When Usability Affects Business

#technology Today’s column is going to be unusual. There will be no business data being quoted, but anecdotes aimed to illustrate how in some cases technology has grown to be a hurdle rather than a simplification. Let me start with a question to the readers. Have you ever had a bad tech day? One of those days when nothing seems to work. The [[WiFi]] connection is lost, internet banking is down, and the 25th [[OTP]] of the day is not reaching your phone. Those type of days when technology seems to have gone on strike on us. I just had a few recently. Mostly because I relocated and I had many new services to activate. That gave me a picture on how intertwined and convoluted technology has become. Let me start from yesterday evening. I had an excellent meal in a Thai restaurant in my neighborhood. After I paid - effortlessly with [[Apple Pay]] and face recognition - I noticed a [[QR Code]] on the counter. It was the Google Reviews counter stand. I almost never leaved reviews unless I was asked. But in this case I decided to support the business by sharing a 5-star review. So I opened the QR Code scanner and that is when technology went on strike. No, not the scanner. That worked fine. Not event the internet connection. In a few seconds I was on already on the review page. Only when I clicked the 5th star the problems started. You see? To leave a review I need to be logged in as a user, right? Here is the first objection I have, frankly. I’m just praising a business, why do I need to authenticate? I hear you. It’s because otherwise anyone could praise its own business by tapping 5-star the whole day. Or worse, a competitor could tap 1-star to damage the reputation. I get it. But I have just completed a transaction and paid with a digital card, my transaction is already authenticated, if only Apple Pay could share the transaction details with Google Review. But no, they don’t communicate. Therefore it opens up the paradoxical scenario where I could leave a review on Google without proofing that I have ever dined at that establishment. Makes no business sense to me, but let’s play along for a minute. Google the asks me to choose which account I want to use to login. Given the nature of my job I keep multiple accounts. So I pick a personal one, just for this one restaurant review. But Google tells me that my session has been terminated and I need to re-authenticate. “It’s ok” I’m thinking. “This would only take a few seconds thanks to face recognition”. But first I’m asked to enter the password. So I open my password manager and pick the password for that account. But that’s not enough. Now Google wants to make sure it’s really me who wants to give a 5-star review. Not paying for the meal, which is could settle in a few seconds with face recognition. Google now prompts me to authenticate further with a 2-Factor Authentication (2FA). And so Google sends me a One-Time Password (OTP). Probably my 20 digits highly secure password that I entered through face recognition isn’t enough. Now I need to use a 6 digits password sent via SMS to my [[Content/References/Geography/Singapore]] number, that I don’t have with me because I’m in [[United Arab Emirates (UAE)]] and I’m using another SIM card. You can sense my frustration. So I abandoned the review for the Thai restaurant thus effectively damaging the business. This was the tip of the iceberg. Over the past few weeks I had to download countless apps and create countless account for pretty much anything I bought. New WiFi Router? Download the app, create an account, store it in the password manager. New digital padlock for my door? Same: new app, new account. I understand that new bank account and new insurance will need a new app and a new account, but - I kid you not - my new robot vacuum cleaner also asked for a new app and a new account. Some of these rabbit holes are so deep that are beyond my understanding. I bought a new television. To get it to work I needed to first login to my WiFi, which I just setup with a new username and password, then create a new account for the television manufacturer, then to watch YouTube I needed to triple authenticate with QR Code, password and OTP, and to watch the TV of the service provider I had - of course - to create an account and authenticate. I consider myself tech savvy and well versed with cyber security matters, but I can’t avoid to think that things are now worse than 10 years ago. Why so? Well, because there is no distinction between sensitive and trivial. I can spend thousands of dollars in 5 seconds just by looking at my phone through face recognition. But I have to triple authenticate to praise a restaurant or to vacuum clean my floor. I hope that tech visionaries smarter than me are now envisioning a future where all of this authentication needs are balanced around the risks associated with the security breach. But most importantly I’m concerned about the elderly. I’m sure that if my mother ever read this column she would have no clues on what I’m talking about.