User privacy security is a very important part of product design. We use a variety of apps every day, including financial, social and e-commerce apps. And these apps store important private information about us. Such as login password, deposit amount, identity information and so on. Therefore, today we summarize the practices and design points of some mainstream products in user privacy, which can give us some thoughts and help when we design user privacy information in the future.
User privacy security is very important, involving a lot of scope and Angle. Let’s start with user agreements and privacy.
I. User agreement and privacy protection
I vaguely remember that in the 2017 alipay annual bill, there was a page with a very small line under it: “I agree” sesame service user agreement “, and select state is selected, the default help users choose agree, which means that our default allowed to pay treasure to collect our information, including information saved in a third party, caused a great negative impact, then credit sesame apology said: yes, the original is just way wrong…
“User agreement”, as a form of contract, is a way for products to sign and authorize users. In principle, it has legal effect. The product provides “user agreement” to complete the user’s ** * “inform in advance” action, but the access to and use of user information, should strictly comply with the “Network Security Law”, so that users informed and agreed to **, can not be excessive collection, more can not abuse data. In our public cognition, there is no cause enough attention to this user agreement, it is generally believed that it has no legal basis, also won’t to know the next time we fulfil the obligations and responsibilities, if the user is not carefully read the user agreement, dispute is considered their own negligence, want rights is very troublesome.
So in terms of design, we want to:
- To remind users of important terms and contents in the User Agreement in bold, color, underline, etc., and fulfill the obligation of prompting and explaining.
- User protocol and privacy options, it is best to let the user click check, if the user forgot to check, click “Login” can use popup reminder check. Try not to check the user privacy protocol by default.
Second, password input to protect privacy
The password is the key for us to log in to various apps, and also the basis for our information and data protection. In this aspect of protection, various apps have different ways. No matter in the design technique, or system function.
1. Hide the password after the iOS screen capture
IOS has always attached great importance to user privacy, and the password filling in each APP is monitored by the screen recording and screenshot function. Apple can also detect and maintain confidentiality through its own technology. The saved pictures and videos will automatically hide the traces of password input, including encryption symbols and keyboard input characters. The following is the screenshot of JINGdong, Taobao, financial software and video software, the password column is hidden;
Bilibili’s voyeuristic eye coverings are more interesting in design. The eyes of the characters are open when the user enters the account, and are covered when the user enters the password, giving the user a feeling of trustworthiness.
2. Screen recording involves black screen processing of the password
Huawei mobile phone screen recording function in addition to the operation mode through a variety of channels to make the operation more convenient, in the functional details of the design also made great efforts. For example, when playing a recorded video, Huawei recording screen will block the page with black screen as long as it involves user privacy related pages such as password and unlock. Many users mistakenly think that there is a bug in recording screen, but it is actually the humanized design made by Huawei mobile phone to protect user data security.
3. Bank app- Custom keyboard
At present, almost all the number keypads of banking apps are customized. Why is this?
First, the CBRC requires banks to use encrypted keyboards when developing mobile products. Another is that because a scrambled keyboard prevents passwords from being recorded by something like a button logger, if the keyboard is scrambled every time for the user to enter, the password can be identified as useless random information. Three: prevent peeping. Password peepers usually sneak a peek at where we click on the screen, and memorizing the location gives them a better chance of getting our real password. But this custom out-of-order keyboard is actually not a very good user experience, when the user is in a hurry to pay, for this out-of-order keyboard really want to say dirty words.
I suddenly found that in addition to banking APP, why didn’t Internet financial app do disordered password processing? First, the CBRC or policies do not require Alipay or wechat (of course, the most basic security payment is very necessary); second, this kind of software with a large number of users will attach great importance to user experience in product development. Pay treasure and micro letter how to go up in password clavier, how to accomplish already safe and convenient?
- Technically safe;
- User experience design, so that users feel safe;
** Technical safety: ** remember an article that said: Alipay can help determine whether it is operated by myself through finger pressure, contact area, gravity change, continuous interval time, etc. Users’ mobile phone habits are also an important dimension of risk assessment. Everyone’s behavior has its own habits, such as walking posture, handwriting. Everyone touches the phone screen differently, and there are many sensors on the phone, so you can use finger pressure and other operations to help determine whether you are doing it.
** User experience design: ** wechat first transfer page, there is a small line of text, wechat safe payment, Alipay will have an environmental safety test, inform users can pay safely. In addition, the customized keyboard of CMB APP will have the text of China Merchants Bank safe payment, and some text prompts can also visually let users feel the sense of security.
3. Concealment and protection of asset amount
Financial app can hide and display the total assets of personal account by custom, so as to visually protect the assets from leakage. However, I think there are more designs to make breakthroughs in the part of asset hiding. For example, we do not show the location of total assets ****, but can use a short copy instead to increase the interest. For example, when hiding assets, it will show: empty?
Iv. Anonymous mode design
1. Anonymous evaluation on e-commerce and takeout platforms
Why is there a need for anonymous reviews? Improving service quality through real evaluation is the ultimate goal of the evaluation system, while the necessity of anonymous evaluation lies in reducing users’ concerns when commenting, increasing the objectivity of comments, and urging the evaluated people to improve themselves in all aspects.
This psychological appeal is easy to understand. Take three scenarios for example:
- Buy special items, share the use experience, do not want to be seen by acquaintances;
- Business services can also but not the product, want to give a low score but face can not pass, I hope the business do not know is their own review;
- The merchant’s service is particularly poor, but he is afraid of retaliation from the merchant after bad comments, so he chooses anonymous comments.
Because the buyer bad comments, by the merchant to send terrorist goods; Because take-out is too slow, riders spit on riders for giving bad comments; The list is endless; So the function of anonymous evaluation is derived; Protect user privacy, but is the anonymity we think is really anonymity? This is very debatable.
There are some differences in the design of anonymous service: I think the design of JINGdong is friendly to me. The default of jingdong is anonymous evaluation, and users can choose to cancel the selection if they want to use their real names. Ele. me and Taobao are publicly selected by default, and if users do not manually select or ignore this option, it may cause some bad experience for users.
2. Anonymous comments on Didi and Didi taxi platforms
In addition to automatic anonymous comments, Tick-Tok will delay the release of the contents of bad comments, so that users can avoid malicious harassment by drivers through the time difference.
3. Hide the user name and profile picture in the SCREENSHOT of QQ social software
After taking the screenshot, QQ users can choose to erase the user name and profile picture, reducing the operation of manually blurring the user name and profile picture twice. On the one hand, it protects the user’s privacy, and on the other hand, it is convenient for users to operate. As you can see in the picture below, this is a very ambiguous operation
Original address: yolkpie.net/2020/12/30/…