INTERACTION

3.3.1 Interaction Design

This is a field surrounded by a cascade of other disciplines such as HCI, UX, industrial design, human factors, architecture, visual and sound design. Lowgren (2014) defines Interaction Design (ID) as a designer action on digital things to characterise them for people’s use. The design is characterised by: altering circumstances by shaping and implementing artefacts; exploring probable prospects; outlining the “problem” simultaneously with making potential “solutions; discerning by drafting and other tangible illustrations; speaking to instrumental, technical, aesthetical and ethical aspects all the way. ID varies from traditional designers (product centred) of ICT products who focused on what the product should require, and only delivered on the desired functionality without consideration of human emotions (Lowgren, 2014). Forlizzi and Ford (2000), proposed an early framework for interaction design that can be used to understand the UX which products evoke in end users. The framework has four components describing dimensions of experience, namely: sub- consciousness (no effort to think), cognition (effort to think), narrative (formal or procedural), and storytelling. It is important for designers to have an understanding of the experiences they are designing for and the factors affecting them in order for them to create the right product experience. The framework of Forlizzi and Ford (2000), conforms to the definition of ID in that it focuses on the user perspective of technology; however, it does not prescribe how designers can use this knowledge to come up with a UX centred product. Later Forlizzi and Battarbee (2004) developed a framework for UX, related to the design of interactive systems. The framework informs the designing experience for interactive systems as it focuses on user product interaction and the resultant user experience. As research in the field progresses, Saffer (2010) offers a design strategy consisting of four user product interaction design stages: framing the problem; determining differentiators; visualization and

products. ISO Draft International Standard (D(S) 1307 (1997) is used for designing user centred interactive systems. According to Saffer (2010), there are four approaches to ID, namely systems design, activity centred design, genius design and user centred design. Clearly ID is about the user, creating the right user experience and considering user aspects throughout the interaction design process. To capture the nature of ID Saffer (2010) defines three key views to successful ID, namely technology-centred, behaviourist and social

interaction design views. These views allow for context to be considered when designing

solutions for given circumstances. Shneiderman and Plaisant (2005, pp. 74-5) provide eight golden rules (principles) of Interface Design to guide good interaction design especially for mobile, desktop, or web designers. The rules are: strive for consistency; enable frequent

users to use shortcuts; offer informative feedback; design dialog to yield closure; offer simple error handling; permit easy reversal of actions; support internal locus of control; and reduce short-term memory load. So much has been said about designing for

interaction; however, most programs used on computers are mass-produced. This means that they take limited cognisance of the context in which the interaction will take place. The next section will focus on designing product for usability and user experience through user involvement: user centred design (UCD).

3.3.2 User-Centred Design/Human Centred Design

UCD focuses on users and their tasks at the concept of the product design process through user involvement in the design process. Primarily, it should assist designers and developers to comprehend the needs of the people who will use the resultant products (Forlizzi & Battarbee, 2004). UCD aims to design highly usable products. According to ISO 13407 (1999), “Human-centred design is an approach to interactive system development that focuses specifically on making systems usable." This is possible through the application of human factors/ergonomics and usability knowledge and techniques to the user-centric design. ISO 13407 is a best practice standard on user-centred design, making available guidance on design activities throughout the life cycle of the interactive products. The standard aims to ensure that the needs of all stakeholders are considered during the development and use of interactive systems. Other standards are also developed to address interaction, such as ISO/IEC10741-1, ISO 9241- 10,12,13,14,15,16,17 and ISO/IEC 11581.

The ISO standard on Human-centred design for interactive systems ISO 9241-210 (2010) presents six user centred design principles:

1. Clear user tasks and environments understanding should be the basis. 2. User’s involvement throughout design and development.

3. User-centred evaluation drives and refines the product design. 4. Iterative process.

5. The whole user experience is addressed by the design.

6. Design team is composed of multidisciplinary skills and perspectives.

Focus is placed on principles and four activities of UCD, namely plan (identify need and specify context), analyse (specify requirements), design solutions and test (evaluate design and refine), shown in Figure 3-2.

Figure 3-2: UCD activities (www.usability.gov)

There are a number of tools that are used in the evaluation of user-centred design, mainly: personas, scenarios, and essential use cases. Scenarios and use cases will be applied in Chapter 6 to evaluate the research product that is developed from a user perspective

(requirements specification and testing) in line with Phase 4 of the framework development process.

Studies conducted by Cranor and Garfinkel (2005), show that it is possible to realign security and usability with careful attention to UCD principles, and to make security usable. However, it important to note that UCD may result in products that are too specific for more general use; hence, they will not be easily transferable to other environments (Abras, Maloney- Krichmar, & Preece, 2005). In the light of these, how can designers ensure human Computer Interaction Security (HCISec)? The next section presents HCISec.

3.3.3 Human computer interaction security (HCISec)

HCISec aims to improve the usability of security features in end user programs. HCISec focuses on the design, evaluation and implementation of interactive secure systems.

“HCISec is the study of interaction between humans and computers, or human–computer interaction, specifically as it pertains to information security. Its aim is to improve the usability of security features in end user applications” (HCISecAdmin, 2009). According to Johnston, Eloff, & Labuschagne (2003), human computer interaction security (HCI-S) ensures that the security features of a graphical user interface can be more intuitive and user friendly to reduce the chances of users making mistakes or bypassing the security feature. These definitions will guide the literature review of HCISec.

Literature has shown that it is a necessity to improve the usability of security features as a way of ensuring that end users can interact with them as intended by designers (Flechais, Mascolo, & Sasse, 2007; Furnell et al., 2005; Whitten & Tygar, 2005). To address some of the concerns, Garfinkel (2005) developed six principles for aligning security and usability (i.e. least surprise, good security now, standardised security policies, consistent

meaningful vocabulary, consistent controls and placement, no external burden).

Concerns about secure interaction and the usability of security features shift the focus to user- centred design principles as a way of ensuring usability.

Designers focus on both the technical and non-technical aspects that appeal to the user’s pragmatic and hedonic expectations while they interact with EUP. User-centred design of secure interaction ensures that the usability principles are incorporated. Yee (2002) established ten principles for designing security from a user-centred point of view, focusing on user interaction design in secure systems. The principles are: path of least resistance,

appropriate boundaries, explicit authority, visibility, revocability, expected ability, trusted path, identifiability, expressiveness and clarity. Products meeting these criteria are

considered to be adhering to user-centred design. End user program designs follow these design principles and focus on giving the user a memorable experience. For instance, since Office XP, Microsoft has incorporated security controls in their applications to reduce attacks and to improve user experience with the program (Microsoft, 2013). In order for security to be realised, the security controls must be usable. The next section will focus on the usability field of HCI.