In 2019, the Internet Society found that two-thirds of people thought smart applications were “creepy” in the way they collect data, while a majority didn’t know how to make their devices more secure.
There is a gap in people’s understanding around how security features within smart applications work and the extent of risk users may face. The importance of this has amplified with the shift to remote work and now, more than ever, it is vital that users feel comfortable with, and have knowledge of, the security features within the technology they are using.
It is essential, therefore, that software providers offer secure platforms that can alleviate user concern. The challenge, however, is to ensure that this does not come at the expense of user experience (UX). We all understand how frustrating it can be entering multiple passwords and completing captcha questions, so while these features offer a more secure platform, multi-factor authentication security can compromise the experience of the end user. The challenge, therefore, is to find the happy compromise – where the operating system (OS) is both secure and easy to use.
More screen time resulting in increased concern
As the internet grew, the mantra for software providers became the desire to continuously create more compelling experiences, where people wanted to spend all of their time. UX design was increasingly seen as a means to achieving this, as platforms wanted to create intuitive experiences that felt easy, comfortable and natural. The ambition here was to create an application where people could spend endless periods of time and thus ensure users continued to log onto their applications, interact with connected devices and purchase additional subscription services.
Most importantly, effective UX ensures the user continues to come back, spending more time with each interaction. But as application availability and access expanded, so did our fears. It became understood that we are currently just making do with an inherently unsafe internet, with devices and platforms that are penetrable. When people see large-scale company hacks on the news, or government data breaches, it leads to a feeling that we are facing a losing battle.
Promoting both user experience and security together is often a point of tension within businesses themselves, as they are often seen as mutually-serving, and it may feel like security needs to come at the cost of good design. As understanding of security has grown, however, consumers are close to reaching a point where they will shun offerings that do not guarantee it. The answer to building consumer trust lies in finding the right OS – a common theme across hardware, applications, and software stacks.
The correct OS can alleviate security strains and help build user confidence without compromising UX. Through a combination of automation, design and community expertise, UX and security can become self-reinforcing, a feature that will allow both developers and users to unlock the next chapter of the internet and smart devices.
Security as a point of friction
One question that often bubbles up is “should UX focus more on security?” or “should UX be less about aesthetic and more about safety?“ In reality, these are probably not the right questions to ask. Security always has to be considered when thinking about online experiences, and so conceptualising UX and security as being at odds with each other – where one is always at the cost of the other – ignores the fact that a good experience is predicated on thoughtful security. To put it another way, a security breach would certainly have a negative impact on the users’ experience.
Instead, embedding security within the design and structure of the system is key. We must instead view them each as complementary halves of a unified whole. Hopefully, the day will come when devices and accounts are intuitive, to easily ward away malicious attackers – but until then, designers and developers have to create more effective and more intuitive security features. The best way to achieve this, then, is through collaboration.
Open Source as a Community
The beauty of open source in this context is that it is based on having many minds working at the same time. Developers can cherry pick which components of the operating system they wish to utilise at any given time and so, by running the likes of Ubuntu or Ubuntu Core on a particular device, they are using a system that has been worked on by many experienced developers in its conception.
The dispersion of components and complexity of infrastructure thus makes it harder for hackers to breach security networks on open source systems, because they are not centralised in the way other providers own their systems, for example. This increases the challenge for hackers and malicious attackers, and enables security to be a fundamental aspect of the UX. It works best when insights are informed by the crowd sourcing of multiple projects and perspectives into one platform.
Rather than dictating everything, open source is a community-based project and Canonical helps as the guardian of that. While it is vital to have the right technology, including rollback functionality and containerised software, it is also vital to foster and support the community around this. The community does not need to view user experience and security as separate binaries, but rather it plays into both.
About the Author
Tom Canning is VP of IoT at Canonical. Canonical develop Ubuntu, the world’s most popular enterprise Linux from cloud to edge, together with a passionate global community of 200,000 contributors. Ubuntu means ‘humanity to others’. We chose it because it embodies the generosity at the heart of open source, the new normal for platforms and innovation.
Featured image: ©poungsaed_eco