Personas on the wall help the development team to focus

Recently I helped an insurance company to improve the User Experience of a website that had been specifically designed to sell their new internet service to young people with no kids.

The problem

A year after the launch of this service, the site had generated fewer sales amongst young people than expected. On top of that, older people and families, formerly regular customers, (not part of the target group) used the website to exchange their current service policy for this new (cheaper) internet service. That had explicitly not been the companies intention. They wondered what they could do about that.

The cause

I reviewed the current website and noticed that it was mostly designed from a business point of view.

• All technical details about the service, the preconditions, the costs and the coverage were incorporated in the site, however not easy to find.
• The language used to present the product was very formal and contained terminology hard to understand by young people, who are not familiar with the insurance business.
• The range of services and appliances, offered by the site, was based more on availability (‘we have it in our assortment, so why not offer it!’) then on the needs of the target group.

When designing a website it is important to reckon with the business goals. In this case those goals are very clear, well contemplated and researched. However to develop a good and suitable User Experience it takes more than just business goals.

The solution

Know the user

The company acknowledged that they didn’t know much about the visitors of their website. Therefore I defined the personas[1] which represent the target group for their service offer.

Based on analysis of the target group, I found answers to questions like:

• What are the user’s goals and priorities?
• How do they behave?
• Which attitudes do they have?
• Their education
• Their knowledge about the domain
• Their use of a computer and internet
• Their income and expenses

I segmented the information and created the personas. Per persona, I had their characteristics, their name (Fabio & Maggie) and a representative photo, printed at poster size.

Don’t lose sight of the user

Everywhere, where Fabio and Maggie were presented to the different project team members, I attached their posters on the wall. By doing this, the personas are visible during the whole presentation. I saw a look of recognition among the audience. They saw the characteristics and priorities of the target group and surprisingly noticed that these are not similar to their own.

From that moment on, no one in the team talked about ‘personas’ anymore. They all now call them by their fictive name as if Fabio & Maggie themselves are part of the team.

I advised the company to put the posters on the wall at each department which is involved in developing the website. By doing this, Fabio and Maggie will always be in their mind (“What would Fabio & Maggie think | do | want | need?” ) when taking any crucial decisions during the development process.

Involve the user

In the next steps of the project I wrote user scenarios based on Fabio & Maggie. I completed the requirement specification with user requirements. Till then the requirement list mainly contained technical and functional requirements.

I did a cardsort research involving the target group, in order to structure the content of the website based on the user’s perspective.

While Fabio & Maggie were hanging on the wall, I designed the website navigation structure in wireframes in close corporation with the graphic designers who gave the website a look & feel which suited both Fabio and Maggie.

The website developers are currently working on the end result. They also are familiar with Fabio & Maggie. It would be good if they’d run some usability tests during the development process with real users of the target group. By doing that in an early stage of the process, there is still time left to improve the design in favor of the user, before it is launched.

---

[1] A persona is a realistic character sketch representing one segment of a website’s targeted audience | Source: The User is Always Right by Steve Mulder with Ziv Yaar.

User Experience in Fusion apps

Historically, Oracle is a technical company. Historically, Oracle is a database company. Once they started to offer development tools, modeling tools and applications, the whole concept always centered around data. User interfaces were things that you should generate based on a table definition, not something you should spend time on. So when I heard about the Fusion Applications User Experience efforts, I was skeptical...

...To put it mildly.

My view of Oracle and User Experience has changed drastically today. I attended the Fusion Apps User Experience training with a couple of other Ace Directors that are at Kaleidoscope 2011 in Long Beach.

The message

Companies buy Enterprise applications for support of their business. This is different than consumer facing applications like Amazon or Facebook; in Enterprise applications, users need to be able to accurately and efficiently complete their tasks. Fusion applications enables this because it takes the context of the user/customer into account. The business context consists of four things:

• Who you are
• What you are doing
• Where you are
• What information you need to complete the task

Research

Instead of looking at the data and generating a lot of screens on top of those data, Oracle has done extensive research to define the roles and persona's, the processes and tasks that need to be supported and the requirements these different users have.

They applied various user experience techniques like contextual inquiry, persona's and scenario's, card sorting, tasks analysis and qualitative methods like eye tracking and keystroke level modeling.

Analysis and modeling

This research resulted in prototypes and different solutions.

There are four key concepts in fusion apps:

1. The right information at the right time. The information that is needed for a task is present, so the user does not have to navigate out of a screen to get to required information. Analysis of what information is needed at what time is key here. There are different patterns that are applied: showing information when hovering over an item, context sensitive actions that are available when clicking on an item, etc etc.
2. Different types of navigation: search, dashboards, worklists (to-do lists), watch lists and bookmarks are examples of this. This caters different user preferences, and different types of tasks at different times.
3. Collaboration and communication. People are a source of information, just like stored data. So collaboration and communication are an integral part of the fusion apps experience.
4. Increased productivity and ease of use. By analyzing tasks, the actual productivity of the users is increased considerably.

Testing

The results were tested with customers to make sure that it actually increased the productivity and the overall experience.

The result

The approach Oracle took is very much task oriented with an emphasis on task analysis and quantitative research. This makes sense, considering the earlier statement about enterprise applications and the need to support the claims with data.

However, in addition to that, adding concepts like persuasive design into the mix to actually influence users in an organization would make it even more compelling. This is particularly true for areas like CRM or the so-called 'self service' or employee tasks like filling out expense reports, questionnaires, and updating resumes.

As I said in the beginning of this blog, my view of Oracle User Experience has changed drastically today. I think the Fusion apps people have solved the 'silo' problem that traditional ERP and CRM systems have. They did this by applying user centered design principles and of course have the architecture setup in a way that is supports this.

I look forward to hearing more from fusion apps in general and from this group in particular!

Security-per-environment using config plans

Software artifacts normally flow through several environments; for example development, test, integration, acceptance, and production. Some piece of software may be developed locally on your laptop, can be deployed to a central test environment by a developer, scheduled for deployment to the integration environment by the build manager, and then formally promoted to acceptance and production by system administrators after successful testing. These various environments rarely look the same. While a production environment might consist of a clustered and load-balanced configuration with multiple servers running on Linux, your development environment may consist of a bunch of laptops all running a single integrated server on Windows.

Not only sizing, server versions, hardware specs, and OS specifics can vary between these environments, also security configuration. It could be that the production environment enforces SSL/TLS for all internal and external Web Service calls, only uses official certificates issued by a trusted CA, applies WS-Security based message encryption for outbound Web Service calls, uses WS-Security SAML Tokens for authentication, and an appliance for SSL offloading instead of the application server itself. Maybe in the integration environment self-signed certificates and WS-Security UserName Tokens are used, while the development environment enforces no security measures whatsoever.

One way to deal with environment-specific settings is to manually configure these settings while promoting software items from one environment to the other. Maybe this is manageable for a small and simple application, this approach will soon be error-prone and high-maintenance when the size of the application increases. This is especially the case in SOA systems, where there is a high(er) number of different software components involved. A different approach is to use scripting and automated builds in which settings can be configured per environment.

Oracle SOA Suite 11g uses so-called config(uration) plans for this purpose. Environment-specifics like Web Service endpoint locations invoked by an SCA composite can be extracted from the SCA composite and stored in an XML config plan per environment. So we could have a MyComposite_cfgplan_dev.xml that indicates the endpoint of MyWebService is located at http://localhost:7001/MyWebService, while the endpoint is configured as https://some-server:8011/external/MyWebService in the MyComposite_cfgplan_prod.xml config plan for the production environment.

Oracle Web Service Manager (OWSM) is used by Oracle SOA Suite to secure services, references, and components of an SCA composite. You can for example apply the out-of-the-box oracle/wss_username_token_client_policy enforcing a WSS UserName Token to be included in the invocation of an external Web Service. While there are numerous examples online that explain the use of config plans and other examples explaining design-time addition of OWSM policies using JDeveloper, there is less information on how to include and configure OWSM-specific settings in config plans for SOA Suite 11g.

Adding OWSM policies to an SCA composite at designtime in JDeveloper

Adding OWSM policies to an SCA composite at designtime in JDeveloper

OWSM policies can be applied and configured per reference, service, or component. When applying security to a reference and configuring it for a specific environment, the OWSM settings need to be placed as wsp:PolicyReference element between the attribute and property elements of the reference in the config plan. The wsp prefix refers to the http://schemas.oracle.com/ws/2006/01/policy namespace.

For example (snippet from a configuration plan):


<reference name="MyExternalService">
  <binding type="ws">
    <attribute name="location">
      <replace>http://server:8011/SomeService-1.3?wsdl</replace>
    </attribute>
    <wsp:PolicyReference 
      orawsp:category="security" 
      orawsp:status="disabled"    
      URI="oracle/wss_username_token_client_policy"/>
    <property name="csf-key">
      <replace>BPMS_USER</replace>
    </property>
  </binding>
</reference>


In the above example, the oracle/wss_username_token_client_policy is applied on the MyExternalService reference but disabled during deployment. It furthermore indicates that the credentials stored in the BPMS_USER key that is located on the server should be used in constructing the WS-Security UserName Token for the outbound SOAP call. While this may be an appropriate configuration for the test environment, for production you might want the policy to be enforced during deployment, perhaps use another policy that enforces SSL, and possibly use another CSF key. In order to do this, you can add these OWSM-specifics to the reference element in the configur plan for production.

For example (snippet from a configuration plan):

<reference name="MyExternalService">

  <binding type="ws">

    <attribute name="location">

      <replace>http://prodserver:8012/Service-1.3?wsdl</replace>

    </attribute>

    <wsp:PolicyReference 

      orawsp:category="security" 

      orawsp:status="enabled"    

      URI="oracle/wss_username_token_over_ssl_client_policy"/>

    <property name="csf-key">

      <replace>PROD_PROXY_USER</replace>

    </property>

  </binding>

</reference>

The User Experience of the Dutch Chamber of Commerce (KvK)

Almost everyone who owns a business in the Netherlands has to deal with the Dutch Chamber of Commerce, in Dutch the KvK (Kamer van Koophandel). The Dutch Chamber of Commerce manages the trade register. Its other tasks are to provide Dutch entrepreneurs with information and stimulate regional trade & industry. It targets its services at Dutch businesses across all sectors.

The Five Channels of the KvK
Every BV yearly pays the KvK a fixed amount of money. In return the Chamber gives you information and answers your questions regarding business matters by means of 5 channels:

1. Website
2. Call centre
3. Email
4. Fax
5. Post

The information and service given by all five channels determines the User Experience of the KvK.

The Experience of Defining an Annual Account
This year my BV, although sleeping, celebrated its 1st birthday. Therefore I had to fulfill al kind of legal obligations. One of them is the publication of the BV’s annual account. Now I myself am a User Experience consultant, and therefore I don’t know much about annual accounts.

OK, of course I could hire all kind of experts to help me, but come on… a sleeping BV… how difficult can it be? So with the help of a friend and some information (hard to read, in a difficult formal language) from the KvK site, I managed to formulate the account. But now what?

The Experience of Registering an Annual Account
I checked the 1st channel of the KvK, its website and tried to figure out how I could send my annual account to them. I found a FAQ: “How to register (deponeren) an annual account?” I would never have thought of the word ‘deponeren’ but this apparently was the information I needed.

Answer: “You can send it by post (6), by fax (5), by Email (4) or online (1) to your regional KvK.”

OK clear! That sounded good. Many options available! I clicked the link to find out contact information about my regional KvK. Then the confusion started. The website now first reveals different phone numbers, a visiting address and at the end of the page an E-mail address to send in a question or a complaint. The online-way was explained nowhere.

I tried the Email form, a waste of time because there is no possibility to attach a file. I saw no other option then to set up a call to the KvK. Therefore I first had to look up the telephone number of my regional KvK. I made the call, I passed a voice response system. The moment my call was answered by a receptionist, she transfered me to the KvK-expert. I finally could pop the question. The answer seemed simple, because in no time I received an odd Email address where I could send my annual account to. “No need for an addressee or a cover letter, just send the account to this address!”.

So I did. In half an hour I received an automatically generated Email from the KvK telling me that they received my mail and that my annual account will be published in due time. Great! Pfff I did it! The whole action took me an hour, a phone call and the help of some KvK employees.

Conclusion Regarding the Overall User Experience

• Online I couldn’t find what I needed to know; therefore I had to consult the phone-channel.
• The info on the website was not self-explanatory, the language too formal.
• The whole process took me too much time.

What about Channel Control?
Channels which involve people (visitor center, call center, mailroom) cost money and they don’t always offer the most suitable service. Employees are kept away from their actual work by customers asking for Email addresses.

When promoting channels, start with the most cost effective ones. But watch out for the pitfall: Make sure that this channel fulfills the needs of its users.

Leading customers to the most (cost) effective and suitable channel and making sure this channel fulfills their user needs, assures you of:

• happy customers
• happy employees who can do their actual work more efficiently
• cost reduction for your organization

Sharing models in BizAgi Studio Xpress

We have started to evaluate BizAgi Studio Xpress for a prototype we are building. The tool is easy to use for business analysts: they can download it themselves and just press ‘Next’ to install it on their machine. Really.

Next you start by modeling your process, define the data model and design the screens for human interaction. I will talk about the pros and cons of this approach in the next post. Today I want to talk about sharing the projects you create with Studio Xpress with other people.

BizAgi Studio Xpress stores the meta data (the process, the data and the screens) in a SQL Server database. If you get the enterprise edition you have more choices: you can use an Oracle database and application server platforms. Because I am working remotely on the prototype with our business partner Creetion, we needed to share the project we defined. This means we have to export the database and import it again at ‘the other side’.

The BizAgi website explains how to do this: you need to download SQL Server Management Studio. So far so good: I downloaded the SQL Server Management Studio and tried to install it. I have Windows7 installed on my laptop, and have (of course) administrator rights. However, when I run the msi, I get error-code 29506: “The installer has found an unexpected error while installing this package.” Apparently, you need system rights to install the application. The solution is to run the msi as an administrator. Bizagi has written in more detail how to accomplish this here.

Luckily a lot of people ran into this problem , so there is plenty of information about this topic . Once I installed it, I tried to run the SQL Server Management Studio to create a backup of my project. Again, I got an error because I need to run the application as an administrator. This drives me nuts in Windows7: I have defined myself as an administrator but still I need to run a lot of software ‘as an administrator’! The platform is nice to edit Office documents and to surf the net. But when you trying to use version control systems, databases or any other advanced tool, the OS gets in the way.

Creating the backup is not hard. Yo do have to make sure you put ‘.bak’ as an extension in the filename, the SQL Server Management Studio does not do this for you. When you restore the database, it won’t show up in the list if you didn’t add this extension.

I am not sure where to put the blame: with Microsoft for the lousy user permission and security scheme in Windows7 or with Microsoft for the lousy integration of SQL Server Management Studio with the Windows7 user permission and security scheme….. wait: I can blame Microsoft either way

But, we can now work remotely (but not at the same time) on the same database: everytime one of us updates the project, we create a backup and store this in our shared Dropbox folder.

A nice addition to BizAgi Studio Xpress would be an option to create the backup and restore directly from the Studio menu. I don’t mind installing database management software. But my colleagues, who are more business oriented, don’t appreciate this at all.

Highlights from the SOA Symposium

Tuesday October 5th and Wednesday October 6th, the third edition of the SOA & Cloud symposium took place in Berlin. The location was really nice: at Alexander Platz, close to the train station and with plenty of hotels in the vicinity of the conference center.

I presented the case study Service Orientation in the Dutch Government.But I also attended many interesting sessions and talked to interesting people.

Build schools not prisons

The session Deriving Agility from SOA and BPM – Ten Things That Separate the Winners from the Losers, by Manas Deb and Clemens Utschig-Utschig was a very pleasant suprise. Instead of using agility as a buzz word to justify SOA and BPM, they actually spent time to explain what they mean by an agile organization. They used the sense-and-respond model by Haeckel for this. Then they proceeded to explain the things that separate the winners from the losers, with clear examples that people could relate to. A solid presentation, with some nice one-liners for the twittering audience (my tweet “governance: build schools, not prisons” in the heading came from this presentation)

BPM: Top Seven Architectural Discussions in 2010, touched upon a number of interesting topics. A highlight for me: most of the ‘business beef’(value) in BPM projects comes from the task flow level, optimizing the human tasks. This ties in nicely with the Approach vision about the need for user experience in solutions

The last session I attended the first day was Open Source Process Execution. Unfortunately, only two delegates were attending: someone from ASR and me. The talk was really on Activiti, an open source project that looks very promising. Coincidently, I ran into again someone who was using that in a meeting today. So the stuff I learned was already useful the same week!

Look bored if you already know this

Ralph Schafermeier talked about corporate semantic web: Corporate Semantic Web – The Semantic Web Meets the Enterprise. He started with an introduction of semantic web, and announced that he would skip it if we looked bored. This introduction was good. The only bad thing was there were a couple of people in the room, they wanted every definition to be phrased ‘exactly right’. This took up valuable time. I guess this is to be expected from semantic web people, to discuss semantics . It distracted the attention from the real topic: application of this concept to BPM and CEP. Ralph showed a really interesting concept of adding semantic web annotations in BPMN models. This sounds to me as a very powerful concept that we will hear much more about in the future. If you want to check it out right now visit the Oryx site here. I did not look bored during this session, on the contrary!

BPM with REST, investigated if and how REST can be applied in an BPM engine. This is very interesting from a perspective of change management and creating more flexible interactions than with ‘traditional ‘ WSDL based integration. Solid speaker, solid presentation. Again an interesting research topic that will become applicable in the future. Maybe in case management this is a much better solution than in orchestration? I am still thinking about the concepts…

The last session I attended was Modern SOA Infrastructure and Open Source by Mark Little. This was not a very compelling story; personally I believe there are plenty of use cases where Open Source infrastructure is more than a viable option. However, the reasoning that was used in this presentation was full of circular logic: the definition of open is that the code is open source. Therefore Oracle can’t claim they are ‘open’. Or: “open source is built by real world developers”, as if closed sourced developers are not in the real world?!? This was I think a missed opportunity: it was based on prejudice and I doubt he convinced anybody who was not already convinced of the value of open source infrastructure.

All in all a great two days, and I even went home with a helicopter from the Oracle stand!

Random thoughts about Oracle OpenWorld, Oracle Develop and JavaOne 2010

Today was the last day of Oracle OpenWorld. It was the fifth time for me, so the amazing crowd that floods San Francisco doesn’t surprise me anymore. There was a big difference this time, though: it was the first time that JavaOne was part of the conference. I had visited JavaOne twice before. Both times the conference was in Moscone. For obvious reasons, this was not possible this time. Moscone is big, but not that big….

They moved JavaOne over to the Hilton, Park 55 hotel, and Nikko hotel where Oracle Develop also took place. Being in these hotel feels smaller and less ‘buzzing with energy’ compared to Moscone. It didn’t bother me, because I am used to it: they did this before with Oracle Develop. But for the JavaOne visitors, it was a step back. I attended a session about SOAP versus REST webservices. The session was very well attended, it was a repeat from the day before. The room was small and one of the presenters had to leave early because he had a plane to catch. I think that if this session would have been located at Moscone, it would probably have fitted all the people that wanted to attend on Wednesday. This would have improved the quality: the story became a little one-sided because the SOAP guy left..

The problem of finding sessions that you want to attend was even bigger this time than last year: adding JavaOne to the mix increased the amount of sessions you have to chose from to an incredible number. The schedulebuilder doesn’t help. In fact it seems to deteriorate evey year: I missed some sessions I would have liked to attend: for example the session by Mark Simpson on Governance. Some sessions ‘dispappeared’ from the schedule: for example the ADF session by Sten Vesterli.

Now let’s take a look at the bright side:

I loved meeting all the Oracle Ace Directors, Oracle Productmanagers and the people from Oracle Technology Network again. Meeting here every year really makes the community sustainable. You can do a lot of stuff online, but it really helps if you meet people in person once or twice a year. I even bumped into some Dutch people I hadn’t seen in a while. It feels like one big reunion all week long.

We had our first ‘official’ session of the new SOA BPM enterprise methodology group at the unconference sessions. We talked about best practices for using existing database logic in a SOA environment, and tips for communication with .NET services in your enterprise.

I attended interesting sessions (in random order, since this blog contains random thoughts):

• Dirk Staehler showed the methodology Opitz uses with Oracle BPA Suite for enterprise architecture, SOA and BPM.
• A nice overview of use cases for SOAP and use cases for REST webservices
• A demo showing the use of UCM, more specifically the imaging solution with the prebuilt integration with Oracle BPM for invoice processing
• The BPM CAB where I met with the people responsible for the integration between Oracle BPA Suite11g and Oracle SOA suite11g and Oracle BPM Suite11g.
• The partner council that was organized by Juergen Kress. Dave Shaffer was doing a great job getting the feedback from the partners and explaining the roadmap and other stuff that I can’t talk about

Of course, it was not all work: I had great breakfast, lunches, dinners and coffees with friends. I visited the Oakland museum to check out the awesome Pixar exposition and of course went to the appreciation event at Treasure Island!

All in all, the conference was a huge success for me and I am already looking forward to next year!