Yesterday, I was trying to order a mug from Shutterfly app since it was free for a day. Just like every person, I forgot the password for my Shutterfly account since it has been a while I tried to log into it. Quite obviously, I had to do the ‘forgot/reset password’ process in order to use Shutterfly. What was more surprising to me was that they didn’t have a login with Google/Facebook, which I usually use to avoid what just happened. Anyhow, I log-in and try to customize the mug, then in the checkout process, I am asked for my credit card with no ‘scan your card’ option and no Pay. Ok, before I begin, I must say that I am aware that I am just giving one app as an evidence for what I am about to say. I have repeatedly experienced a lot of things similar to this one, that I am going to mention as I write.
Consider the bigger picture of my smartphone. Whenever I browse on my Mac, safari keychain remembers my password for most websites, like it remembers for Shutterfly. Similarly, my iPhone’s Safari knows my password for most websites I visit. All I am saying is why, in the world, can’t my Shutterfly app access those credentials. Since my iPhone already knows that whenever there is a URL like ‘https://shutterfly.com/……’ it should open the app instead of safari, it should be able to auto-fill my credentials. A similar situation happens with credit card information. The only reason I am stopping myself from buying password management solutions is because it won’t help in the case of my ‘smart’–phone. I cannot use the keychain–suggested password for my iTunes account because I have to fill it every time I buy an app as the iPhone would not accept my fingerprint for I just restarted it.
Let me just say, it’s the technology that is stopping me from having secure passwords because I need to have a password that my little brain can remember. I am not saying that it is not helping me at all. One password has this API that developers can integrate into the apps and I appreciate One Password (and other similar services) to be platform independent. But it’s up to the developers to integrate it, but out of about 2 million apps on AppStore only a countable number is doing that. I won’t totally blame it onto app developers, the users are also diverse. It’s impossible to build software that satisfies everyone. Some people are using One Password, some Last Pass and yet some more Dashlane. So why have we as a designers/developers not solved this problem, I think Apple and Google should make room for password managing extensions into their OSes. The technology exists and we all know that. I would like to implement something like this as a third-party, if someone has any ideas I am willing to discuss and build it if we can.
I would like to know why apps just don’t care about permission flexibility provided by Facebook login. Yes, I am referring to the ‘Edit the info you provide’ button when we log–in with Facebook into another service. I already have a lot of newsletters floating around in my inbox that I swipe to trash without even opening them. I don’t want to share my email address with more services but whenever I ‘edit the info I provide’ the apps just give me an error saying they need my email address, friend lists or likes etc. to proceed. I have never even once experienced the signup going through if I edit the permissions. I feel instead of giving control to the user on their own data in today’s world we are taking away that from them. I am totally approaching the problem from a user experience problem viewpoint. We need to understand that users pay us for experiences, they might pay us only as the time they devote to our app/platform/service/etc, but we need to appreciate that. As we go into the future with the technology, we need to embrace whatever we have. Before we create something revolutionary we should completely leverage the opportunities that our current technology provides into our ‘designs’(if I may use the word). As Jack Dorsey says, we are born with everything we need. I think all we build these days is for the ‘wants’ of people rather that ‘needs’. I know having information about ‘likes of the user’ might let you do something great for the user, but let the user decide they might not want it.