Today we had a really interesting debate within the project about sign-on and identity and about whether we needed to build ‘all that stuff’ into our prototype experiences.
It is, of course, a bit complicated. Ideally we’d have a great simple-to-use single-sign-on process that was secure, complete and scalable. But we are a bit nervous of the overhead that might put on the development teams. This stuff is largely “done”, repeating it looks like an engineering job, not research.
As the debated continued and I listened and learned; I realised the question has got layers. When signing on, am I a person, or a household? Am I known or am I anonymous? How does signing on work if I have an experience that depends on me using both a shared device and a personal device? And what am I prepared to do, signing-on-wise, if I am accessing a service in a public space like a pub? What kind of sign-on makes sense if I am joining a video chat session with friends vs joining a session in a pub? What if I wanted to place a bet?
The correct solution is not always obvious, but faced with a stupid log-in process we all recognise it and, from experience, I know it can make me abandon a purchase or a transaction.
Fortunately this is a research project and one of the work packages we have defined is intended to look into issues like this. So we were able to close our debate in violent agreement. We agreed that our platform should be prepared as if it is to be adopted as a real services beyond the project. This means that security and single-sign-on issues must be considered and that solutions for these issues must be defined. It does not mean all these capabilities will necessarily be built and instantiated.
We also agreed that, to define appropriate sign-on capabilities, we would carry out work in our User Interaction Design work package to explore what the ‘right’ sign on procedure might be for each of the different situations described in the storyboards for our prototype scenarios.
We didn’t resolve all the questions the debate created, but I was reassured that the project does have the structure to answer the questions.