Blog Team Design Prototypes Why Continuous Authentication
Concept Prototypes Research Questions Methodology Findings

Lemonade Stand

Concept

Since the digital avatar and web store examples were more digitally focused, we wanted to interrogate the physical store and consumers level of comfort while having their face "scanned" or video recorded during check out in person. We knew we couldn't get authentic reactions from people just by showing them a storyboard, so we had to approximate the payment experience. We created a Lemonade Stand that people could walk up to and act out paying. A simple lemonade stand along a busy road was the quickest (and most fun) way to prototype a brick-and-mortar payment experience.

The prototype we developed used a tablet POS system as the format, and we developed UI elements continuing with our fictitious 'Mastercard Instant Checkout' branding to elicit trust. While we provided free lemonade, we asked 'shoppers' (anyone willing to talk to us on the street) to go through the payment process on the tablet. Once they selected "One glass of lemonade" from the menu there were three variations that we tested that users experienced:


Prototypes

1. Live video feed - Successful authentication

Users see their face being recorded through live video on the merchant POS (an iPad tablet), and a confirmation animation plays letting the customer know that the payment was successful.



2. Live video feed - Failed authentication with phone push notification

Users see the same video recording but experience the failed state, where the trust score shows up low (~70%). We would then hand them a phone (they pretended it was their phone) that got a notification with a 4 digit passcode they had to enter on the merchant POS.



3. Live video feed on the customer's phone

Users received a notification on the phone we provided to enable facial capture. The front camera would turn on, and the user would see a similar animation to Option 1, confirming the user's authenticity. The hypothesis with this method is that people may be more comfortable.


Research Questions

  • How do people actually feel about their face being recorded in a physical store?
  • What should the recovery experience be at a physical POS?

Methodology

Numbers of Users:
90 minute user interviews (X number of people)
Guerrilla research (18 passerbys asked on the street for feedback)


Findings

Both methods provided some great findings from this prototype. Most people (8/13) has negative reactions to being video'd without their consent at the point of sale. Version 3, where it was recorded on their own phone, did assuage these discomforts. Many people seemed resigned and willing to provide their facial data to authenticate themselves if it becomes the new paradigm ("if I see other people doing it, I'll do it too"). Overall, it seems like video recording could work for customers that opt-in, and feel added value in the form of ease or time-savings from the get-go.

01.People feel uncomfortable using their facial data to pay

Out of 14 passerby asked on the street: 8 had negative reactions, 6 had positive reactions

02.People feel more comfortable when facial data is captured on their own device, not a merchant's POS system due to having a sense of control over the data collection.

"If this was on my own device it would have been better"

"There's a degree of control, gives me a little more comfort"

03.Data gathering without opting in is uncomfortable.

"This feels like something's wrong. This is so in my face."

04.Falling back to an existing authentication method is comforting to users, and enhances the experience as it reinforces their current mental model

"It's reassuring if it (SMS 2FA) happens once in a while…."

05.If a bad actor has access to one factor, they may have access to more

"If the trust score was very very low, I wouldn't want the 2nd factor to go through."

06.Growing acceptance or indifference with data collection

"It's just facial recognition… Easier than Apple Pay."

07.An extremely convenient experience will overcome user discomfort

"It's a little creepy but I'd use it. I forget my wallet all the time…"

08.Despite discomfort with facial data being captured, a live video feed was preferred to an animated avatar

"I think it's more secure to actually see myself instead of an animated avatar…"

"It's cute but I don't trust it."

09.Social factors encourage adoption

"If that was just the normal way people would pay at this place, I wouldn't feel weird using it".

10.People are ok with providing facial data as long as we are satisfying a need.

"It's a little creepy but I'd use it. I forget my wallet all the time…"

"It's just facial recognition… Easier than Apple Pay."

11.On capturing facial data on phone

"There's a degree of control, gives me a little more comfort"