2K/ User Experience - Making the Metaverse Fun

From IIW

User Experience - Making the Metaverse Fun

Session Convener: Jonny Howle DISCO

Notes-taker(s): Lauren DelFabro

Tags / links to resources / technology discussed, related to this session:

Discussion notes, key understandings, outstanding questions, observations, and, if appropriate to this discussion: action items, next steps:

Key User Experience Topics/Issues in the SSI Space

  • Sharing access to resources (data availability)
    • Access control
    • Selective disclosures
    • Revocation
  • Account recovery
    • Key management
    • Recovering credentials
  • Delegation
    • Responsibility or authority to sign on your behalf
    • Discovery of who has the authority within an organization/community
    • Time-bound nature of delegation
  • Giving informed consent
  • Inheritance
    • What happens when you die

On Gathering User Insights and Conducting Research in the SSI Field

User insights

  • Many different cultures
    • Some are much less comfortable giving feedback
    • Some user research flows use SMS
      • Do not have smartphones
    • Need a user experience that allows delegation to guardians
  • Provide users an environment they already know how to use
    • Mobile app with functionality they are comfortable with
    • Skeuomorphism
      • Use cues from the physical world into the digital space
      • Now mobile has been around long enough
        • The more we use something like chat that people are comfortable with, the more we can study the additive behaviors
        • If you can follow the flow of information across chat for interoperability that can be extrapolated to wallet behavior
        • Same type of flow for verifiable credentials
          • Identity isn’t the thing, it’s the thing that gets you to the thing
          • What you get on the other side of the gating is the user behavior
  • Groove (sharing system a number of years ago)
    • Could control
    • First time I got a message from you, I would have to decide if I accepted it or not
    • Means that when you are wanting to open a message, you are asked to validate a user
      • Takes you out of the flow of value you were already following
      • Vs sending a secure link to establish connection so now that’s out of the way and when you want to message you can message
        • Same privacy but ordered differently (when you do it makes a difference in UX but has the same outcome)
    • For establishing connection between two parties you may need to add a double opt-in
      • Yellowpages exist so this invalidates the double opt-in
        • You can pick any phone number and call it
          • BUT the person on the other side can decide to answer it or not
      • Granivetter Diagram
        • Set of links of connected parties
        • But there’s no way to connect the set of links to other sets of links
      • Ex: web3
        • People leave DMs open on twitter so they can get messages even when they don’t confirm the sender
        • Also you can show up differently to different spaces (not just your physical face/presentation)
        • Can think about credential gating based on more than formal fields to be presented
          • ie “if works at X” they are allowed to connect with me
          • Currently based on very weak assurances of credentialing
            • “I introduce myself as a person”
              • Account recovery:
                • How to help people who lose their credentials
                  • What if you could designate people who will get a piece of your keys and you get enough of these people together who say yes that’s really them
                  • If you lose all of your identifiers, then you can’t prove yourself
  • What if all your guardians lose their credentials too?
    • Need at least the option to download your seed phrase
    • People are afraid of holding their own keys and managing that security themselves
      • You have to make it easy
      • Normal twitter users don’t really care about privacy
        • “Accept all”
        • Clicking the wrong buttons
        • Trying to move fast
      • How do you win over those people? (Kaye Yee)
        • Make the secure way the easy way
    • Privacy Paradox
      • Hypothetical Privacy
        • I care about security
      • Actual Scenarios
        • Discount if they sign up
        • Cookies
  • Objective disclosures tell you what you are sharing

Relative disclosures share if this is increasing or decreasing your level of privacy

  • The thing that got people to actually take more private decisions:
    • Actual situations where you tell that party they are increasing the amount of data shared with an app
    • Showing in human readable text what they are sharing

Best-in-class in this space

  • Intelligent conversational agents (chat bots)
  • Trinsic (on issuance)
    • Could actually log in and figure it out
  • Logging into zoom meetings
    • Request for a credential for email that will allow you to access
      • QR code to phone
      • It’s rough
        • UX could be streamlined
        • Sometimes it works - but often people have to be logged in manually
        • “Don’t ask me for 7 or 30 days”
          • Doesn’t work