Open fpietrosanti opened 5 years ago
cyberflaneuse
commented
5 years ago A few questions: is it possible to do this operation without leaving any digital traces which connect the mobile phone of the user to the whistleblowing platform or GlobaLeaks? And after the user has the code saved, under which name/way can they then find it on the address book? How will the user search for it? Do we recommend to then manually save it as a fake contact?
vodkina
commented
5 years ago QRcode are meant for being machine readable and not human readable. • if a user experience some technical problem in interacting with the QRcode through the device is using, will he have the ability to save the 16-digit in some way or the digit will be lost? • if the user save the QRcode as an image "just in case" (users do such sort of things), anyone accessing the device containing the saved QR code could access the receipt code. We have to keep in mind that our users are not technically oriented, so we can expect from them a low level of device security
evilaliv3
commented
5 years ago @Rima-S: saving it as a fake contact would be doable with a QRCode embedding a VCARD but i agree that a QRCode is probably too sophisticated for the typical whistleblower.
fpietrosanti
commented
5 years ago From a UX perspective it could be a usability improvement of what's proven not to be usable that's our receipt, btw i don't know how widely used are QRCode, i expect to be highly usable consumer-grade
evilaliv3
commented
5 years ago Actually I would not say that our receipt is proven to be unusable. From the usage of very different contexts like the one of TI Italy or BIANCO it is proven to be well used.
We can consider to ask the UX reviewers to consider this as one of the main research questions.
fpietrosanti
commented
5 years ago Well, while not proven to be usable or not provable by numerical statistics (amount of whistleblowers logging in back), in almost any project there’s a recurring topic of whistleblowers not coming back and deep attention in adding more notice about the receipt as a workaround to mitigate that effect (writing in disclaimer in whistleblowingpa/alac, questionnaire in ANAC, Term of before submission in I don’t remember which initiative), confirmed by TI italy to have many duplicate/triple submission by whistleblower that lost and/or misunderstood the receipt.
So it’s an area worth to be improved because the impact/effect of it, it’s perceived by end users
fpietrosanti
commented
4 years ago Apple iOS has Qrcode built-in scanning https://support.apple.com/en-us/HT208843
Android introduced Qrcode built-in scanning only since version 9 https://medium.com/turunen/built-in-qr-reader-on-android-696e0f38113b
Current behavior Actually users may have difficulties in typing the 16-digits receipt code.
Expected behavior This ticket is to evaluate changing the Credit Card Tip of receipt with a QRCode that, once pointed on the screen with photo camera of the phone, will trigger saving of the receipt to the addresbook entry.