I just logged into my ING Direct bank account and noticed a potentially frustrating hurdle on the way: the “Secret Question”. On this particular visit, here's the “Secret Question” I was asked:
Obviously, I'm not going to reveal the answer to my security question in this blog post. So let's just pretend I had originally entered another of my favorite movies, “The Miracle of Morgan's Creek”.
Upon login, if were enter “Miracle of Morgan's Creek”, I'd get an error message… because I left out “The”. If I'm lucky, I'll quickly realize what my “mistake” was and correct it. But it's easy to image someone getting very confused, not realizing where he'd made his mistake… or whether he'd entered the wrong movie. After all, some of us have lots of favorite movies.
On some visits, I'm asked where I was born:
Again, I can imagine problems. I could answer this question in numerous ways, including:
Yet another ING Direct security question that can be problematic is “What street did you grow up on?”
I moved around quite a bit as a kid; I “grew up” on several different streets. So we'll just assume we're talking about the first address I lived at, Brunner Drive. But even if I get that right, there's lots of room for stumbles: I have to remember whether I entered:
What we really should be testing is whether visitors can answer the question (which is easy, if they know the answer). We shouldn't be testing whether they happen to remember precisely how they formatted their answers. This can be hard, even if they do know the answer!
Some will argue that we should test whether users remember how they formatted their answers, just as we do with passwords. After all, it increases security. However, I'd argue that the usability issues this creates are just too great. Better to ask two easy-to-answer questions, than one ridiculously picky one!
There may be no perfect, fool-proof solution. But I think we can list some best practices that minimize visitor errors, while still ensuring security. I'd suggest the following guidelines, for starters:
These are just off the top of my head. If anyone has any further suggestions, please feel free to add them.
As consumers become increasingly digitally savvy, and more and more brand touchpoints take place online,…
Marketers are on a constant journey to optimize the efficiency of paid search advertising. In…
Unassigned traffic in Google Analytics 4 (GA4) can be frustrating for data analysts to deal…
This website uses cookies.