https://identityassurance.blog.gov.uk/2014/11/13/using-evidence-from-user-research-to-redesign-gov-uk-verify/

Using evidence from user research to redesign GOV.UK Verify

I work as a user researcher for GOV.UK Verify. The core of what I do is understanding how GOV.UK Verify works for real people, and finding ways to make it simpler and better. One of the most valuable ways to do this is to invite members of the public into our research lab to use what we’ve built so we can understand how it works for them and what we need to do to improve it.

We’ve been doing this every fortnight since March 2013. This process of continuous experimentation, evaluation and improvement sits at the heart of what we do, and is central to the new approach to building digital services that is being adopted across government.

Over time, it means we’re able to build up a much deeper understanding of the issues that people face accessing government services online. We may not always be able to make everything perfect straight away, but we know we’re doing everything possible to make it as good as it can be.

A good example of this is a part of the GOV.UK Verify service where people choose a certified company to identify them. We’ve always known that this was a decision people might find difficult to make without more information. GOV.UK Verify is a new service, that works in new ways, and we need to make it clear and simple, so we created an interactive tool to help people with this decision. Over time, refined this to the point where we couldn’t find any more incremental improvements.

Set up your identity profile   GOV.UK
Screenshot from our old user interface, which included a dymamic picker to help users choose a certified company

Although people were able to use what we had made, some didn’t really understand it, and this made them feel uneasy. We weren’t happy to accept this as ‘good enough’, so began looking for better approaches.

Back in June we decided to take another look at the whole user journey, so we went back to the drawing board. By starting from a clean slate, but this time armed with everything we had learned from all our research so far, we were able to come up with a simpler design that broke the decision down, asked a couple of simple questions and then made a clear recommendation.

phone type
Screenshot from our new user interface - a few simple questions
Passport and or driver licence
Screenshot from our new user interface - a few simple questions

Based on someone's answers to these questions, we recommend a certified company that is likely to work for them. (This screenshot shows the two companies that took part in our private beta - we have contracts with 5 certified companies in total.) We also show what the person would need to do if they wanted to choose another provider from the list.

Choose a company
Screenshot from our new user interface - showing which certified company is most likely to be able to meet the person's needs

A recent exercise looking at the effectiveness of this new approach has shown that people find it simpler, quicker, more satisfying to use, and are more likely to get the task done.

We're carrying on researching and developing this new approach so we can continue to improve the service.

Follow @petegale on Twitter

2 comments

  1. Jacquie

    Keep up the good work! As long as this secure it will make all our lives easier. However, the slightest doubt with regard to security should render this system unusable. When a 15 year old can hack into HSBC....

    Link to this comment
    • Janet Hughes

      Hi Jacquie, thanks for your comment.
      We take security and privacy extremely seriously. GOV.UK Verify has to be accredited by the pan-government accreditor (a senior government official outside our team), to verify that we are appropriately identifying and managing security risks. This is an in-depth, ongoing process that involves regular testing and review to make sure the system is secure and resilient.
      All the certified companies have to be independently certified as meeting international standards for privacy and security. If they fail to meet the required standards because of negligence or wilful failure, then their liability to users is unlimited. You can read more about each company's commitment to privacy and security in their terms and conditions.
      Thanks,
      Janet

      Link to this comment