Buttons: “Next transfer”, “Send”, “Cancel” (“Næste
overførsel”, “Send”, “Annullér”)
3 Title: “Confirm transfer” (“Bekræft overførsel”)
(view of order)
Field: “Fill in personal password” (“Indtast
personlig kode”)
Buttons: “Send”, “Cancel” and “Print” (“Send”,
“Annuller”, “Udskriv”)
4 Title: “Transfers” (“Overførsler”)
(Shows the order marked with a check mark. See
example below)
Fill in password
At this point the transfer cannot be reversed
Click “Send”
The user has to remember a password which
increases memory load
Examples.
Illustration 40 Screen dump from page 4. This is how Nordea effectively
closes the sequence.
1. The use of the term “Send” in stead of “OK” is problematic. It is not a natural choice of word to
describe the action “acceptance”.
Jyske bank
Intent:
To transfer money from an account in Jyske Bank to an account in another bank (4.7.2003).
Steps and actions:
Pp
5 menu buttons including “Transfer to others” (“Overførsel til andre”)
2 Title: “Transfer to others” (“Overførsel til andre”)
Field: “Old payments” (scroll menu) (“Gamle betalinger”)
User
actions
problems
Click “Transfer to
others”
Fill in fields
Click “OK”
The information “Transfer from
XXXXX current account XX.XX DKK”
does not appear in a logic place of order
Text: “Transfer from XXXXX current account XX.XX DKK”
(“Overførsel fra kontonummer XXXXX Folio XX,XX kr”)
Fields: “Fill in text to extract of account”, “Amount”, “Dare of transfer”
(default: Today), “Transfer to”, “Fill in message to receiver” (“Indtast
evt. Tekst til kontoudtog”, “Beløb”, Udførelsesdato”, “Overførsel til”,
“Indtast evt. meddelelse til modtager”)
Radiobuttons: (click either yes or no) “Do you wish to save payment for
the future?”, “Do you wish to send the message to the receiver
immediately”, “Do you wish to receive a receipt?” (“Ønsker du at
gemme betalinger til senere brug”, “Ønsker du at mdtager får tilsendt
en nota med meddelselsen med det samme?”, “Ønsker du at få tilsendt
en kvittering for overførslen?”)
Buttons: ”OK” and “Clear” (“OK” and “Nulstil”)
3 Title: “Interim confirmation of order” (“Foreløbig ordrebekræftigelse”) Fill in key
Text: (the confirmation of oder)
Click “OK”
Text: “Confirm the new order with a key. Does your key card no.
XXXXXX have a key no. XX.XX?” (“Bekræft din nye ordre med en
nøgle. Finder nøglenr. XX.XX på dit nøglekort XXXXXX?”)
Field: “Yes - fill in the 4 character key at XX.XX” (“Ja - indtast den 4
cifrede nøgle der står ved XX.XX”)
Text: “No – do not fill in the key. Close Jyske Netbank and contact your
branch” (“Nej – du må ikke indtaste din nøgle. Afslut Jyske Netbank og
kontakt din Jyske Bank afdeling”)
Buttons: “OK” and “Cancel” (”OK” and “Fortryd”)
4 Text: (excerpt) “The order has been carried through” (“Ordren er
gennemført OK”)
5 menu buttons including “Transfer to others” (“Overførsel til andre”)
Examples:
Click “OK”
Action can no longer be reversed
Illustration 41 The screen dump of page 2 shows the fields the user has to fill in to transfer money
between accounts.
Skandiabanken
Intent:
To transfer money from an account in Skandiabanken to an account in another bank (29.7.2003).
Steps and actions:
Pp
1 Initial page shows “View of account” (”Kontooversigt”)
User
actions
Click “Payments”
Among the buttons in the left menu is “Payments”
(“Betalinger”)
1 Scroll menu unfolds:
“Transfer between own accounts”, “Transfer between
other accounts”, “Inpayment form”, “Future payments”,
“Search payments” (“Overførsel - egne konti”,
Overførsel - andre konti”, “Indbetalingskort”,
“Kommende betalinger”, “Søg i betalinger” )
2 Title: “Create extern transfer“ (“Opret ekstern
overførsel”)
Click “Transfer
between other
accounts”
Inconsistent use of words to describe transfer (Danish
words used in the original text: “Overførsel”,
“Betaling” and “Oprettelse”)
Fill in fields
Click “Next”
Text: “Get standard payment” scroll menu containing
previous payments) (“Hent standard betaling”)
User may have to chose between several accounts from
which to withdraw which increases memory load
Fields: “Amount”, “Withdraw from account” (scroll
menu), “To account – reg. no and account no.”, “Date of
payment (ddmmyyyy) – blank mean as quickly as
possible”, “Text for own extract (max 20 char.)”, “Text
for receiver's extract” (choose between field and scroll
menu)) (“Beløb”, “Hæves på konto”, “Til konto – reg.nr.
og kontonr.”, “Betalingsdato (ddmmåååå) – blank
betyder hurtigst muligt”, “Tekst til egen kontoudskrift
(max 20 tegn)”, “Tekst til modtagers kontoudskrift”)
The terms payment and transfer are used inconsistently
The system requires the user to fill in registration
number and account number in the same field which
may cause confusion since there is no guidance whether
the digits e.g. should be filled in hyphenated or not
Error prevention with regard to the filling in of
registration number and account number could be
improved by providing a separate 4 spaced field to
registration number or providing a hyphen within the
current field
Check boxes: 6 boxes includes e.g. “Wishes to fill in
more text” (“Ønsker at angive mere tekst”)
Button: “Next” (“Næste”)
3 Title: “Accept order” (“Godkend oprettelse”)
Text: (shows a view of the order)
Fill in signature
Click “OK”
Click “OK”
No chance to reverse action
Fields: “Signature code”, “Signature file”(shows the
default path), “Underskriftkode”,“Underskriftsfil”)
4 Text: “The transfer has been made” ( “Betalingen er
oprettet”)
2 Title: “Create extern transfer“ (“Opret ekstern
overførsel”)
Examples:
Illustration 42 Screen dump of page 2. Despite the fact that the account holder is
only allowed to transfer 2.000 DKK each day he can actually type in 20 digits in the
"Amount" field.
1. Due to the lack of “Clear”-buttons the system fails to provide easy reversal of actions with
regard to e.g. filling in the fields. Reversal of actions and exit of specific tasks is provided
solely by the browser.
2. With regard to error prevention the system provides several scroll menus where the user can
choose standard payments or account numbers. The size of some of the fields may however
cause problems since e.g. the field to fill in the amount has room for 20 digits and it seems
unlikely that any ordinary account holder should desire to transfer 99,999,999,999,999,999,999
DKK from his PC. Especially since the bank has a limit to the amount of money the user can
transfer in one day.
Sydbank
Intent:
To transfer money from an account in Sydbank to an account in another bank (30.7.2003).
Steps and actions:
Pp
Top menu: “View”, “Daily finances”, “Investment”, “Housing”,
“Contact”, “Guidance & appliance”, “Security” (“Overblik”, “Daglig
økonomi”, “Investering”, “Bolig”, “Kontakt”, “Vejledning &
User
actions
Click “Daily
finances”
1 Scroll menu unfolds 4 links including “Payments and transfers”
(“Betalinger & overførsler”)
Click
“Payments and
transfers”
1 Scroll menu unfolds 4 links including “Transfers” (“Overførsler”)
Click
“Transfers”
2 Title: “Transfer” (“Overførsel”)
Fill in fields,
leaving check
Fields: “Use template or transfer to own account” (chose from scroll
boxes
menu), “Withdraw from” (chose from scroll menu), “Text to own
unchecked and
statement of account”, “Receiver”, “Account number”, “Amount” (chose radio buttons
currency from scroll menu), “Date of payment”, “Text to receiver”
unmarked
(“Benyt gemt betaling eller overør til egen konto”, “Hæves på”, “Tekst
til engen kontoudskrift”, “Beløbsmodtager”, “Kontonummer”, “Beløb”, Click “OK”
“Betalingsdato”, “Tekst til beløbsmodtager”)
Extra fields: “On behalf of” and “Message” (“På vegne af” and
“'Meddelelse”)
Check boxes: “Save payment for the future”, “Transfer to
unauthenticated payments and authenticate late”, “Receipt (5.00 DKK)”
(“Gem betaling til fremtidig brug”, “Overfør til ubekræftede betalinger
og bekræft senere”, “Kvittering (5,00 kr)”)
problems
The labels are not sufficiently clear
Lack of help to how to fill out “Date of
payment”
Text uses “Transfer” and “Payment”
inconsistently
The radio button “Create as a single
transfer” could be removed to increase
simplicity. Not marking the radio button
“Create as multiple transfers” says exactly
the same. It causes unnecessary memory
load
User may have to chose between several
accounts numbers in order to chose from
which account to make the withdrawal
Radio buttons: “Create as a single transfer” (default) and “Create as
multiple transfers”) (”Opret som engangsoverførsel”, “Opret som
flergangsoverførsel”)
Buttons: “OK” and “Clear” (“OK” and “Nulstil”)
Text: “Confirm payment” (“Bekræft betaling”)
Fill in password Password increases cognitive memory load
Click “OK”
Text: (summary of the entire order)
inconsistently
Field: “Confirm by filling in your password and clicking ok” (“Bekræft
ved at indtaste kodeord og klikke ok”)
Button: “OK” and “cancel” (“OK” and “Fortryd”)
4 Text: “Your password has been accepted. The system is currently getting
hold of your certificate. It will only take a moment before you are logged
on” ( “Dit kodeord er accepteret. Systemet er i øjeblikket i færd med at
hente dit certifikat. Det varer kun et øjeblik, så er du logget på”)
Text: “Note: After an idle period the system will automatically end your
session and you will be asked to log on once again ” (“Efter nogen tid
uden aktivitet på systemet, vil din login automatisk blive afsluttet og du
vil blive bedt om at logge på igen”)
(No user action
required.
Window closes
automatically in
1.5 seconds)
Fields: “Use template or transfer to own account” (chose from scroll
menu), “Withdraw from” (chose from scroll menu), “Text to own
statement of account”, “Receiver”, “Account number”, “Amount” (chose
currency from scroll menu), “Date of payment”, “Text to receiver”
(“Benyt gemt betaling eller overør til egen konto”, “Hæves på”, “Tekst
til engen kontoudskrift”, “Beløbsmodtager”, “Kontonummer”, “Beløb”,
“Betalingsdato”, “Tekst til beløbsmodtager”)
Insufficiently information as to whether
or not the transaction has occurred
No opportunity to reverse action.
inconsistently
Extra fields: “On behalf of” and “Message” (“På vegne af” and
“'Meddelelse”)
Check boxes: “Save payment for the future”, “Transfer to
unauthenticated payments and authenticate late”, “Receipt (5.00 DKK)”
(“Gem betaling til fremtidig brug”, “Overfør til ubekræftede betalinger
og bekræft senere”, “Kvittering (5,00 kr)”)
Radio buttons: “Create as a single transfer” (default) and “Create as
multiple transfers”) (”Opret som engangsoverførsel”, “Opret som
flergangsoverførsel”)
Buttons: “OK” and “Clear” (“OK” and “Nulstil”)
Examples:
Illustration 43 Screen dump of page 2. The fields to fill in in order to conduct a
money transfer.
1. In the end of this sequence the user will be quite confused as to whether or not the transfer did
actually take place. Consulting the view of accounts will however clear out this confusion:
Immediately after the transfer the view of account show that the right amount has been
subtracted. It is however needless to say that this need for the user to check up on the status of
the system is a big usability problem.
Basisbank
Intent:
To transfer money from an account in Basisbank to an account in another bank (31.7.2003).
Steps and actions:
Pp
Menus: “Deposit”, “Payments/transfer”, “Credit & loan”, “Basis
invest”, “Your dialogue with us”, “Basisbank service” (“Indlån”,
“Betalinger/overførsler”, “Kredit & Udlån”, “Basisinvest”, “Din
dialog med os”, “Basis bankservice”)
User actions
problems
Click
“Payments/transfer”
1 Scroll menu unfolds 10 links including “Transfer amount to others” Click “Transfer amount
(“Overfør beløb til andre”)
to others”
2 Title: “Transfer to other accounts” (“Overfør til andre konti”)
Fields: (From) “Account” (remembers the users different account
numbers), “Amount”, “Date of transfer”
Fill in fields
((Fra): “Konto”, “Beløb”, “Overførselsdato”)
Check box: “Get receipt (costs 25DKK)” (“Få tilsendt kvittering
(koster 25 dk)”)
Poor error prevention in field
“Amount”. The system separates kroner
and ører into two fields, but accepts an
infinite number of characters in the field
kroner (or at least 60 characters
according to this investigation)
User may have to chose between several
sender account numbers which increases
memory load
Fields: (To) “Account”, “Text to extract – max. 20 characters”
((Til) “Konto”, “Tekst til kontoudskrift – maks. 20 tegn”)
Menu links: “Save in recipient register”, “Send receipt to recipient
(costs 25 DKK)” (“Gem i modtagerregister”, “Send kvittering til
modtager (koster 25 kr)”)
Buttons: “Reset” and “Continue” (“Nulstil” and “Videre”)
3 Title: “Check your information” (“Tjek dine oplysninger”)
Click “Accomplish”
The title is misleading
Fill in password
User has to remember password which
increases memory load
Text: (overview of the entire transfer order)
Buttons: “Correct” and (“Accomplish” (“Tilpas/ret” and
“Gennemfør”)
3 Pop-up message:
“Signing – fill in password” (“Signering – Indtast
underskriftskode”)
4 Title: “Transfer to others” (“Overførsel til andre”)
Text: (overview of the entire transfer order)
Buttons: “Transfer more money”, “Print”, “Back to my front page”
(“Overfør flere penge”, “Udskriv”, “Til bage til min forside”)
Click “OK”
After clicking “OK” there is not reversal
of actions
Not sufficient feedback
Poor sense of closure. The text does not
state that the transfer has taken place
Examples:
Illustration 44 Screen dump of page 4. This page does not state whether or not the
transfer has been completed.
1. The system does not provide an easily accessible information about whether or not the task is
completed. To see if the transfer has indeed taken place the user will have to click the button
“Back to my front page” (“Tilbage til min forside”) at page 4. He then returns to “View of
accounts” where it is evident that the amount has been deducted from his account. This extra
workload is a big usability problem.
Weak passwords
At this point we examine how the system reacts to passwords that do not fulfill the system protocol
(such as aaaaaaaa when the system requires small and capital letters or letters and digits.
Additionally we will try to type in 7 characters when the system requires min. 8). We expect to
receive some error messages and focus on the nature of these to decide whether they be simply
stating the error or trying to help the user to solve the problem.
In addition to the ordinary paragraphs such as “Intent” and “Steps and actions” we have added the
paragraph “Protocol” below. “Protocol” documents how each system describes it's password
requirements.
Danske Bank
Protocol:
“The password has to be min. 8 and max. 16 characters. Choose a password that is a nonsense
word that does not have any meaning. Use a mixture of digits and letters” (original text:
“Kodeordet skal være på mindst 8 og maksimalt 16 karakterer. Vælg et kodeord, der er et
vrøvleord som ikke umiddelbart giver mening. Anvend en blanding af tal og bogstaver”).
Intent:
To change the pasword of the account in Danske Netbank (5.8.2003)
Steps and actions:
Pp
User
actions
Click “Settings”
Consistency problem: The button is difficult to find
since most other buttons is located in the side menu
The text and title could be more specific
3 Text: “Getting information. Please wait...” (“Henter
oplysninger. Vent et øjeblik...”)
No user action
needed. Window
closes
automatically in ½
a sec.
4 Title: “Security” (“Sikkerhed”)
Click “Change
password”
The system does not provide sufficiently help to
create strong passwords
9 top menu buttons including “Settings” (“Indstillinger”)
2 Title: “Settings” (“Indstillinger”)
Text: (excerpt) “Under 'Settings' you can change the general
settings” (“Under indstillinger kan du skifte de generelle
indstillinger”)
7 buttons in the side menu including “Security”
(“Sikkerhed”)
Text: (excerpt) “Here you can change your personal
password which you use to log on or sign a transfer. Please
note...” (followed by 2 pieces of advice concerning creation
of password, 1 piece of advice concerning use of password
from other PCs and 1 piece of advice concerning safety copy
of key) (“Her kan du skifte dit personlige kodeord som du
benytter til at logge på eller underskrive en transaktion.
Bemærk: ...”)
Buttons: “Change password” and “Save key” (“Skift
kodeord” and “Gem nøgle”)
4 Pop-up message: “Change password” (“Skift kodeord”)
Text: “Agreement number XXXXXX” (“Aftale nummer
XXXXXX”)
Fields: “Present password”, “New password”, “Confirm
password” (“Nuværende kodeord”, “Nyt kodeord”,
“Bekræft kodeord”)
Button: “OK” and “Cancel” (“OK” and “Annuller”)
4 Pop-up message: “The password has to be min. 8 and max.
16 characters” (“Kodeordet skal være min. 8 og højst 16
tegn”)
Fill in present
password
Having to remember present password increases
user's memory load
Fill in new 7
character
password:
aaaaaaa
Click “OK”
Click “OK”
Delete the old
versions of new
password
Having to remember present password increases
user's memory load
XXXXXX”)
Re-type new 8
character
password:
aaaaaaaa
Button: “OK” and ”Cancel” (“OK” and “Annuller”)
Click “OK”
4 Pop-up message: “Information” (“Information”)
Text: “Danske Bank has updated your key. You should soon
save a security copy. Do you wish to save a copy now?
(“Danske Bank har opdateret din nøgle. Du bør derfor
snarest tage en sikkerhedskopi. Ønsker du at tag en
sikkerhedskopi nu?”)
Buttons: “Yes” and “No”.
XXXXXX”)
Button: “OK” and “Cancel” (“OK” and “Annuller”)
Click “No”
Poor feedback and lack of consistency: The user
has clicked ”Change password” and is informed that
the key has been changed
Examples:
Illustration 45 Screen dump of page 4. The system instructs the user in
creating a 8-16 character non-sense password.
Illustration 46 Screen dump of pop-up message on
page 4. (Translation: “Danske bank has updated your
key. You should save a copy. Do you wish to save a
cop now? Yes/No”)
Illustration 47 Screen dump of pop-up message on page 4. This message pops
up when the user clicks F1 in the 2nd field of pop-up message “Change
password” (“Skift kodeord”) on page 4. The message says: “The new
password must be min. 8 and max. 16 characters. You can use letters, digits,
special characters and combination of these. Note that the system is case
sensitive. The password must be used with every log on”. This help is indeed a
more thorough explanation of the advise offered at page 4 and one wonders
why the user is not offered this help instantly.
1. It is not absolutely clear which part of the information about the protocol is concrete system
requirements and which is just plain good advise. According to the sequence above the only real
requirement is the one concerning the length of the password. This fact is more clearly
explained in the help message of the pop-up message “Change password” (“Skift kodeord”)
(see screen dump above).
Nordea
Protocol:
Nordea informs that passwords must be 8-32 characters, both letters and digits. The system is not
case sensitive and accepts space but neither special characters such as full stop or the Danish
letters æ, ø and å.
Intent:
To change the password used for the account in Nordea (7.8.2003).
Steps and actions:
Pp
User actions
Menu holds 10 links including “Security”
(“Sikkerhed”)
1 Scroll menu unfolds.
Click “Change personal password”
Menu holds 5 links including “Change personal
password” (“Skift personligt kodeord”)
2 Title: “Change personal password” (“Skift personligt Fill in present password
kodeord”)
Fill in new password: aaaaaaa (7
Fields: “Fill in personal password”, “Fill in new
x a)
personal password”, “Repeat new personal
Click “Send”
password” (“Indtast personligt kodeord”, “Indatst
nyt personligt kodeord”, “Gentag nyt personligt
kodeord”)
The term “Send” on one of the buttons may
not be a logical label.
The user has to remember his password
which increases memory load
Buttons: “Send” and “Cancel” (“Send” and
“Annuller”)
Link: “How to make a strong personal password”
(“Sådan her laver du et godt personligt kodeord”)
2 Additional remark upon page 2:
Error message situated below the fields in question:
“Personal password must be at least 8 characters”
(“Personligt kodeord skal være mindst 8 tegn”)
(All fields have been erased)
Fill in present password
Fill in new password: aaaaaaaa (8
x a)
There is no need to delete all the content of
all the fields
The error message simply states the problem
Click “Send”
Error message situated below the fields in question: Fill in present password
“The personal password does not fulfill the protocol”
Fill in new password: hundhund
(“Kodeordet lever ikke op til bankens regelsæt”)
Poor error message – no explanation of how
to mend this error
all the fields
Click “Send”
Fill in new password: 123456789
to mend this error
all the fields
Click “Send”
Fill in new password: hundeflojte
to mend this error
all the fields
Click “Send”
2 Pop-up message: (warning sign ) “Personal password Click “OK”
was changed” (“Personligt kodeord blev ændret”)
No notice of confirmation should hold a
warning sign
2 Title: “Change personal password” (“Skift personligt
kodeord”)
Fields: “Fill in personal password”, “Fill in new
personal password”, “Repeat new personal
password” (“Indtast personligt kodeord”, “Indatst
nyt personligt kodeord”, “Gentag nyt personligt
kodeord”)
Buttons: “Send” and “Cancel” (“Send” and
“Annuller”)
Link: “How to make a strong personal password”
(“Sådan her laver du et godt personligt kodeord”)
Examples:
Illustration 48 Screen dump from link: “How to create a strong
personal password” (“Sådan laver du et godt personligt kodeord”)
on page 2. Nordea provides a thorough information about both
strong and weak passwords.
1. Additional usability comments:
2. Though Nordea actually does provide a thorough information about both strong and weak
passwords it seems to be a problem that this information is optional to the user. The information
about passwords include important information about the system's protocol which every user
should know about. The only way the user can get an explanation of the error message on for
instance page 2 is if he examines the information about system's protocol. Thus the systems
does not provide the user with sufficiently help.
3. Throughout the entire dialogue the system uses the phrase “Send” in stead of the more common
“OK”. This is an unfortunate divergence from a consistent terminology upon which most
systems seems to agree.
Jyske bank
It is not possible to change the password issued by Jyske Bank. The user has to remember a premade 9 character password (letters and digits). This puts quite a lot of pressure on mental memory
load.
With regard to the nature of error messages that we wished to examine the investigation shows that
error messages often occur with a blinking red warning sign on the screen. This may to some users
imply system breakdown or fatal errors.
Examples:
Illustration 49 This screen dump from Jyske Netbank shows an example of the
blinking red warning sign.
Skandiabanken
Protocol:
The system states that it requires a password of 8-16 characters both letters (but the Danish æ,ø
and å) and digits.
Intent:
To change the existing password (30.7.2003).
Steps and actions:
Pp
Left menu includes the button “User functions”
(“Brugerfunktioner”)
User
actions
Click“User
functions”
1 Scroll menu unfolds into 4 buttons including “Change
signature” (“Skift underskriftskode” )
Click “Change
signature”
Click “OK”
2 Title: “Change signature” (“Skift underskriftskode”)
Fill in fields
“User functions” is not sufficiently clear to describe to
button
Not user's language
Fields: “Present signature code”, “New signature code”,
“Repeat signature code” and “Signature file” (show the
default path) (“Nuværende underskriftskode”, “Ny
underskriftskode”, “Genindtast underskriftskode”,
“Underskriftsfil)
No examples and no help to create a strong password or
explaining the importance of a password
New password
consists of 6
Possibility to reverse actions could be improved
random characters
both letters and
digits
Click “OK”
3 Title: “Error message” (“Fejlmeddelelse”)
Click “OK”
Text: “New signature code must be 8-16 characters” (“Ny
underskriftkode skal være på 8-16 tegn”)
“Underskriftsfil)
3 Title: “Error message” (“Fejlmeddelelse”)
Fill in fields. New No examples and no help to create a strong password or
password
consisting of 8
random letters
Click “OK”
Click “OK”
Text: “New signature code must include both letters and
digits” (“Ny underskriftkode skal indeholde både
bogstaver og tal”)
“Underskriftsfil)
Text: “The signature file has been changed”
(“Underskriftskoden er nu ændret”)
Examples:
Fill in fields. New No examples and no help to create a strong password or
password:
1aaaaaaa
Click “OK”
Illustration 50 Screen dump of page 2. This page provides some information about the
consequences of changing a password.
1. Possibilities of exits and reversal of actions are provided solely by the browser.
Sydbank
Protocol:
Sydbank informs that passwords have to be min. 8 characters long.
Intent:
To change the password accessing the account at Sydbank (5.7.2003)
Steps and actions:
Pp
User actions
The term and label “Security” may not be
sufficiently clear
Fill in old password
Lacks information about password requirements or
how to create strong passwords
7 links including “Security” (“Sikkerhed”)
Text: (excerpt) “You are logged on using a certificate
solution...” (“Du er logget på med en certifikatløsning...”)
Fill in new password:
aaaaaaa (7 x a)
Separate information box: “Change of password”
(“Ændring af kodeord”)
Click OK
Fields: “Old password”, “New password”, “Confirm new
password” (“Gammelt kodeord”, “Nyt kodeord”,
“Bekræft nyt kodeord”)
2 New text appears on top of the information box in
question:
“The new password must be at least 8 characters long”
(“Det nye kodeord skal være mindst 8 karakterer langt”)
Clear the previous
typed “New
password”
Re-type “New
password”: aaaaaaaa
(8 x a)
Click “OK”
Click “Yes”
Not the user's language
question:
“The system is carrying out the desired changes. Please
wait...” (“Systemet er nu ved at foretage de ønskede
ændringer. Vent et øjeblik...”)
question:
“The password has been changed” (“Kodeordet er
ændret”)
Text: (excerpt) “You are logged on using a certificate
solution...” (“Du er logget på med en certifikatløsning...”)
Separate information box: “Change of password”
(“Ændring af kodeord”)
Fields: “Old password”, “New password”, “Confirm new
password” (“Gammelt kodeord”, “Nyt kodeord”,
“Bekræft nyt kodeord”)
No user action
needed. The window
closes automatically
in 1 sec.
The feedback could be improved. The change in
text is not necessarily clear to the user
Click “OK”
The feedback could be improved. The change in
text is not necessarily clear to the user
There seems to no need for the “OK” button, which
complicates the dialogue unnecessarily
Examples:
Illustration 51 Screen dump of page 2. To change the password the user has to
fill in the top box on the right.
Illustration 52 Screen dump from the help offered at page 2. No information
about how to create strong passwords are offered.
1. In between the many changes in the header of the information box on page 2 the page flicks as
if changing. This is quite confusing to the user since there is hardly any noticeable change on
the page before and after such a flick. This is a poor system feedback, which eventually results
in a poor sense of internal locus of control.
Basisbank
Protocol:
The system informs that passwords need to be 8-12 characters long, and contain both letters (A-Z)
and digits (1-9).
Intent:
To change the password used to access Basisbank (4.7.2003).
Steps and actions:
Pp
Menus: “Deposit”, “Payments/transfer”, “Credit & loan”, “Basis
invest”, “Your dialogue with us”, “Basisbank service”
(“Indlån”, “Betalinger/overførsler”, “Kredit & Udlån”,
“Basisinvest”, “Din dialog med os”, “Basis bankservice”)
User actions Breakdowns ( ) or small problems
Click “Basisbank
service”
1 Scroll menu unfolds. 12 links including “Change password”
(“Skift underskriftskode”)
Click “Change
password”
2 Title: “Change password” (“Skift underskriftskode”)
Fill in present
password
Fields: “Present password”, “New password”, “Repeat new
password” (”Nuværende underskriftskode”, “Ny
underskriftskode”, “Gentag ny underskriftskode”)
Not sufficient help. The label is not clear in
it's terminology
The system does not provide sufficient help
The user has to remember his passwords
Fill in new passwords which increase memory load
consisting of 7
characters (6 letters
and 1 digit)
Click “OK”
2 Pop-up message: “The password has to be more than 7
characters. Please correct” (“Underskriftskoden skal være mere
end 7 tegn lang. Ret venligst”)
Click “OK”
2 Title: “Change password” (“Skift underskriftskode”)
Fields: “Present password”, “New password”, “Repeat new
password” (”Nuværende underskriftskode”, “Ny
underskriftskode”, “Gentag ny underskriftskode”)
Fill in new password: No error protection – the fields can hold 19
aaaaaaaaaaaaaaaaa characters in spite the system informs that
aa (19 x a)
max.12 are accepted
Click “OK”
3 Title: “Message: Your password has been changed”
(“Meddelselse: Din underskriftskode er nu blevet ændret”)
Button: “Back” (“Tilbage”)
Examples:
Illustration 53 Screen dump of pop-up error message on
page 2.
No further comments.
Lack of consistency between what input the
system tells it requires and what it in fact
does accept
References
Nielsen, J., Molich; R., 1990. Heuristic evaluation of user interfaces. In: Proceedings of the ACM CHI ‘90
Conference on Human Factors in Computing systems, ACM Press, New York, pp. 249-256.
Shneiderman, B., 1998. Designing the User Interface: Strategies for Effective Human-Computer Interaction, Third
Edition, Addison Wesley, Reading, MA.

Usable Security and E-Banking: Ease of Use vis-à

Transcription

Similar documents

Clik here to open the Sterkinekor Moviestop: Membership Card Guide

Fifth Grade Textbooks - Duneland School Corporation

DVU Log-in Credentials

Teacher Pages

4. Select the “My Lexile Range” drop down. Now, click search. 2

PDRMA Online Training Program Getting Started Guide for Students

New to Neat Repeatz? Get Started in 2 Easy Steps!

Laxmi Khattri [email protected]

Security Password Form

North Olmsted City Schools Outlook Web App This is the WEBMAIL