Credit bureaus: how to annoy customers and inspire skepticism and distrust

Earlier this week I received a new Mastercard in the mail. But I hadn't applied for one and the first name wasn't right. Identity theft?

So first, call the issuing bank: they would cancel the card. Then I called Equifax and TransUnion; all was good with my credit reports. Whatever was up with this person using my address and a near-name, they hadn't been connected to my credit file. I had the bureaus put an alert on my file just in case, so that extra identity verification would be done for any credit requests. Equifax insisted on charging me $5.65 to put an alert on my file, TransUnion did not charge me. I also called Canada Post to ensure that there were no mail redirects happening.

Then today I received a call from the same bank again, about another credit card application. The call was triggered by the alert on my credit file. The bank said they would request the applicant go into a branch to verify their identity in the hope of “catching them”. Seems unlikely.

This made me want to actually look at my credit file: we'd renewed our mortgage recently, so we knew all was good at that time, but the assertion of the credit bureau people that “nothing had changed” since that event was no longer enough for me. I wanted to see the files myself. And then I thought, maybe I should sign up for credit monitoring too.

First, Equifax. I go through the signup process, creating a username and password. Then I'm prompted to call Equifax for additional verification. Fair enough, in fact that seems a good thing. I call the number, and have to wade through a number of menus, all of which have minute+ preambles. You would think that you'd be given a direct “additional verification” number, rather than a general number. Moving past that, the preambles (verbosity: maximum) prompting me to go to the website were exceedingly annoying: I'd just been on the website, stop wasting a whole lot of my time by telling me to go there first, repeatedly! Eventually, I get a human: a bored male voice answers. He asks me a number of questions to verify my identity, but it seemed he just couldn't get me off the phone fast enough, to the point of being rude. Clearly there is an significant emphasis on call duration or volume. He said I'd get an email with my password. I'm thinking, why, I already set up my password online? But I check, and I have not one, but four identical emails with the password I'd provided online in plaintext. What the hell? What idiot stores passwords in plaintext these days, and sends them over email that way? These people are responsible for the security of our credit information? I'd randomly generated a password unique to Equifax, but still concerning.

I then attempt to sign up for credit monitoring. But it quickly becomes clear that the provider of the monitoring service is a separate company from Equifax and the integration is poor: it seemed I was going to have to enter all my information over again and create a separate account for that product. Given that I decided to just request a credit report (which had nothing unexpected in it).

Next, TransUnion. Ok, their site seems a little more professional, and their credit monitoring, while it is probably also a separate company, seems better integrated. But I couldn't even get past creating an account there. I was asked to provide an user id, but there was no indication of whether I'd picked a unique one. So I went to the next screen, where it said "the information matched an existing account". What does that mean? Was there a userid conflict, or is there already an account with my personal details? Calling them seemed to indicate the first, but I couldn't get any further. Once you get to that screen, there is no way to go back, you have to start over. In the end I gave up for today.

These companies are all about tracking information that is particularly vital, both to financial institutions and the population at large. Accuracy is key and security is critical. But even ignoring the Equifax password security issue, there is a lot of poor design in both the technology and the processes. While the individual items I encountered may mostly just be annoying, it leads me to wonder whether these issues are reflective of the quality of the rest of the systems for these two companies. My experience with both companies doesn't leave me with warm fuzzy feelings about the safety of my credit information.

Strange expectations

Last night I watched the Apollo 11 launch with my 5-year old son. Afterwards, he turned to me and said:

“I've changed my mind. When I grow up, I want to be a, umm, one of the people in the rockets.”

“You mean an astronaut? Someone who goes into space is an astronaut.”

“Yes. And then, when I'm old enough to drive, then I want to be a race car driver.”

It was hard not to laugh, but he just doesn't have the knowledge and experience to have what adults would consider “reasonable expectations”. It's not that he wants to be an astronaut or a race car driver that is funny, it is that he knows it is going to be a long time before he can drive, so he figures he may as well be an astronaut in the meantime — after all, as far as he knows there are no age limitations for “people in rockets”, and from his perspective the one is no harder than the other.

This was a reminder to me that when designing technology we need to be sure to reset our expectations when dealing with those who do not have our knowledge and experience. They are going to make assumptions that seem bizarre: it's not just that they don't have the knowledge and experience, it is that they don't have the base expectations that we have accumulated over our experience.

The Gravity project

What is the Gravity project? Gravity is “OSGi in ActionScript”, which we released last summer as the Client Component Framework in the Adobe Digital Enterprise Platform. A year ago Stacy Young posted about Gravity in his blog with a link here “if you're interested”. Well, I've actually been blogging about Gravity over on the Adobe Gravity blog, not here, but I've been reminded that I should at least provide a link!

Apple and the Paradox of Choice

I have a confession to make. I read Daring Fireball. I find that if you tune out the Apple bias, Gruber does provide some interesting information.

For example, earlier today he posted a link to Barry Schwartz's TED talk on the paradox of choice. I had already seen it, but it is a great presentation and was a good reminder that more choice is not an unambiguous good.

The interesting bit is that later in the day Gruber posted a bit questioning why nobody lines up for new Android phones like they do for new iPhones. I think one large part of the answer is simply the paradox of choice. One implication of the paradox of choice is that on average the level of happiness with an Android phone will be lower than that with an iPhone, even if all other things are equal, because the Apple user doesn't have to second-guess whether maybe they could have bought a better iPhone.

I'm not saying that's the only factor, but I found it interesting to see Gruber put the two items so close together without noting the applicability of one to the other.

The Google garden

I bought a book via Google's Android Market the other night. It was not what I'd originally intended to do.

I wasn't tired but I was in pain; I'd picked up my five-year old the wrong way (they just keep growing!) and hurt my back. So I figured I'd just read a novel since I couldn't concentrate, but I didn't have any that I hadn't read. Hmm, ok, eBooks are generally outrageously priced but if I bought one I could read it right now.

First, I looked for interesting books in the Kobo application that came preinstalled on my Android phone. I couldn't find anything I wanted to read there, so I went to the Android store to get the Kindle reader, to see if there was anything from Amazon I was interested in. But of course once in the Android Market application there was this Books tab... so naturally I looked there. I found a book that I was interested in and bought it. Never got to the Kindle app.

Now, I bought it on my phone, but I was sitting in front of my laptop as I was doing it. I wasn't buying it on my phone because I wanted to read it on my phone at that particular moment, but rather just because I did want to be able to read it on my phone later if I needed to. So to figure out how to read this book I just bought, I typed in a quick query on my laptop, and up comes the Google books site and since I'm logged in, there's my book. So I never did read it on my phone.

I find this impulse buy sequence interesting because:

1. When I started I had no thought of buying the book from the Android Market (I'd forgotten that Google was selling books), and
2. when I switched to my laptop I had no intention of reading the book on my laptop (I didn't know it was possible).

I've long thought that the ubiquity of Google allows them to enter markets where the barrier to entry is high. To me this is an example of that, both in that Google controls the Android Market and therefore can feature whatever they want there, and in that since I use other Google services and was therefore logged in, finding my book on my laptop was a matter of seconds despite the fact that I didn't even know I could do that. I managed to accidentally discover both Google services in minutes in the path of least resistance. While I wasn't even thinking about buying from Google in the beginning, in the end I'm happy I did because I now know that I can read the books I buy there in any browser just by logging into my Google account. I can be at another location without my own computer and still be able to do so.

I believe this ubiquity could allow Google to succeed with Google+ despite the daunting head-start that Facebook has: people will end up in Google+ by accident, and some will start to use it despite not having originally intended to do so. This plus the network effect could grow Google+ to critical mass if Google sticks it out.

Some people argue that Google's just trying to build a Walled Garden like Apple. I don't agree. Certainly they have a big garden, and that contributed to the fact that in the end I bought from Google rather than Kobo or Amazon, but I don't see the walls. I don't have to have Google hardware to read the book, I don't even have to have Android, the only thing I need is to have is a web browser.

With respect to Google+ versus Facebook, well, I trust Google to be more secure and certainly hope that they'll be less random.