User Analysis
Our users are regular people, keenly interested in privacy but not necessarily knowledgeable about the technical details of cryptography. They want to discuss potentially sensitive or incriminating topics without being tracked.
They could be political activists in an environment where the government doesn't support their viewpoints. They could be children wanting to discuss something without their parents seeing it. They could be researchers looking for a way to collect secure, anonymous data from others. Or they could be employees of an enterprise working on a sensitive project and don't want technical details to be divulged to outside sources.
Characteristics
- Use their mobile phones very frequently to communicate with others
- Have to deal with sensitive information on a regular basis
- Concerned with Privacy, but not with the technical details of how to be secure
- Concerned about Personal Safety
User Classes
Message Sender
Message Receiver
Task Analysis
Task | Goal | Frequency | Effort | Pitfalls | Others Involved |
|---|---|---|---|---|---|
Manage Contacts | To ensure the identity (or psudo-identity) of | sometimes | medium | Indicates that the user | The contact |
Communicate | To discuss a topic securely while remaining | often | medium | Expose information | Other people in |
Dissociate with a user | To break contact or association with a contact | rarely | fast | unsafe (can't undo) |
General Comments
- Safety is very important--a user should always be certain of the level of privacy they're communicating with
- Need connecting with people to be fairly easy to be adoptable
- Most (if not all) actions will be preformed in private (probably a very clean, quiet environment) (according to the user in the second interview).
- Where possible, tasks will mimic those in other chat applications. Where unique, tasks will include a short help text. In most cases, new users will be taught the basics by the person who introduced them to the application.
- The frequencies are based on estimates given by the user in the second interview.
Interviews
Interview 1
This user works as a consultant and is constantly on the road. It is very important for him to be able to communicate with clients, co-workers, and to his family back at home, and he relies very much on his mobile devices to allow him to stay in touch and coordinate his life. In his line of work he frequently deals with sensitive corporate information. He ends up using two mobile devices -- a secure device dedicated to work, and a personal one for other purposes. He understands the need to keep client information secure but doesn't really understand all of the ways in which using an insecure device can actually be potentially harmful to his firm and/or himself. He would love to be able to deal with both work and personal tasks from a single application.
Key Insights
- The mobile phone is frequently the only way to communicate with others
- Aware of potential security threats but not sure exactly how to protect himself
- Willing to deal with multiple devices in order to preserve security but finds it very inconvenient
Interview 2
The subject stated that he would use such a system for private conversations with his girlfriend. At first didn't feel that he would ever need true anonymity but felt that a simple encrypted messaging system could be useful. After further thought, the subject noted that anonymity would be useful when discussing sensitive subjects about which he held a strong, potentially politically incorrect, opinion.
In order to go through the hassle of installing the application, the subject indicated that he would need a significant reason. The application would have to inspire trust.
Interview 3
The subject said that he would find secure communication especially useful for discussing private matters. He says he often leaves out details that he would not want leaked when conversing via text message on a sensitive or embarrassing topic. Also it would be good for conversations that may have consequences if read by a third party. The subject said they would not know what to do if they wanted to communicate securely at the moment. They will usually call if they need to discuss sensitive information, as it leaves less of an explicit trail.
He said he would use secure communication if it was free and simple to use. Also, he also said that it would be worth paying for if used in a business-like setting where sensitive information is being exchanged. He noted it would be more careless/less hesitant to be straight forward via messages with security assurances.
When discussing secure communication that also hides who you’re talking to, he stated that cloaking who you’re talking to would be a big benefit. It prevents leaking who you associate with, which can give away a lot of information.
TA Feedback.
This is a good start, but there are some big things missing. You don't actually discuss classes of users, just specific interviewees. Your task analysis doesn't seem to be much connected to those interviews, either. For instance, where do public conversations come in? They aren't mentioned anywhere in your user analysis, yet you say that it's a 'semi-often' action.
You also don't seem to really get a good feel for what the tasks your users use to solve your problems, and instead you describe actions that your app will let users take. Don't forget that the next step is to make three separate designs - you shouldn't already have picked one. Think of task analysis as the analysis of tasks that need to be done to solve the problems.
I'd appreciate it if you made these changes, since we'll be working off this document for the whole rest of the project.