The persistence of point-of-sale chip readers

A point of sale terminal with the new chip reader.

Saturday afternoon at Target. I swear that my extended family is singly responsible for 10% of the company’s lifetime gross earnings.

In line in front of me is a gentleman who looked to be in his late 70s or early 80s. Next to him is whom I presume to be his daughter, looking to be in her 50s. He’s buying staples: Cereal, milk, some canned food.

It’s time to pay, so with trembling, slow hands, he pulls out his debit card. And he stares at the credit card reader.

Now, for those of you who haven’t had to endure the last two years of American credit card chaos, let me introduce our point-of-sale terminals. They all have a slot into which you carefully, with one motion, insert your chip-equipped credit or debit card.

This gentleman, with trembling hands and a slowness that comes with age, inserted the card in not quite one absolutely perfect motion.

As a result, the card reader returned an error.

Well, now he’s confused. I mean, he’s probably 80 years old and knows exactly how much money is in his account.

His daughter pipes up. “Dad, swipe it! Put it in here and swipe it.”

American point-of-sale terminals also have a magnetic stripe reader. There are still a lot of cards out there with magnetic stripes and no chips, though they are dying out now that the liability for fraud falls on the least secure of the bank and the store. Thus, the terminals let you swipe your card, just as we have since the original POS terminals replaced the credit card imprint machine a generation ago.

So, the elderly man with deliberate movements oscillating from a tremor swipes his card.

The machine tells him, “USE THE CARD READER.”

See, it’s that liability question again. If the store takes the magnetic swipe when it could have taken the chip, they are exposed should the transaction be fraudulent.

But the old man is more confused than before. And we’re now up to five minutes of wading through the machine’s weird demands.

He knows it’s the card reader now, so once the machine resets (and that takes time) he is able to insert it deliberately in the exact way the machine likes, and it finally accepts his offering.

It asks for his PIN number.

He enters his PIN number.

Then he pulls out the card.

Uh oh. The machine didn’t like that. You have to leave the card in because, well, I’m not really sure. My guess is it’s because everywhere else in the world your PIN is stored, encrypted, on your card, but America has to be weird, so it calls your bank to ask for your PIN. Or it’s because it just likes cards. Whatever.

Seven minutes now. Daughter and checker are getting flustered. The poor gentleman is suffering from this constant cognitive kick in the privates.

Still, once more into the card slot, my friends. This time, he gets the card in right, slowly punches in his PIN, and waits while the machine tells him to NOT pull his card out.

Don’t.

Don’t.

PULL YOUR CARD OUT NOW NOW NOW NOW NOW, screams the alarm. To POS terminal designers’ credit, they changed the signal based on merchant and consumer feedback. Originally, the sound of removing your card was a loud klaxon that suggested you are a horrible person for deigning to leave that card in one microsecond than necessary, and that you should feel SHAME. Target’s vendor rolled out a patch that reduced the air raid siren to a slightly urgent but more pleasant three note tune.

At long last, our honored elder has completed his purchase of milk and cereal. It’s only taken 10 minutes for all this to happen. Everyone in line behind me long ago abandoned this crisis for one of the other 24 lines.

I’m still here. Not because I’m mad at the gentleman or even laughing at him. I’m mad at the people who let this experience get this bad.

With point-of-sale, you’re trying hard to balance two problems:
1. Consumers want to buy stuff with as little friction as possible.
2. Merchants don’t want to get fucked over by fraud.

Mind you, merchants want low friction sales and people don’t want to be fucked over by fraud, but for a moment let’s focus on just these two use cases.

In the first case, you want to make it as easy as possible for consumers to provide proof of payment.

In the second case, you want to make it as hard as possible for people to commit fraud.

Now, who’s buying the machines? The consumers, or the merchants? Yep, the merchants. So they’re going to focus on a system that will limit their liability in the new world where the least secure part of the product-to-cash chain is liable for fraud.

The end result is a secure system that requires genuflections, magical thinking, and a lot of signage to help consumers buy stuff.

But here’s my ultimate question: Is this really the zero-sum game I just made it out to be?

The heart of good, user-centered design is a solid empathy for the people who use the products we design. That empathy is not either-or; it’s both-and. It understands we cannot be everything to everyone and compromises must happen to deliver a cohesive and grokkable experience. But it also knows that to help one user, you don’t (and shouldn’t) hurt another.

This is already a daunting design challenge given the dense regulation that comes with merchant banking and finance. And yet… we have Square and Stripe handling billions of dollars in transactions for small businesses (e.g. the coffee shop I’m currently sitting in). These systems provide a better experience than the current POS terminals because they are focused on lowering sales friction first. They still suffer from the genuflection of inserting the chip into the reader, but as POS systems they are remarkably low in friction.

The chip reader isn’t the final destination, however. We have contactless cards in Europe; you can even use them in lieu of Oyster cards to ride the Underground. And, of course, there’s Apple Pay. The friction falls without compromising safety and fraud prevention.

In the meantime, though, I wish I could have made the point-of-sale designers — and their leadership — watch that 10 minutes of suffering that poor man went through in front of me. It left me irate that we can’t design for everyone, that we still create systems that foment magical thinking, that instead of treating design as a zero-sum game they could have done the hard, hard work of making a system that empowered consumers AND protected merchants.

This shouldn’t happen. Not in modern design. Not in a world where we’re demanding ethical, empathetic design as the cornerstone of our entire “user experience” movement. That it does suggests that maybe, instead of focusing on arguing over “what is UX” and “should we call it UX” at every turn, we should be asking how we can get better at designing for the actual people who use the things we design.

“Way too much political opinion”

In 2018 the politics have been in our face, tragedy after tragedy, farce after farce. Mass shootings by men motivated by racism and anti-Semitism in Louisville and Pittsburgh. Family separation camps at the border. Our president obsequiously bowing before Putin. The collision of Kavanaugh and #metoo. White nationalism getting platformed by high-powered politicians. The vilification of the trans community.

It’s exhausting. We’re under a denial-of-service attack by the politics of our time.

These times ask a lot of questions of design– and designers. Will we build the tools of fascism like IBM did? Developers and designers at Microsoft and Amazon are already asking those questions. Facebook faced an uproar when their legal counsel appeared to support Brett Kavanaugh. Whom are we choosing to support and empower in our design decisions? Can we act morally in a time of unspeakable cruelty?

Design, in the end, is political. Code is political. Every decision we make has economic, political, social, and environmental consequences. Human consequences. If we’re lucky, these choices are big and bold enough to improve the world. Most of the time, they’re neutral, banal choices. And then, every once in a while, we make a decision– or avoid a decision – that hurts our world and the people in it.

To complain about “way too much political opinion” is a position of privilege, one where you can pretend that you can live in an apolitical vacuum, one where you can close your eyes and not think about whether your tools were used to round up and separate refugee families at the border, one where you can pretend the very real fears of a creeping fascism don’t affect what you design because that fascism will harm you last (and may well help you first). It’s one where you can tell LeBron James to “shut up and dribble” despite the existential fears that a black man like James faces despite his income and status.

If you’re a developer or designer hanging on to this belief, question your blind spots. Ask yourself what the current political climate will do to benefit you. Ask how design and code could ever truly be neutral when every decision you make is tinged with the biases of your beliefs and upbringing.

Because the test may come soon when you really will face a decision that IS political. And you may not even know it. You may just roll with it, just follow orders, ship something horrible out of fear of ostracism or losing your job. You’ll rationalize it later, maybe even convince yourself you did the right thing. And still, people will hurt. The world will hurt. That stain will not wash off.

The problem isn’t “way too much political opinion.” The problem is we’re not talking about the politics of design and code enough.

(Editor’s note: We at The Interconnected stand with the Jewish community, the Muslim community, the African-American community, the LGBTQIA community, women, migrants, immigrants, and any other group facing fear, oppression, and hatred in this world right now. Solidarity.)