Subject Re: comments on eduID
From Nicole Harris <n.harris@xxxxxxxxxx>
Date Wed, 21 Oct 2009 10:48:27 +0200

I'm afraid I have to disagree.  I don't think we need to do any more testing to tell us the very simple fact - users are confused, and just want one thing to click on that they can identifty.  I think we could spend a lot of money doing a lot more testing in a lot more countries and arrive at exactly the same conclusion, whilst not actually tackling the problem and disengaging users in the meantime by 'researching' and not improving.  I really think we are at point where we need to do something now, or lose our users whilst we discuss the problem.

J.Paschoud@xxxxxxxxx wrote:
Bob makes several important points that we need to think about
carefully, particularly:
Since we're from academia, we might say:  we don't care, as 
long as our users are served.  For many SPs, that may work.  
But it is my strong feeling that as we go forward many SPs 
will not want to lock themselves in to a federation approach 
that is sector-specific.  And when I say "lock in", I mean 
it:  once eduID is on lots of sites and millions of users 
have been trained to click on it, it will be around more or 
less forever.  SPs serving many communities, making a 
commitment to federated access, will want to use an approach 
that can work for their whole user base, not one that is 
intentionally, and irrevocably, limited to only one part of it.

In the UK we know how difficult it's been to dislodge the end-user
perception that some massive database service called "Athens" (or 'in
Athens' in the minds of some users?) had some kind of monopoly
arrangement to host almost all online resources of interest to
academics.  We don't want to be doing that again, in a few years time!

I'm for a single (therefore global) recognisable branding for the sort
of AM process we want users and services to converge on  - if only as a
tangible demonstration of that convergence.  But, like Bob, I'm worried
about us locking-in a perception that this is "only for education".

I don't think I've digested all of Bob's positive suggestions yet, but:
(b) Take a publisher's user-confusing "login technology page" 
(oy) and redesign it around the idea that federation will be 
the main way to login going forward.  See if this can be done 
without attaching a name to the federation choice.  Try it 
out on users.  If successful use the before/after to show 
publishers the way.

(c) Use a modern UI toolkit to do an attractive dynamic 
search box for finding an IdP.  Do user studies, do cool 
demos, give away the code.

(d) Try out some options for the label on the dynamic search 
box.  As a starting point let me suggest the venerable:

   Where are you from?

...highlights that the JISC Publisher Interface Study, whilst making
significant progress, did *not* include enough actual testing with
end-users; nor with a wide enough spectrum of end-users (ones
unconnected with UK academia for example) to be a sound basis for
deciding on a global standard identity.

End-user testing of FAM is hard enough.  It's not something users want
to do (it's generally an obstacle to what they really want to do).  We
scratched the surface in Project FLAME, concluding that "users did not
understand what was going on".  We've just proposed further work to the
JISC AIM Call in a project called Devolved Access Management Usability
(*not* to be acronymised to anything reading as "DAMn Users!"  -
obviously ;->).  

But this requires something on a seriously larger scale (i.e. done in a
way that would be economic across several countries) and REFeds is
probably the best place to start working out how that could be achieved
(Sorry I won't be at the meeting).

John Paschoud
Projects Manager & InfoSystems Engineer
LSE Library

Please access the attached hyperlink for an important electronic communications disclaimer: