Two's a Queue

Retail, eCommerce, usability, customer experience, service, technology...

Wednesday, 30 May 2012

An Idiot's Guide to eCommerce Payments

It never fails to surprise me that despite it being the most critical part of any ecommerce transaction so few people within the industry really understand ecommerce payments. Yes it's true that the payment industry is extremely fragmented and notoriously disconnected - every bank has it's own way of doing things, every contract a loophole and every card scheme a set of different rules - but this is slowly beginning to change and to be quite honest in most cases ecommerce payment is the same and relatively unchanged across models. Even if you don't understand the concepts as a whole you should understand them in relation to your own business, if you don't then start, because this is in my opinion the key part of being a retailer online. If people can't pay you don't get profit- need I spell it out for you any more? (Plus card schemes fines are preeeeeettttttyyyyyyy large so you'll want to make sure all those profits aren't eaten up).

Hugest apologies if this is teaching anyone to suck eggs, but I still hear scary terminology banded around like 'ghosting' (on the list of least favourite words of all time), incorrect information being told to customers and a general lack of understanding about what things mean. I'm not a payment expert by any means and I've learned many of these things by trial and error so don't take my definitions and comments as gospel - these are merely the things I think I've managed to pick up along the way and have worked for me. The idiot in the title (as always) is me by the way....

Let's start at the beginning of the customer payment. Seems as good a place as any to start.

Card details - probably one of the most sensitive pieces of data in your business, and the one customers least like to part with. As an online business you should be aware that you cannot under any circumstances store full customer card details - your PSP must do this on your behalf (they're like Level Ninja PCI Compliant, they have 6 ft thick walls and 24 hr security in their data centres, needless to say your average retailer -  not so much) . That means both in your database, on spreadsheets, in your customer service ticketing system or in fact on a post it note on your desk. That way goes pain and destruction my friend.

CVV/CV2 - People call it by both terms, for customers on the front end I prefer "Card Security Code" as it's easiest to understand but they're all the same thing. It's the three digits on the back of your card (or four on the front just to be confusing thanks Amex). It was introduced to add additional security - in theory to prove you had the card in your possession at the time of the transaction - in reality by and large these digits are utterly worthless once you've entered them once as they're now no longer secret. However this is a mandatory check you must do when authorising with the major card schemes (I'm mainly refering to Visa, Mastercards, Maestro and Amex when I talk about card schemes here, there's various others..Diners etc who may be different). Failure to do so can result in investigation and ultimate dismissal from the scheme (though only if you had a whole pile of chargebacks to be honest but if you did, and you didn't check CV2 - well I'd think you were the idiot). Now where this gets confusing is that some types of payment don't require CV2 checking.....ah told you this was fun. So mandatory - but also not :-)

PCI compliance - oh the joys of my world. As the resident PCI person in our business I get the fun job of trying to understand PCI compliance. If I was to give you any advice it would be this 1)  Don't leave it all for tech - it's business process as well 2) Keep on eye on the standards and not just the self cert questionnaire - it's a bit 'don't ask don't tell' on that questionnaire so I'd always go over the top and implement as much of the standards as you can 3) Watch your transaction levels - Amex have a much lower jump between levels of compliance than Visa and Mastercard, it's easy to hit Level 2 with not much effort for Amex. Remember also that PCI compliant refers to the certification part - just doing things right doesn't make you PCI compliant you have to be checked (by a trained PCI auditor in Level 1 or by self cert at other levels - this has just recently changed so that you must have someone who is trained in your organisation or hire a consultant to do it for you for some of the levels - check which one you are). Normally it takes a yearly full check and quarterly scans to stay compliant.

AVS - Address verification is a simple form of security online, and it merely checks a customer billing address that they're trying to check out with, matches the one on their statement. Format tends to matter here so if on your statement you mention a house name and on your online transaction you don't use it but use number instead the AVS can fail. It's important for a site product owner to understand this as it helps customers if you design your payment form with that in mind. I'd always check AVS first but it depends on your technical setup and your PSP.


3D Secure (The 3D stands for 3 domain  for those who wish to know)- if this isn't the bane of your checkout life then I don't know what is. Users hate it, Product owners hate it...banks love it, and it has reduced online fraud significantly since it was introduced.  It's important because it represents a liability shift - the bank authenticates the transaction so the liability for a chargeback (fraud ones anyway) lies with them and not the retailer. It's an optional check (notably John Lewis don't have it on their site) but again if you get a load of chargebacks and you don't have it the schemes are going to start getting pissy with you. Remember you can only use it on your online site - if you take transactions over the phone you have to skip 3DS as you can't ask a customer for their passwords. Like your PIN number it's just not done to share it. 3DS also isn't yet officially compatible with mobiles (the pesky iFrame sometimes loads but not much else).  The simplest way to describe it as online chip and PIN - the liability shift works in the same way. When you complete a  transaction online your payment services provider (psp) sends out a message to your bank to ask if you're enrolled in a 3DS scheme (Verified by Visa or Mastercard Secure Code - Amex have their own and I forget what it's called...SafeKey that's it) -  most cards now are so if you're not enrolled you'll be asked to do so there and then. If you are you'll have to enter your password or PIN (depending on the scheme) in the little box. The box is ALWAYS produced and hosted by your bank -hence the multiple domains bit - however it often looks what we call in the North " a right clip" (banks not being online usability/design gurus in general) and it's not the most reliable of things. This weekend we had a customer who actually thought it was a phishing scam, that's how shit it looked....Anyway, sometimes the 3DS box will flash in front of your eyes and then go away without asking for your password...that's a new shade of fun called.....

Adaptive authentication - which was introduced a while ago (with a fairly massive failure to communicate) by some of the card schemes who realised that 3DS was causing a usability and dropout issue (you'd hope they did anyway......maybe they just fancied a change?). Essentially what it means is that it's no longer the case that a 3DS enrolled card will ALWAYS request 3DS authentication. The bank can decide - based on a number of things like whether you've shopped at that site before, the value of your transaction etc - that you're a safe bet, so it doesn't ask. In these cases liability is with the banks still and not with the retailer so happy days. Annoyingly it's a tad inconsistent and customers have zero clue what is going on when the screen starts zipping from you to the bank and back to you in the blink of an eye.

Pre-auth/Auth. Oh here it is, the rant about the word 'ghosting' -which people sometimes use to describe authorisation. I always try to stick to the real words for these things  - partly because you'll just find life easier when talking to third parties and I also find it adds huge confusion when people start assuming things are what they aren't. Most online transactions are made up of three major parts; auth (or pre-auth depending on your view), settlement and capture. In massively simplified terms auth is when you check the money is there, settlement is when you ask for it from the bank and capture is when it lands in your bank account. Settlement and capture and pretty close buddies. Auth tends to happen a larger time before the other two. As far as I'm aware it's rare than you would do a settlement and capture straight away - you have things like fraud checking that get in the way - though I'm sure that there are people who do, and it's called an automatic settlement when that happens, though like I say I wouldn't recommend it when you have fraud to be checking. What normally happens is that you check that the customer has the required amount of funds on their card and you auth for that amount - so the checkout is £200 - you let the customer's bank know that you'll be needing £200 thankyou very much. A couple of days later you may request settlement and capture from the bank once the order is dispatched, or confirmed or fraud has been checked (different companies do it differently), and then you take your £200. Now in order to make sure you get your £200 most banks will 'reserve' those funds in the customer's account. Now they don't go anywhere, it never shows as a transaction and the only time your customer will know it is when they look at their 'available balance' on internet banking (or more often when they run out of available balance :-) ). This is what can be called 'ghosting'. Auth tokens tend to expire - all banks are of course different (you know it!) so this an be anything from 48, or 72 hours to 10 days, to 28 days. You can try to reverse an auth but it's not massively relaible for the same reason. In exceptional circumstances where the auth lasts too long then the customer can notice and get annoyed, other times the auth could expire and you can't then take the funds based on that auth - and you can end up with a failed settlement. There is no real way around either of these, it's the nature of the beast.

1- Click Checkout - For a start this drives me insane because every C level exec I've ever worked for has asked me to do this. I shall repeat here for posterity what I say to them 1) It's proprietary Amazon terminology and functionality so no you can't and 2) it's a per item basis and not per basket so only really works if your site sells things people buy in 1's.

Express checkout on the other hand, or quick checkout, or whatever shade of grey you want to call it - that is OK. You can't store CV2 remember or any card details yourself so this is a bit of an invisible trickery whereby you auth the card the first time, store a token which links to that auth detail and then subqequently you say to yourself  'ah they were fine that last time, let's let them through again'. Typically for the payment industry this is technically a different type of transaction and therefore has a different rate structure. Sometimes your PSP will charge you for the storage of the card details so it sometimes adds a bit of cost there too. However it is one of the best ways to reduce dropoff and add convenience for customers.

Note that if you're "storing" card details for customers in their accounts you're not actually storing them - you're storing the last four digits, an expiry date and probably the name of the card. For this reason there is no such thing as 'Edit card details' - you have to delete them and re-add them. Drives me nuts when people say 'Edit' - what am I editing? Thin air?

Amazon - note this when dealing with payments, do not go and look and what they do and then copy it. Amazon are their own acquirer - basically they created their own bank, they're massive and probably own a fairly sizeable chunk of Visa and Mastercard's business - so they can get away with anything. You can't. Go elsewhere for your ideas.

Chargebacks - oooh nasty nasty, these are not your friend. A chargeback is what happens when a customer gets in touch with their bank and has any number of issues - it can range from their card has a fraudulent payment on it to the fact their item never arrived. Usually if it's fraud and you can prove you did the 3DS check and that you have a fraud checking process in place you can usually have the money re-credited (so the bank pays). There are however multiple reasons for chargebacks including products not being fit for purpose (Quality), refunds not being issued correctly (Clerical), or an incorrect amount being taken (Technical)  so it's important to check the code when assembling your case. You can see them all here and in various lists all over the internet. Some retailers choose to pay all chargebacks, some dispute them all-  it depends on various factors how your business deals with them. Most acquirers will penalise you for having a chargeback raised so in the main it's about doing all the checks up front to minimise them. As mentioned before - a large number of chargebacks will give you some unwanted attention from a number of payment organisations who are involved with your business so it's hugely in your interest to avoid them.

OK well that's my brain dumped out into a blog post. I really hope that's been helpful to someone, somewhere. Let me know in the comments if so (or if not indeed and I'll go back to writing fluff about how people are idiots :-) ), and of course feel free to correct me.

Useful Links

PCI DSS Standards
Visa Chargeback Codes
Wikipedia on AVS checks
Fraud Practice - some useful white papers etc

Thursday, 3 May 2012

To outsource or not to outsource?

Coming from a background at one of the biggest consulting, technology and outsourcing firms in the world people are often surprised when I pipe up in meetings concerned about outsourcing a piece of work (and I pipe a lot!).  I suspect people just think I'm a massive grump and I hate agencies.

It's not that I am anti-outsourcing, anti-agency, or anti-recruiter it's just that I genuinely think that there are times when a decision to outsource makes sense, and there are times when it just doesn't. Making the wrong decision (especially when it's in favour of outsourcing) can be painful, costly and lengthy, however for some unknown reason 'marketing people' are always incredibly keen to 'just throw it at an agency'. I have no idea why - maybe their massive budgets are burning a whole in their pockets? Or maybe they've just not read twosaqueue's guide to outsourcing.

I'm assuming here by the way that you have an element of choice some companies have no internal tech, or more commonly for retailers who started off in physical stores - no internal web tech. You might find some of the points below interesting if that's the situation you're in but this is very much the list I check against when trying to resource our own internal projects.

Reasons you shouldn't outsource...
Because you can.

Some of the worst words I hear in my day to day life are 'I have budget'. Outsourcing isn't really ever about the money. Do it for the wrong thing and you could be stuck spending that same money over and over again. The question I sometimes ask is "Does it really matter?" I guess what I mean by that is once this project is over will the decision to outsource it cause any issues. A year down the line what difference will who did it make? In consultant speak - architecturally does it make sense to outsource this project? This is probably the most common reason I disagree with things being outsourced. I have absolutely no problem outsourcing the build of emails for example - who built them makes absolutely zero difference to our architecture whatsoever. I don't mind outsourcing the build and installation of our wordpress blog (though we didn't in the end) - again it makes zero difference who set it up. Anything core though - anything which makes us who we are as a business, is unique to our product, or touches our application - well that's a different question

For an easy life

Outsourcing isn't really any easier than doing something yourself. It's just a different type of hard. The management of third parties, 'being' the client, answering questions - all bring with them their own types of pain. It's rarely an easy way out so if your motivation is that it's less painful then question yourself.

Because it's too hard

One of the things I really resent on behalf of my team is when people suggest outsourcing interesting work because it looks scary or hard. Challenging work is the lifeblood of teams - people can't really step up or stretch themselves when they get day to day work while an agency gets to work on the really exciting projects. Give your team some credit and give them the chance to do it.

Because we're scared of doing it ourselves

One of the things which happened to me when I left consulting is I had to adjust to the fact that people didn't listen to me as much anymore. (I know hard to believe right?). But it's true, when a consultant speaks a client is looking at them thinking 'wow that's £1,000 a day worth of words, they know so much, they're so clever', when that same person becomes a permanent resource people just don't think like that anymore. You could even be saying the same things, but for some reason people attach a value and a level of confidence to external parties. My advice would always be to trust yourself, trust your own staff, let them loose. You may be surprised.

Because 'X are the experts

This is so unlikely. There are very few agencies/consultancies/third parties who know their stuff really well. Most of it is sales-y bullshit. That's not to say they won't do a great job, or they won't become experts in the process but I can honestly say I have never been on a project where I have known exactly what I am doing. Certainly in consultancy it's part of the business model: big consultancies employ super smart people who learn fast that's all - if they did it any other way it would be unworkable. Technology, web, marketing all move so fast I can guarantee what you're hiring most of the time is a smart person who knows how to use google. I have about 80 of those in my office so why would I need any more? There are exceptions - payment, legal, fraud - areas of deep expertise without a doubt but if someone thinks they're the expert in mobile, or f-commerce or some similar word they just made up. It's likely rubbish.

When it could negatively affect your system

It's not really outsourcing - more third party tools but I have never in my life seen a javascript/tag driven MVT tool which does not slow down performance. Never. Whatever sales people say in their meetings I have had so much pain implementing these things that I have truly started to hate them. Oh this one could become a rant.

When you already have it

Oh I have seen this one too. Having a capability within your system which you end up paying for twice because no one knows how to use it/didn't know it was there -oh lord. I've left companies where this has happened because I think it is so stupid as to be almost ridiculous. An architecture driven system design is absolutely key in multichannel retail - and wasting money is just plain stupid. Buy a manual, send someone on a course, Google it - for gods sake don't buy it again because an agency make it look easier/faster.

It's sometimes (not always) a good idea to outsource for any of the following reasons - I'll give you these. I'll allow it.

  • You just don't have the skills in house
  • You'd be reinventing the wheel
  • It isn't going to matter in a year who did it
  • It isn't something which needs maintenance
  • It's seperate from your main app/business model

In summary outsourcing is sometimes a necessary evil and often a great idea. There are many many great consultants, agencies, tools out there in the sweet shop of opportunity, but just because it's there doesn't mean you need to buy everything in it - it will likely give you a temporary high, cost a load of money and then make you sick, rot your teeth in the future and make you so lazy you can't leave the shop and you spend your entire life not being able to function without sugar..........OK metaphor gone too far, you get my point - think before you outsource!

Thursday, 19 April 2012

5 geeky retail things I do (and so do you..I hope...because that would make me feel less sad....)

It's Thursday, it's miserable weather, I was out last night.....

I could dissect Tesco's retail strategy but I frankly can't be bothered and Retail Week pretty much has that covered. Instead, retail fluff for your lunchtime perusal. All hail fluff

Get mistaken for members of staff

Once upon a time when we were all wearing polyester midi skirts and actual 'blouses' this never happened. But now that store staff are wearing their own company's product and looking all casual it's impossible to know who works there and who doesn't. If I'm waiting for a friend in a shop I will undoubtably be asked for something in another size. Today a customer in M&S asked me where the milk was... I had my coat on!

Unconsciously 'floor walk' every shop you go into

You know you've gone too far when you come out of a shop having a conversation with a friend which goes like this 'wonderful store - immaculate recovery, really nice staff, few low lines, good density' you have to start wondering about your sanity.

Get all my friends refunds

My friend had a battle with Oasis over a refund. Over dinner at Ping Pong I bored her with the details of the DSR's and three days later........voila....It's when you find yourself on the phone to a customer service agent starting the sentence 'I work in online retail and....' you have to stop and consider how much of an idiot you sound. Answer: massive.
Accidentally sign off refund slips

OK I'm a geek, all credibility lost. I accept it.

Talk in codes...and don't realise it

I can't help myself, for 8 years of my life a casual short was a KL - I cannot call it a three quarter combat short, it is a KL. My boyfriend luckily (or not so luckily?) also used to work in the same retail chain so knows what I mean but I do still know this is weird. Conversations with friends that go.."Oooh did you see that AB with a ED? WRONG!"...oh lord. Me and my mother regularly converse in M&S department's not big, it's not clever but it's a habit I..... just...cannot...break..

There must be more? Anyone think of any?

Excellent Errors #5

It's shallow but really I just like the bobbing up and down puffer fish


Monday, 16 April 2012

Subtle much?

Crikey, now that is a call to action (massive button on email provided by asos)

Wednesday, 11 April 2012

Has online really grown up?

5 (serious) things you shouldn't be doing as a grown up ecommerce site
There's been a bit of chat of late about ecommerce 'coming of age' - hitting 18 years since the first online transaction is certainly a milestone, but many retailers have a multichannel strategy that's still in it's infancy. If you're doing any of these things then make sure you (quickly) start to grow up.

Non persistent baskets

Oh god. If I have to explain this then you've got bigger problems. Let's go back to basics. Picture the scene, you're in a shop, you have been picking things up, holding them up the the light, finding your size, checking the price for about half an hour. You have five or six things in your hand, you haven't totally decided you'll buy them all but you're thinking about it, you might try some on, you might leave some on hold, you might leave some behind. Then all of a sudden a sales person comes and takes them all off you, with no explaination. You're left standing, bewildered and empty handed. What's the chances you'll go back and look for all those items again. Yes. See?

In old-school retail we knew that getting something into a customer's hand was half the battle (it's why some shops keep the temperature cold-  so you don't take off your coat and then have something in your hand distracting you from picking up merchandise), why have we forgotten that because it's online?

Old School Customer Service

If there is any part of online retail which is neglected (other than reporting), it has to be customer service. We expect our customer service reps to act as a low-paid, low-engaged barrier to a barrage of customer complaints. We wait, dreading an issue, dealing with it in the most minimal, low reaction fashion as we've always done. It's not a manufacturing fault. It was the delivery carrier. There is nothing we can do. I'll have to ask our tech department. We have the moral highground, we cannot change. Well newsflash, the world has changed, technology has changed.

Customer service should understand multichannel retail - this means understanding how your payment process works so that they can tell the customer the right thing, they need to be educated that delivery is a product as much as the actual product is, and the retailer is responsible for it - if you've paid for next day delivery and you don't get it, then that is an issue which the retailer needs to deal with. You need to understand that accusing a customer of 'sweat stains' in an automated email is not what's going to bring them back to you the next time they want to spend £60 on a dress.

You need to get all of this and then you need to make sure your CS team get it. And live it.

Stop paying your team minimum wage to trot out the same platitudes. What if we stopped thinking 'Customer Service' and started thinking 'Multichannel Ambassadors' - what if your service team was up for solving problems, for chasing third parties, for really engaging with how things actually work in your systems. What if your customer services team understood that thay customer is worth £x lifetime value, that they were empowered to ensure that customer comes back to your site or your store? What if their challenge is to give the best possible experience?. What if their sole purpose was to delight customers with the fabulous tools that technology has put into their hands in the age of multichannel retail? What if that happened?

Blaming it on tech

Payment, fraud, data architecture, interactions with third parties, the fact that the batch run goes at 3am and not 3:17am. None of this is tech - all of this is business, get a handle on it and stop handing it over. These things are business issues and I guarantee your tech team won't understand your business like you do. Where your data is, who gets it, what time, how your customers pay....understand it and own it. I've lost count of the number of times that clients have made mistakes purely because they're left tech to do it and not engaged with how things work. Here's an example- we all know that in UK shoe sizing a size 3 appears twice - once as a child's size and once as an adult (OK-  so mainly me, most people don't have midget feet). One is bigger than the other. Similarly a 32A bra size and a 32B bra size do not really go together, most people shop in cup sizes, 32A, 34A, 34C etc. A tech person will put sizes in numerical order. Only a retailer -  a business person-  knows how this works in the real world.  Tech might facilitate the solution but they're not the solution. In the multichannel world you have to be multichannel, not let your tech department (or provider) do it for you.

Doing what you've always done

I stood in Next in Kingston yesterday waiting for my friend to try on about a million items (her success rate is about 15% - yes I was very bored) , and overheard a conversation between a sales consultant and a customer which went something like this: "Well no, you can order from here to home, or here. But if you want to order for delivery to another store then you have to go home and do it from there". Eh? Now I worked at Next for 9 years so I know why this is-because of the difference between a store order and a Directory order. But as a customer this sounds loony. If I can order a product in store I want to be able to order it to anywhere.

Wednesday, 28 March 2012

Happy holidays

I’d start this post with massive apologies for the radio silence over the last month but the fact is that no one wants to hear any more about my illness than has already been shared on twitter. Multiple times. Be glad you don’t sit next to me.

Post illness I decided on a whim to book a holiday with my friend. We only wanted three nights so in the end opted to book on Expedia. Dear lord…you know when you are browsing on the web, or even out shopping somewhere and you look at something and just want to get your hands on it? Expedia  - you might not be ‘proper’ retail but crikey I’d love to get my hands on you. Usability? At all? Heard of it?...thought not.

Now that’s a bit mean I know – we all suffer from the odd inability to see what’s in front of our noses. Plus we also have a habit of believing those marketing-brand people when they say ‘oh people come back to us because we’re cheap/convenient/the only place that sells the product so we don’t need to be pretty’ (or easy to use apparently) – that’s true in its way, but seriously I’ve been working in the industry for five years and I almost lost it with this site. The checkout process nearly broke me – and Expedia at some point we need to have a conversation about page titles – seeing a tab which says ‘itinerary confirmed’ when you’re still booking is SCARY. My mum would have panicked the first time something weird flashed on the screen and headed to the last remaining high street branch of Thomas Cook  (and she’s pretty web savvy).

Anyway that conversation is not now – or I’d be writing forever and I need to pace myself. I’m talking about the post purchase journey only today – with a travel site you’d think this is a pretty popular secondary journey and a fairly good driver for return visits, let alone a necessity for actually travelling. *sigh*

Let’s be honest as conversion focused as we are, and in the pressure to drive revenue we sometimes forget about journeys which sit outside of checkout. We think in straight lines – customer browses, looks at product page, signs in, buys, leaves….and yet we all know this isn’t how it works at all. There is so much up for grabs to delight customers with decent experiences outside of checkout, and yet we continue to make the same groud-hog day mistakes. Just stop it. Do it now. Write a business case. Focus on someone’s interaction with your site in the real world. Go on, it won’t hurt….

OK let’s start with the header. My primary reason for visiting is to see if my reservation has been confirmed (yes the promised 24 hours turned into 36 – again I’m trying to FOCUS). OK so presumably as I created an account during checkout I need to find a way to sign in. My assumption would always be that the sign in link is in the top right of the header – a little area we used to call the Utility Nav on a previous site. Whatever you call it it’s pretty much in the same place. Well yep it is but what the hell if going on with it? There is 8 different links on it – all of which look like slightly similar versions of the same darn thing. Where the heck do I click?

Now I suspect Expedia have made a minor rod for their own backs here because you can checkout as a guest – without creating an account that it – but then you still do need to do all the functional things which go along with having an account, like checking in online, looking at your booking details, adding in your passport number – so they’ve kept numerous links which presumably apply to temporary users. Well one of the things I learned in systems design was that if it looks like the same thing – it normally IS the same thing, if you need to have an account to do all this stuff then make people create a damn account, it’s only one additional field (password) for goodness sake. I’d also imagine that like me users are thinking ‘shit I’m paying like £X for a holiday – I want to make sure I have a history of that’ – a holiday isn’t a £20 top, no one wants a throwaway relationship with their holiday provider-  they want to feel safe, loved, secure, best friends for life.  Sometimes a password is just for their own good. This is one of those times.

(apologies if you’ve user tested this to death Expedia but even if that’s the case and your conversion is 100% better with a guest checkout option I’d question your execution)

Anyway so after the high jump which was that header I went for ‘Sign In’ as the most likely option to tell me what I wanted to know. Oh crikey what’s this:


This comes back to the guest thing I think – but if you’re going to ask guests to ‘sign in’ then why put all the links on the damn homepage as well? And how is ‘search for my itinerary’ any different from the ‘My Itineraries’ link on the Homepage? –is that a sign in action? Does it deserve to be on a page called ‘Sign In’? Noooooooo

‘Sign in or select an option’? Everyone needs to select an option – don’t confuse me.

Anyway-  I’m not even going to mention those benefits down the side, clearly you give them all away ‘free’ to guests without having to register – so what’s the point of trying to sell it now?

Ok so I know I have an account as I consciously decide to add a password at checkout so I click the radio button to sign into an existing account.

Whoooooah what I do? Red scary message with exclamation mark? I didn’t do anything! Eek! It wasn’t me! Oh it’s just some stupid pointless error message. You’ve just lost Mrs H by the way. Also what does it even say? Sign into verify your identity? I am signing in. Well I’m trying to anyway, if you stopped shouting red error messages at me and left me alone to get on with it maybe I would.

Email or username – this better be a hangover from some kind of old fashioned data conversion problem because ‘user name’ died out in 1998.

Password – (6-30 characters, no spaces) – OK so this is just a littler bugbear. I either know my password or  don’t, you reminding me how long it MIGHT be along with the lack of spaces (who puts spaces in a password anyway?) isn’t going to help me. Fair enough when I’m creating it but I’m just typing it in for goodness sake. Get your tiny text out of my way.

Forgot username and/or password? – OK whatever you probably do need this but ‘Forgotten’ would sound nicer

The ‘Sign me in automatically next time’ – I kind of like these checkboxes because I am a) inherently lazy online and b) I forget my passwords regularly. But come on – a tooltip, a ‘why?’ link AND a comment about not doing it on private computers? How many different ways can you clutter your page up with pointless information? Put a tooltip on it and leave it at that.

Use my passport/Windows ID – whatever but learn something from people using FB Connect and at least brand this so it’s easier to see what it is.

If I actually do something incorrect I then get a different scary error message giving me a vague idea of what I’ve done wrong. Eeek! I’m now hiding under the desk wondering if I’m a total moron.

I’m finally into My Account and I think  - surely I must be home and dry. But no – this is one of the most serious cases I’ve ever seen of ‘too much information’ syndrome. We know as usability professionals that best practice dictates to us that users like to know relevant information at the correct point they’re interested in it. They like control, they like to feel they have  choices – too many choices at once however if a recipe for panic.

Expedia why do I care what format my emails come in to me? Your average person doesn’t know and or care the difference between HTML and plain text. And even if they do this belongs in a sub menu somewhere that normal people don’t have to see it. As it is my eye is drawn here-  and now I’m thinking I have a choice to make…

I’m also required here to update the required TSA information about my passengers. Well funnily enough this was mandatory information when I checked out, and the name, birth date and/or gender of me or my friend hasn’t changed since then. I’m sure people make mistakes and typos and need to update this kind of information but seriously - having that big piece of text in a box makes me think I should do something, something  right now, something important, something I ALREADY DID!

Do I plan travel for others? Nope – if I did would this be useful? Yes probably..would I look for it BEFORE I had booked – yes. Get out of my face with your non-essential information.

To find out if my booking is confirmed I have to scroll right to the bottom of the page and choose My Itineraries (don’t get me started on the number of time this has now appeared). I also find it odd that the same term is used for something you’re planning and something you’ve booked. In my world it’s a booking. I’ll go with itinerary if needed but it seems like an awful lot of effort.

Finally! A nice simple design, minimal text  - and easy to use page! Except for the fact my itinerary is (2) which is a bit annoying– this is what happens when an exploratory browse and a purchase have the same name.

Next page - *sigh* deep in a sea of pointless copy is the word ‘Confirmed’. Phew, I feel a bit like I’ve been on my journey already – except let’s hope my holiday is more simple than trying to navigate the site I booked it on.

Tuesday, 20 March 2012

For charity...

2AQ doesn't normallly post videos but..... of my former Next colleagues appeares in this video, it's for charity and it still makes me snort with laughter on the third viewing. Go on - give it a little watch.


Monday, 20 February 2012

Excellent Errors #4

I'm afraid I can't claim to have spotted this one. Thanks to @markbolitho for this

You can see it here in the flesh

And it's grabbed from

Friday, 17 February 2012

Tuesday, 14 February 2012

The High Street dead? It's suicidal

Twitter followers will know that this Retail Week article caused more than a few mini-rants last week when I read it over my count-on-us 300 calorie lunch.

Firstly the comments (I'll let you make up your own mind about what annoyed me there) and secondly the sentiment of Phil Wrigley's article and the nods of assent from those agreeing with him just made my little retail heart sink.

Now before you get all commenty on me - without a doubt there are pressures on our high streets - from bad planning to high rents to rates, parking, bad public transport and goodness knows what - but what I really disagree with is this concept that ecommerce is killing the high street. Trust me the high street is doing the death throes thing all by itself....

For a while now anecdotal evidence has suggested to me that high street stores aren't having their sales snatched away from them by the big bad online burglar - they're standing outside with a massive golf sale sign giving them away.

As mentioned in this internet retailing article last week the high street shouldn't just curl up and die - it needs to change to survive. (And not into 'showrooms for Amazon' btw - personally I think the idea of our high street's being full of 'showrooms' for online purchases is even more hideous. That's a whole other blog post.)

Newsflash - people still like going into stores! and Newsflash - multichannel isn't an alternative to the high street - it needs the high street to survive. There is a whole load about multichannel shopping that customers like:

 -Touching the item
 -Trying on clothes
 - Reserving something and having it be there when they arrive
 -Looking at a product in real life
 -Getting a fancy paper bag
 -Being able to browse in different stores without prior thought
 -Grabbing a coffee and wandering around at their own pace
 -Tidy, pleasant and modern interiors
 -Knowledgeable staff
 -Easy refunds
 -Clear signage and size cubes (Topshop - seriously SIZE CUBES)
 -Nice, quality, engaging products
 -Competitive pricing
 - EASILY picking up an online order, making an online order to have delivered, returning online orders

- The theatre of going into a store, buying something, having it wrapped and actually taking it home right then and there

What they don't like is the following:

  -Not being able to get the size they want (Topshop - last time I looked you did up to a size 16 at least-feel free to stock anything in any store rather than just size 6's)
 -Not being able to find what they want
 -Bad service
 -Not knowing what the price is (John Lewis - I love you but you do this all the time)
 -Dirty and untidy stores
 -Ditto old fashioned fixtures
 -Overstocked rails
 - Bad lighting (Unless you're Abercrombie and Fitch just don't)
 - Empty rails (Disney Store on Saturday - no kermits really??)
 - Dust bunnies under rails
 - Being looked at like they're some kind of mud monster because they're not the right age/size/have interrupted a conversation (Oasis in Richmond - this is why you're shut)
 - Messy rails (H and M after 10am? anyone?)
- Too much floor equipment (Topshop again)
 - Hideous night-club esque music (River Island - yes I'm looking at you)
 - Not being able to find anyone to ask a question of
 - Fitting rooms with more rules than a prison
 - Staff who are so underpaid and miserable that they can only glare from their till-point in a mid-distance stare waiting for the day to end

Honestly I could go on forever; you can talk about rents, parking and footfall  -  whatever you want but if you can honestly say you do all of the things in the first list and none of the ones in the second and yet you are still dying on your feet then I'll let you agree with PW. Otherwise, suck it up.

All of these are things we've traditionally had to deal with as retailers - just because there is now an alternative route that customers are taking to avoid this means we should all throw our toys out of the pram and give up? We're expecting someone to come and rescue us from this deadly disease? Are we retailers or mice?

Thursday, 9 February 2012

Spotted #4 (Again!)

Uniqlo you just play into my hands

What's a "leggin"?

Monday, 6 February 2012

Spotted #3

M&S - you recommend I enter my full card number? Is there an alternative?

Wednesday, 1 February 2012

Brand experience?

Can't make up my mind about this from HoF today - included in my package ordered online is a Mary Portas brown paper thanks. Yes I did buy something from the Mary Portas range, I do like fancy bags and I appreciate the sentiment but...

Tuesday, 31 January 2012

A Serious Post About Payment

When I started this blog my very good friend and ex colleague Abi said to me “It’s good but…have you plans to make it less…funny?”…I took that as a compliment at the time.

In theory this blog WAS supposed to be serious from the start but for some reason it’s veered towards the funny/critical (how did that happen? Not like me at ALL!).  Anyway, near year new me and all that.  Cue “A Serious Post About Payment”.

When designing a checkout flow payment page is a funny beast – sometimes you can feel like you’re leading your customer through a lovely pleasant fairy-tale of ‘just browsing’ - a heady, lighthearted experience - and then they hit the payment page and all of a sudden they’re in the wicked witches clutches devoid of power , confused and disappointed. It’s a let-down which results in one of a few outcomes – you panic and run away (drop out), carry on through the pain and end up feeling slightly scarred by the experience (convert with difficulty) or you attempt to get through and end up getting turned to stone by some repeating error message or problem you just can’t get past (drop out without wanting to). Enough with the analogies – often people get checkout design wrong – and the payment page can be the epitome of the big bad wolf in a bad checkout (ENOUGH!)

Ok so in order to design a payment page (I'm calling it a page but it could easily be a form-  one page checkouts are more and more common now) where do you start?

Let's take that form as an example. Entering card details.

For me it’s first and foremost about the customer – the context of what you’re doing. What’s the driver here? Well in most cases the customer just wants to pay, - they’ll be thinking about their order and the items they’re buying and they’ll be focused on getting to the end. Some will be at work and trying to enter their card details quickly to get out of the boss’ siteline, others will be at home with phones ringing, doorbells going and kids interrupting. Some customers will want to feel reassured throughout that they’re in a secure environment, others won’t be so concerned. Woah that’s a lot of drivers. If you look at all this in isolation it looks scary-  and when things look scary the way through the wicked witches woods’ is to go SIMPLE, CLEAN and ORGANISED.

OK so the first thing I do when faced with this challenge is write down everything that needs to be on the page (or if you’re that type enter everything which could be on the page and then cross a load of stuff out). For payment forms this is usually universally the following:
Card type
Cardholder name
Card number
Expiry date
Start date
CVV/CV2/Security number
Issue Number
Security logos
Payment type logos

After crossing out the things you don’t need – or adding additional things you need for your site (card nickname if you like, a save card for later checkbox if you offer it). Then the next task is to order them into some kind of hierarchy.  I’d favour something like:

I always like to see the card number first – purely anecdotal evidence suggests to me that when entering a card customers find that they stumble here as they always want to enter their card number first so they end up with an error. I think it’s because you don’t know your long 16 digit number off by heart so you’re more likely to want to just get it onto the page before anything else. I could be wrong. So I’d end up with something like this:

Hmm but wait – something is wrong here. The types of information you’re asking a customer to enter are going to change depending on what that piece of information is.  We also have to think about our interface requirements with a PSP – they need certain information in a certain structure. So let’s restrict the format the customer can enter that information in. Let’s also make sure it’s easy for the customer to see what that format is. For a start date or expiry date we know the boundaries of what the customer will enter for example the customer sees MM/YY on their card, we should attempt to replicate that here.

Ok so next thing that’s bothering me is that the two fields at the bottom represent very shirt pieces of information. Issue number is usually a single or double digit, and the security code is 3 digits (4 for AMEX), so let’s create that expectation for the user and shorten up those fields.

But wait – Issue number and start date? I don’t have those on my cards? That’s because these are only requirements for certain types of cards (Maestro), so let’s not show them when the customer doesn’t need them.  To do this we need to know what type or card the customer is entering up front, You can do this in a number of ways, either with radio buttons and images of card types, with a dropdown – ideally I’d like it to be transparent to the user (they don’t care what the card type is) so it could detect from the number they enter into the field. Let’s for now make it a dropdown. And let’s make it clear when the information is needed.
For a non-Maestro customer here’s what I have now.

I think I could improve on the descriptive-ness of my field labels. They’re a bit techie. Let’s make sure the customer knows exactly what they should enter into the field.
Some fields may need more explanation so I’ll add some tooltips

That enter text’ is annoying isn’t it? Let’s make it useful. 

I’m quite happy with that. As discussed above customers can find security a problem when paying online so a bit of reassurance of trust logos, card schemes etc. won’t go amiss here and depending on where you add your payment types accepted (basket page is useful)  - it’s worth re-iterating again here, especially if you do/don’t take AMEX or any international card types.

This might seem incredibly simple -  and the result is pretty simple. But it’s clear from just a few minutes browsing the web that a lot of sites aren’t following the basics when dealing with transactions online.  Pret a Manger’s online top up for their Pret Card is pretty hideous- they don’t seem to know what to call things so have gone with the ‘/’ approach (FYI Pret you can just call it a ‘card’  - customers get it!). The Maestro information is shown for everyone and the expiry date is hidden to the bottom – with some badly pixelated non transparent 3D Secure scheme logos (this is how I discovered this issue – by constantly failing to fill in the expiry date and thus failing to pay)

This is from Kurt Geiger-  better isn’t it?

Lovely, clean, simple and ordered.  My favourite type of form.
Now I have my basic form I’d start looking at validation and error messages next..but that’s too much serious for one week so you’ll have to hang on for that one until next time.

Thursday, 19 January 2012

Spotted #2

Random series on pet ecom hates. Episode 2.

Oh ASOS - how sometimes I get jealous of your amazingness and then other times I think - just why.

Just why would your system KNOW I qualify for a promotion but make me add it manually. The technical effort involved in letting me know about the code surely outweighs just getting it to add automatically?

And why can I only have one promo at a time? Just because I used a 20% off means I now can't have free delivery even though the total of my order is still over the threshold of £100?

ASOS often I love you. Often you just let me down.

Wednesday, 18 January 2012

Excellent Errors #3

Ah OK I nicked this off one of the developers at work. And yeah so it's not ecommerce. Still like it though.

It's from Blizzard at

Saturday, 14 January 2012

The final mile or how to choose a delivery partner - part 1

This post could be my shortest ever at three words "don't chose Yodel". I nearly just left it at that because I'm still in a grump about my missing Dyson (long rant - really you don't want to hear it), but in reality it probably wouldn't be fair if I did.

I certainly wouldn't be the only one writing that. Type 'Yodel' into Google and you'll be treated to a number of frustrated bloggers (here), twitterers (here), disappointed Amazon customers (here), and forum contributors (here). What's interesting about current coverage is that for one of the first times the delivery company is seen to be failing the retailer as well as the customer. People just don't moan and complain about carriers now, they petition the retailer to stop using them.

So I'm *successful online retailer of your choice*, I'm fed up with getting customer complaints, my customer service team is drowning in queries, my retention rate is falling, I'm losing sales (did I mention the Dyson?). I know I need to do something- what do I do? Change carrier?

Well to be fair to Yodel if you type any carrier name into Google you'll find frustrated anecdotes from customers who've had items left in bins, not turn up, turn up at 3am (yes this did happen)...this isn't something which is about a single carrier - it's about an outdated industry which needs to change with the times. I won't repeat it but Tom from Shutl sums this up brilliantly when saying that the internet has changed hugely since it's inception but delivery.....still the same.

Anyone who knows me knows a) I'm a logistics geek and b) I went through a long and painful vendor selection at the start of last year for delivery partners. Having seen every possible carrier I think I now understand the signs of a bad delivery partner and help you avoid getting this petition on your doorstep. Next time - my tips on how to choose a delivery partner...

Friday, 13 January 2012

Zen and the art of recruitment #2

Oh dear two more hideous examples from cold callers  - I can't just blame recruiters though, I think at least one of these was a consultancy/vendor.Avoid these like the plague-  I am

The yuppy recruiter

"Hi H, here's a job you probably don't want, what number can I reach you on?" - it's aggressive, it's pushy, it's not cool and BTW it's not 1985.

The sneak

STALKER: "Hi I need to speak to H please"
SWITCHBOARD: "Oh sorry no you're stalker and we don't use those here"
STALKER "Oh no we spoke earlier in the week and she said this was a better time to call"  - oh you're a) a liar b) overly pushy and c) never going to get the chance to speak to me again

This could end up being a regular series.....Happy Friday!

Thursday, 5 January 2012

One single brand..or not

I posted a quick off the cuff comment a few weeks ago about one of my pet hates  - essentially when companies see their web presence and their web store as two different things. Breaking news - your website is your store, is your brand, is where your customers go for information about you, where they go to buy, where they go to complain. Oh dear - someone doesn't realise this:

Dear Ms 2AQ,

Thank you for contacting us at X Cosmetics.
unfortunately, we cannot assist you, as we provide customer service for our website only.
One of our aims at X Cosmetics is to provide a convenient and efficient service. and we sincerely apologise that on this occasion, we were not able to fulfil this expectation.
I will certainly pass this feedback on alternatively you are welcome to write to the X Cosmetics Head Office with your complaint:
X Cosmetics, Ltd
Greenwood House,
New London Road
Chelmsford, Essex CM2 OPP
United Kingdom.
We hope that you will give us another opportunity to prove the quality of our service to you.
Thank you for shopping at yada yada

Wake up peeps   - your concessions, your store, your website, your staff, your facebook pages-  they're all the representations of your brand and customers will access your brand how they wish to do so and in the way that is most convenient for them and in this environment you can bet that that just happens to be online. And if that fails to get through it's worth remembering that I had a complaint to begin with-  now I have two.....

Tuesday, 3 January 2012

Zen and the art of recruitment.

(Somewhat off piste from the usual I know but it is the new year. Be grateful you weren't subjected to a  rundown of my 100 favourite blogs/shoes/gin and tonics of 2011)

Ah recruiters. my post holiday inbox is full of your invites on LinkedIn, your emails and your phone messages (nice trick the one who phoned reception and pretended they KNEW me). *sigh* 
Some tips.

I need to know the name of the retailer/company
blahblahnoise company doesn't want to reveal itself, blahblahnoise I can't tell you unless I discuss in person, blahblahnoise I need to know if you want to apply before I tell you, blahblahnoise I'm going to refer to 'a large multi channel grocery retailer whose online operations are based in Welwyn Garden City' secret code. If I don't know who it is I won't know if I want to apply. Coming from a top tier consultancy I have some great names on my CV and I don't need to especially stick to the big players but admiration for a company is a big factor.  I'm someone for whom strategic vision is everything so I need to know what the company is, what their plan is and where they're going.  So quit your mind games and just tell me.

Never ask if I know someone for the role:
a) I'm not doing your job for you and nor is my LinkedIn network
b) Surely you thought of me for the role because I'm uniquely awesome? No? Just spamming then.

My background is really varied yet people insist on offering the same roles which don't really fit who I am or what I do. It's so obvious they've just searched for a keyword which has popped up in my profile.

Similarly after I joined my current company last December I got about ten emails in the first month-  clearly I've just moved jobs, likelihood is I'm not looking for a change quite so fast!

Be genuine
Ok so partly this is a rant about my inbox and partly it's because I'm doing a whole load of recruitment at the moment. I'm learning a lot about it and what it's taken me about two months and about 200 failed CV's to realise is that I'm a lot better at it than recruiters we pay to do it. For a start I don't charge my company a gazzion pound fee (or any fee...hang on.....that needs to change....) but no, the key to good recruitment (in ecommerce, in retail.... in anything) is sincerity. Genuinely building a relationship with a candidate who you know will be honest with you and who you can be honest with is the way forward. For those who make this their career this means playing the long game I'm sure, for me it's stalking (ahem) developers where they like to hang out rather than waiting for them to come to me.

Ah you see - you thought it was going to be a rant but no, there was a moral in the end.