Who’s NGI? Hanna Schraffenberger describes ‘IRMA made easy’ for identity management

Hanna Schraffenberger felt so passionately that a leading identity management app’s user experience could be improved, she applied for NGI support and made the app not only easier to use, but more widely adopted. Here’s how and why she went about creating IRMA made easy.

 What is this project about?

 IRMA made easy is a project about improving the usability, accessibility and overall user experience of the IRMA app. IRMA is a mobile app for identity management that resembles a digital wallet. In this wallet, users can collect personal information, such as their name, age and address. Users can obtain this information from trustworthy sources. For instance, the municipality of Nijmegen is currently issuing data from the Dutch Personal Records Database to all Dutch citizens. One can then use IRMA to selectively disclose one’s information to requesting parties. Users can, for instance, make themselves known to a website to log in or sign documents digitally. In the future, even more use cases will become possible. For example, at Radboud University, we are currently exploring IRMA in the context of email encryption and small-scale digital elections.

What motivated you to work on IRMA made easy?

The IRMA app was initially designed by computer scientists at Radboud University, with privacy as the guiding principle. This resulted in an app with great functionality that truly puts the user in control of their data. When I first learned about the IRMA app in 2017, I was impressed by the app’s conceptual strength and functionality. Two aspects really made me want to use IRMA: First, IRMA helps users to share only what is strictly necessary and nothing more. To play a particular game online, a user would, for instance, only prove that they are older than 16 and nothing else.

Second, the personal information that people collect in IRMA is exclusively stored on the user’s own phone – even the organization behind IRMA cannot see one’s data. When users decide to disclose their data, they send it directly from their phone to the requesting party. This sets IRMA apart from login methods like popular social networking logins, where big companies learn everything about when and where people log in.

As someone who cares deeply about privacy, I could not wait to use IRMA in my everyday life. However, as a user experience engineer, I also quickly noticed room for improvement in the usability domain. To be honest, I was pretty worried that the app’s user experience would limit its adoption. I was so intrigued by the challenge of making IRMA easier that I joined the Privacy by Design Foundation as a volunteer.

Since 2017, I have been working on improving the IRMA user experience. For quite a while, this happened in tiny little steps, in the evenings and weekends or during holidays. Then I learned about the NGI supports and decided to propose a project to take my efforts to the next level.

What problems did you address in the IRMA app with NGI support?

We thoroughly analysed the old IRMA app as part of our project’s first milestone and found many concrete usability issues. For instance, we saw that after the onboarding, people were left with an empty app. They then had to leave the app and visit a website to find out what information they could load into the app. Because of this, users easily could get lost or stuck with an empty app.

Also, when people were asked to disclose information, they did not have, there was no clear way to proceed and overcome this issue. But in the end, these were relatively minor issues. I think the biggest problem was the novelty! The concept of attribute-based authentication – the idea of revealing properties, such as one’s age – was entirely foreign for users and rather poorly communicated by the app. In its initial form, the IRMA app used quite a technical language, e.g., talking about “disclosing attributes”. Likewise, these so-called attributes (e.g., a user’s name and age) were visualized in quite an abstract manner. This made it difficult for users to understand what IRMA is and what it can do.

How does the new IRMA app solve this issue?

The app’s concept is now communicated using the metaphor of a wallet filled with cards containing personal information. This idea is known to people from the real world and helps users form a mental model of the app. The wallet-idea was shared and developed in an open-source manner by the municipality of Amsterdam. In this regard, the timing of our project was very fortunate. Around the start of our project, it turned out that the municipality of Amsterdam was busy designing an ideal identity management app. As part of this effort, they had developed the wallet concept. We noticed that their design and concept fitted the existing IRMA technology perfectly and solved many of the identified usability issues. Luckily, we could adapt our project and join forces. Much of the IRMA made easy project has focused on implementing this wallet-idea and on keeping the resulting app accessible.

Can you tell us a bit more about the process and the team involved?

We divided the project into four phases. In the first phase of the project, we identified potential issues of the old app and possible directions for improvements. In addition to inspecting the IRMA app, we also focused on improving IRMA’s web presence and on making the documentation more accessible. In this first phase, the team consisted of a behavioural scientist, a programmer and me as the project lead and UX engineer.

In the next project phase, the IRMA made an easy team focused more on implementing the wallet concept, focusing on accessibility and usability. Here, we worked closely together with the Privacy by Design Foundation and the team from Amsterdam who had proposed the wallet-idea. The collaboration resulted in a beta version of the new IRMA app and, ultimately, an official release.

NGI Zero also provided us with the opportunity to have the app evaluated by both the Radically Open Security team and the Accessibility Foundation. So in the third project phase, we took the identified issues to heart and focussed on addressing identified security and accessibility problems. For this, we called in the help of two additional developers. At the same time, we continued collaborating with the Privacy by Design Foundation. Several recent app updates include accessibility fixes by the IRMA-made easy team! In the fourth and final project phase, we focused on ensuring that the IRMA community could continue with making IRMA easy, accessible and user-friendly – also after the completion of this project. For this, we also organized a UX roadmap meeting with all interested stakeholders. Concerning the meeting, two students from Radboud University took the lead. They also got a lot of support from the growing IRMA community.

We are currently in the process of wrapping everything up and completing the last milestones. We hope to publish, among other things, a UX roadmap with some suggestions about how to continue.

Even though Corona sometimes made it a bit challenging to collaborate and work together, everything worked out well. It was incredible to see how much the general IRMA community has contributed and helped. For instance, usability suggestions (including designs) have been made regularly by community members on Slack. I think the digital bond among IRMA contributors became even stronger in the last year.

How will you continue your project after the NGI support?

Even though this project is about to be finished, I hope to contribute in the future as a volunteer. One UX challenge that particularly intrigues me is how IRMA can encourage users to think carefully about the data-sharing requests they face. In my opinion, users should not share sensitive data, like their social security number, carelessly.

IRMA should help users to make such decisions deliberately and support them in deciding whether the request for such data is justified. We, for instance, could add some friction to the process to slow people down and nudge them to think about their data-sharing decisions. But we also do not want to make the experience annoying or unpleasant. Hence, we need to find a balance between designing a smooth and intuitive experience on the one hand and helping people to stop and think about their actions on the other hand. I certainly want to help to get this balance right.

What was your NGI experience?

The NGI project came with financial support but also had many other perks. For me, the financial support meant that I could work on this project during official working hours, rather than solely in the evenings and weekends. Working with a project team meant that we could get a lot of work done.

However, equally valuable were the free security audit from Radically Open Security and the accessibility audit from the Accessibility foundation. As our project focuses on making a secure and privacy-friendly tool more accessible and easier to use, these two audits fitted our goals perfectly. Their finding helped us look at IRMA with fresh eyes. In the end, the financial support and the audits both helped us make IRMA easy! The best thing is that the support has not just helped the IRMA made easy team. In the end, every single IRMA user benefits from the many improvements that were made!

For more information:

IRMA made easy project: https://nlnet.nl/project/IRMA-made-easy/

Project blog: https://irma.cs.ru.nl