Saya is greatly liked by real world
people who have sampled it. Once logged in and inside the app,
everything is easy and straight forward to use. However, there are
some pain points that pose a real threat to loosing out on users:
- Registration process – This is by far the most painful part of the app. It's tedious and some users do not understand why it's necessary(coupled with the instinctive feeling of avoiding to give out their phone numbers aimlessly). Most users are confused about the applicability of the received SMS and what to do with it(some I observed reply to that SMS with the code :) . All in all, the general verdict was that a way should be found that takes away registration from the app. *Possible solution illuminated below
- Notifications – On new apps there are 2 notifications. On the 2nd one “You currently have no friends. Please Invite or Sync.”, most users gloss over this and choose their required action(*Reading phonebook past 215 contacts seems to be a problem—troubleshooting still continuing). The first notification “Saya may collect device info to enhance experience.” causes relatively more confused than the former. Users have been observed to select the “Read more” option more than “Dismiss”. Good news however is that all this options have a good 'dead end' and the user cannot possibly stray out of the flow.
*Possible Solution to the 1st
problem
We can provide an online portal where
the user handles the authentication there. I.E
a) Ask for user number
b) Send user code SMS
c) Ask user for the code to
authenticate it's his number
d) Send link of prepackaged app to his
number
Concentrating on the last option(d),
the app can be prepackaged in a number of ways
- Recompile on the fly with the number hardwired in the app. This unfortunately is not possible for a signed app, otherwise you would have to sign the app every time it's recompiled.
- Add the user number as a field in the JAD file.
one of the major draw back for option (d) would be that users can't bluetooth the app to somebody else ability to distribute from fon to fon would be nice.
ReplyDeleteAn slightly improved version would be:
a). Download the App
b). User Lunch and Click register
c). when register is clicked client app generate token and send via sms to special number
d). app connects to server (on a special url) and request for reverse token verification providing a salted (via nonce) hash version of the smsed token
e). Server recvs sms and token is verfies with client reverse verification info
f). App recvs phone number and bearer token
g). app disconnects and reconnects with bearer and phone number
(note: there might be 1 or 2 security issues but we can figure that out later)
Had discussed this same flow with Robert during the initial design stages, can't remember why we decided against it.
ReplyDelete