The GDS Design Principles state that services should start with user needs. To pass the Digital by Default Service Assessment for a live service, the service manager must demonstrate that the team building service understands user needs and has undertaken research to develop a deep knowledge of who the service users are and what that means for the design of the service.
In this post I’m going to explain how we have approached this for GOV.UK Verify.
GOV.UK Verify’s users
The Digital by Default Service Standard requires us to understand who our users are and what that means for the design of the service (point 1).
Unlike many services, GOV.UK Verify doesn’t have its own specific set of users. GOV.UK Verify is for anyone who at any point might want to use a service that’s adopted GOV.UK Verify. There are 10 services currently available to the public through GOV.UK Verify, with about 40 more in the pipeline.
That means we have to design the service in a way that will work for the entire UK adult population, covering the full range of demographics and digital skills.
Users need to be able access GOV.UK Verify at their convenience, using the technology they have to hand. That’s why we test the end-to-end service in an environment identical to that of the live version, including on a range of common browsers and devices, and require our certified companies to do the same (point 10).
How we understand user needs
The Standard requires us to carry out ongoing research and seek feedback from users to improve the service based on user needs and ensure we're creating a service that's straightforward enough that users can succeed first time (points 2 and 12).
We’ve built up our understanding of user needs over quite a long time. Our user research team carry out at least fortnightly user research in our lab with users of a variety of demographics and digital skills, and also in users’ homes as they use government services. We’ve been gathering data and feedback throughout our private and public beta development phases.
Last year alone, we spent 192 hours in the research lab, testing and iterating the service and understanding how it works for users. Our certified companies also gather data and feedback and carry out their own user research. We often receive feedback through government departments and their research and user support functions, too.
Once we are live we will carry on our programme of fortnightly user research, analysing performance data and reviewing feedback so that we can continue understanding and improving GOV.UK Verify for users.
One of the challenges for us is bringing together all the information and insights across the federation, understanding exactly what it is telling us about user needs and designing improvements. We’ve been working hard during public beta to develop our ability to do that: we now have a dedicated performance team to help us get the most out of our data, feedback and research.
Understanding user needs in context
GOV.UK Verify is encountered by users on the way to accessing another service, rather than being a standalone service. We have had to separate the needs of the user in relation to the service they are trying to access from those relating to their use of GOV.UK Verify, in order to be able to use them to guide our design.
Users needs are not as simple as “I need to use this government service”. People use government services as part of meeting a broader need in their life. They may be getting ready to travel somewhere, making a decision about their financial future, or moving house.
GDS classifies user needs into two kinds:
- user needs in the context of life - needs that come from people’s lives beyond a service. Service managers don’t have any control over these factors, but how they are accommodated will define peoples' experience of the service you are providing.
- user needs in the context of the service - needs that come from people using your service to get something done.
To build a service that people are able to use easily, both of these types of needs must be understood.
When we’re talking about the needs of users using GOV.UK Verify, we’re almost always referring to needs in the context of the service, even though the user’s expressed need would be different. GOV.UK Verify generally appears in the middle of a user journey, when users are on the way to meeting another need. No-one spontaneously wants to use GOV.UK Verify in isolation from the context of the service they are using. In order to use some digital services users need to be able to verify their identity, either because the service exposes some personal data or allows the user to do something which should only be done by that person. We have built GOV.UK Verify to help meet that contextual need.
To make sure we understood those contextual needs thoroughly, we broke things down a little further.
Three types of contextual user needs
Last summer Pete Gale, who leads the user research team on GOV.UK Verify, blogged about how we talk about user needs for GOV.UK Verify. Pete explained that that in the context of using the service there are three types of needs:
- Expressed needs: These needs are derived from how our users would describe what they were trying to achieve online, such as “I want to claim a redundancy payment”.
- Tacit needs: These are needs that our users would recognise before they started their task, but would not use to describe what they are doing, such as “I want my information to be kept safe and secure”.
- Created needs: These are user needs that result from the specific approach we have taken in designing the service. An example from GOV.UK Verify would be “I want to choose an identity provider that I can trust”.
The purpose of GOV.UK Verify is to help people meet their expressed needs through digital services at their own convenience, without having to prove their identity separately through another channel or wait for their identity to be verified through manual offline processes.
To guide the service design within GOV.UK Verify, we have focused on the tacit and created needs, whilst working overall to enable people to meet their expressed needs through GOV.UK Verify as quickly and straightforwardly as possible.
User needs for GOV.UK Verify
The main expressed need when using GOV.UK Verify is not directly related to GOV.UK Verify at all - it’s more likely to be along the lines of “I need to do the thing I want to do”, for example:
I need my redundancy payment (“expressed need”) so that I can put my food on my family's table (“need in the context of the my life”)
Using GOV.UK Verify is a created need in the context of other services. Knowing this expressed need alone, is not that useful to help in designing GOV.UK Verify, save perhaps the most important thing - identity verification should only be used when it is actually required, otherwise it is an unnecessary barrier to the main expressed need.
Through the research we have conducted, we have been able to distil 4 tacit user needs for GOV.UK Verify beyond the user’s expressed need, and we have been using these to prioritise our work to develop and improve the service.
Tacit need 1: I need to be in control of my own time
Users who are trying to use a government service to meet an expressed need are normally not aware of the need to verify their identity and the time that doing so will take, and as such we need to make them aware.
Some of the things we do in the service to help meet this need include:
- explaining how long it’s going to take
- providing guidance to the users to help them choose only the certified companies that can verify their identity
- telling users what they will need to be able to verify their identity for the first time (some identity evidence such as a passport or driving licence)
- allowing users to stop and come back later if they don’t have everything they need with them on their first attempt to verify their identity
- giving users other ways to access services if they’re not able to verify their identity through GOV.UK Verify for any reason
Tacit need 2: I need to be safe and secure
Some of the things we do in the service to help meet this need are:
- putting in place protection and monitoring to protect the service from attack
- meeting high standards for security, for example we protect users against the risk of someone stealing their log-in details, by always using secure credentials with a second factor that protect against replay attacks
- requiring GOV.UK Verify certified companies to be certified as meeting published standards for identity assurance and information security, and making them liable to their users if they fail to meet the required standards
- designing and building GOV.UK Verify to protect users’ privacy, in line with principles developed by independent privacy and consumer experts
Tacit need 3: I don’t want to be excluded
We’re building GOV.UK Verify for the whole UK adult population. Our demographic coverage target is to be able to serve 90% of the UK adult population by April 2016, and to continue to expand our demographic coverage beyond that. We’ve posted separately about our work on understanding and increasing GOV.UK Verify’s demographic coverage.
We are making sure that GOV.UK Verify is interoperable with other national and international standards and systems, so that people from other countries will be able to access services through GOV.UK Verify and people in the UK will be able to use GOV.UK Verify to access services in other countries.
We have also tested the service with users having a wide range of abilities, for example, users who are less confident in using digital services, to make sure that it works for everyone. For anyone who is not able to verify their identity through GOV.UK Verify for whatever reason, there are always other ways to access services and there is assisted digital support in place within each service for those who need support to use a digital service.
Tacit need 4: I don’t want it to be stressful or confusing
GOV.UK Verify involves 2 concepts that are likely to be unfamiliar to many users: the idea of proving your identity online; and the idea of doing so using a third party. Both of these are fairly novel concepts not yet widely in use or understood. We need to make sure GOV.UK Verify works in a way that makes it clear to users what’s happening and why without confusing them or causing them stress or worry.
We’ve been working on the design of the GOV.UK Verify user journey for 3 years now, iterating and improving it to make it as clear and straightforward as possible for users. This work has included, at times, starting again with a blank page based on everything we had learned so far, making relatively small adjustments based on our research, and carrying out A/B tests in the live service to test alternative formats and content.
‘Created needs’ are needs that arise directly from the service. For instance, because we use a range of certified companies, users need to be able to make an informed choice as to which company they want to use. Our ongoing research and analysis of feedback from users helps us understand and respond to created needs.
For example, the GOV.UK Verify user journey includes questions which we use to help identify certified companies likely to be able to verify a user’s identity, based on the information the user provides about the identity evidence they have and the methods they are able to use. We’ll carry on doing this work once we’re live, as we continue to learn from users’ feedback and the performance of the service.
As a result of our work to understand user needs and improve the service to meet them, and the work of certified companies to improve their services over time too, the GOV.UK Verify success rate (the proportion of attempts to verify for the first time that are successful vs those that fail) has increased from around 40% when we went into public beta, to the mid to high 70s now. We’re aiming for a success rate of 90% and we report our progress every week on the performance platform. We’ll be posting in more detail about how we measure performance soon.