The phone company needs a password whenever I want to look at my bill.
I enrolled into the phone company’s “paperless billing” system more than a year ago. Before, the “paper” bills were arriving late such that when I received them, they were already past the due date. With paperless billing, the phone company notifies me via email and SMS that the bills are ready for viewing (although the email arrives a few days after the bill date or when the bill had already been posted on the website).
To view my bills, I have to log on with a user name and password and select the bills I want to see and save.
It was simple as all I had to do was click on the bills I want to download. But now, the phone company added a step in which I had to enter a 10-digit password for every bill.
It turns out that the password is the 10-digit account number of the phone number which is displayed on the website menu. So, what’s the logic of having to enter a password which is the same as the account number, in which anyone can see it?
I’m already securely logged on and I still have to type a password that’s already displayed on my bill. There’s no reason for it other than adding another layer of secrecy which doesn’t make sense. Is the phone company afraid that someone else will maliciously pay my bills? (I won’t mind).
Some corporations go overboard when it comes to cyber-security. They encourage people to enrol into their websites but at the same time make it hard to get in. It’s as if there were two people at the doors of company websites: one who merrily welcomes you and a grouchy gatekeeper who wants to throw you out.
I can understand the need for security given the number of high-profile hacks one sees in the news. But does the phone company want me to get my bill or not?
Corporations also try to save money when it comes to website access.
A large bank in the Philippines has a website which allows clients to pay taxes online to the government’s Bureau of Internal Revenue (BIR). The only problem: the bank’s BIR portal closes at 5pm and opens again the next morning, and it is only accessible Mondays to Fridays. I can’t pay my taxes at night or on weekends. The bank advertises that its site is open 24 hours a day, 7 days a week, 365 days a year; it just didn’t say that you can’t use it to pay one’s taxes after office hours.
The bank probably is trying to save money by turning off the portal’s server after daylight hours and on weekends. Clients just have to schedule their tax payments during working hours in sync with the bank’s. Meanwhile, its competitors don’t have such limits. One can pay anytime any day on other banks’ portals. One wonders if and when clients will migrate to other banks to pay their taxes. I already warn friends and peers from opening accounts with this bank because of this quirky online limitation.
One can understand the need to save money but should one do it at the expense of convenience of clients? Especially if clients will migrate to the competition to avail of better services?
I don’t believe it entails so much cost to make a website more convenient for clients. At the same time, I think websites can still be compliant to data privacy and security standards.
The following are some areas which I (a layman in information technology) propose companies focus on to make their Internet sites user-friendly and convenient:
- User Interface
A mobile phone company has a website in which the log-in menu is located on a very small corner on the screen. If one has bad eyesight (like me), one won’t be able to see it. It took me eternity to find it the first time I was logging in. I eventually found it after scouring every pixel of my computer screen.
User interfaces are what are displayed on a website for users (you and I) to interact with. It’s supposed to provide ease of access, that is, easy to see, understand, and navigate. Making it hard for users to even see where to click defeats the purpose of a user-friendly interface.
- Accessibility Anytime
It’s not only keeping a web portal open nights and weekends. It’s also avoiding the unscheduled and scheduled downtimes at the times when clients need them most. Some banks schedule “maintenance” of websites on weekends and holidays. As much as I understand the value of maintenance, I suspect some banks use the pretext of “maintenance” on holidays and weekends so they don’t have to pay people to be on duty to watch their systems. It’s convenient for them but inconvenient for some clients and goes against the intent of an online website: 24/7 availability, 365 days a year.
- Availability on Any Platform
Many banks and companies offer access to their sites via personal computers, mobile phones, and tablets. They also make sure the sites can be accessed on any of the three (3) most popular operating systems, i.e., Apple’s iOS, Alphabet’s (Google) Android, and Microsoft’s Windows.
A few companies, however, spoil the convenience by designing their web portals for mobile phones the same way they do for desktop computers. For example, a mobile phone company (the same one that has a lousy user interface descried above) re-routes users to desktop-designed websites. If one is using a mobile phone, this can be a hassle as one has to go to a web browser made for a desktop computer and squint at the tiny words and letters not designed for a cell-phone.
A very large bank, on the other hand, customised online websites for mobile phones, tablets, and personal computers respectively. Displays and buttons are designed exclusively for whatever device and platform. I’ve moved more of my hard-earned money to this bank because of the convenience of access.
- Security That Would Let Us In, Not Keep Us Out
Of course, security is important to us. Of course, we don’t want our data hacked and displayed for all the world to see. But can’t companies have websites where we don’t have to spend 80% of our time entering passwords in letters, numbers, & symbols, wait for an SMS confirmation which sometimes never comes, declare we’re not robots by encoding undecipherable curved letters, and having to enter new passwords to read our own bills? Can’t companies welcome clients without treating them as presumed-guilty-until-proven-innocent criminals?
We as customers or clients want to be served with convenience and with the assurance our transactions will be secure. But sometimes, enterprises do too much for security or try to save on cost by sacrificing convenience.
They forget that whom they try to protect or the costs they want to save can backfire on the clients, who are the people who’re providing their business in the first place.
I don’t believe it requires rocket science to tweak web pages to have friendly user-interfaces, wide availability, anytime access, and reasonable security. A little understanding for clients can go a long way in serving them even via a virtual online website.
Ellery's Essays 