maanantai 29. syyskuuta 2014

Making Networking Easier for Users

One of my pet peeves is how hard it is to connect to various networks. I am on a trip today, and my first stop was at the Helsinki-Vantaa airport. A modern airport that prides itself on efficiency and good infrastructure. Their Wi-Fi has worked very well for me. I came to the airport, launched my browser, and confirmed my connection to the network with one click. The network is fast, has no time limits, and is available everywhere within premises. (It would probably work even in the newly opened airport sauna, if my tablet could take the heat and humidity.)

And, having travelled a lot in recent years, this network really is one of the best airport Wi-Fi networks in the world. So all is well, right?


Many people, me included, have data subscriptions on their devices. This allows cellular networks to be used when no Wi-Fi is available. So I can get Skype messages, send photos, and do anything I like everywhere, or at least within my home country. There is only one place in Finland where my smartphone stops working: the Helsinki-Vantaa airport. The device sees the Wi-Fi, connects, and stops, waiting for the user to make that one click.

Of course, if I need to use the Internet I will notice all this and make that one click. However, I believe we are increasingly in an always-connected world, and information flows when it needs to. I do not want my devices to stop, I want them to keep on working. Even that one click is too much. And it is unclear what value that click brings anyone, me or the airport.

But the Helsinki-Vantaa network is one of the best. My next stop was a large hub airport in northern Europe. I checked if there was local Wi-Fi, and there was. My browser told me that I could use either the free or the paid network. I decided to try the free one first. A screen comes up that requires me to register. But the amount of information that they ask is... at least tiresome, if not privacy insensitive. The e-mail address and password I can understand. Maybe the phone number, because some airport networks send a password over on SMS. But I also had to fill in birth date and country. Why?

But this was just the start of my failed attempt to use the network. I got an error message that my chosen e-mail or password was invalid - without any explanation of why they were invalid. I guessed that perhaps I had entered an e-mail address that I had used on my previous visit, and entered another one. Not wanting to fill all information for the second time, I used the browser back button to get to the registration page. Big mistake! After changing my information and pressing register, I got an error.  I should have started again from the beginning.

I gave up and decided to try the paid network instead. I clicked on the payment page, but had to stop for a few minutes to walk to my gate. At the gate, I entered the required information. Including my mother's maiden name. Why? Having fulfilled all information, I later realised that my walk had made it impossible to complete the transaction, whether or not I was revealing all my personal information. I got a "your session is no longer valid" error message.

I could go on, but you get the point. The problems with these networks are very wide spread, and in my opinion, unnecessary. Earlier this summer I was waiting for my delayed flight at a major North American airport, and had trouble getting more than a few packets exchanged via their local network. Not enough to download any e-mails, for instance. Later a friend posted a picture of what his wireless network analyser showed at that airport: all the airport's access points were on the same three channels, making the radio environment in practice unusable.

Couple of years ago we had a large meeting in a hotel in Paris, and our network engineers ended up redesigning the hotel network to work much better, in a situation that was similar to what we saw at the above airport.

You might argue that I am talking about a first world problem. Travel. Airports. Hotels. But take the airport Wi-Fi situation as just one example of a more general problem. We all use networks, in developed and developing world. And many of those networks are often in shopping malls, coffee shops, and bus stations. We need to improve their usability.

The smartphone revolution that we have seen last couple of years was initiated largely thanks to the new, easier to use touchscreen phones and operating systems. Perhaps we need a similar revolution in wireless networking. And I think we have had a lot of the technology around but now it is time to put it into use. Examples of this include Hotspot 2.0, 802.11u, EAP, and various network connectivity checkers in our devices. (I worked on EAP at the IETF over ten years ago, but it is only now that it is getting more widespread adoption. A long time!)

And this problem is not limited to Wi-Fi. Again that is just an example. I also have a lot of experience of trying to acquire SIM cards in various places. I've had great experience in some countries and with some operators. Others struggle in providing a service. Some operators sell SIM cards and the needed data allowance package in different shops. Why? And the top-up process can be difficult. An operator in Europe requires a local phone number for the process to complete. Not particularly useful for tourists, is it? An Asia-Pacific operator uses a web-page process that only works on some browsers, not all. Many countries require proof of identity before you can use a network. Perhaps I can understand that, but it does not stop there. I was once asked for a formal proof of my address within the country. How can I produce such a proof, when staying at a hotel?

Here are my guidelines for providing an effective Internet access product:
  • If you want to provide an open network, make it truly open.
  • If your network is for subscribers, employ an automatic authentication mechanism that does not require the user to perform a web login.
  • If you charge for the use of the network, make it easy to provide the credit card information
  • If you sell cellular access, make the right size SIM cards available to everyone easily.  Do not force users to go through extra steps to "enable" the SIM card. You sold it, it can be enabled automatically.
  • Any web-based purchase, top-up, or login process needs to be tested with all browsers and in different conditions.
  • Do not collect information that you do not need.
  • Radio networks need to be tested and configured properly.

In short, people want your service. Make it easy to buy and use it!

Jari Arkko

Photo credits (c) Jari Arkko and Joe Abley

3 kommenttia:

  1. Closed portals are problematic not only because they break applications silently (especially if you have UMTS or LTE data subscription), and sometimes corrupt HTTP downloads, but increasingly also because they break the SSL trust model.

    Still, the problem remains for the operator of the network that:
    1) it might want you to agree to some terms of service,
    2) it might be legally required to have you register by name (e.g. in mainlaind China).
    And I won't even mention commercial aspects.

    How do you get users to provide that data without a closed portal, or out-of-band mean?

  2. Rémi - I agree. If you have a legal requirement, you have a legal requirement. You can serve your subscribers directly, e.g., via EAP authentication. Others you have to catch via web login screen. However, I see a lot of cases where there is no legal requirement. And cases where the portals ask for lots of other things beyond legal requirements, and as far as I can tell, beyond what is even business-wise useful for them.

  3. In the vast majority of cases, the requirement to agree to some terms of service is bogus. Can the legal folks imposing those requirements point to any examples where agreement to WiFi terms of service has made any difference? I doubt that they can, and it just spoils the experience, sometimes to the point of unusability (as Jari had found).

    I'm really surprised to hear all that personal information is required in Europe. I would expect that in the US, but I thought that in Europe you weren't supposed to be able to trade your privacy for some commercial benefit. There is no justification for collecting mother's maiden name.

    If there is some real justification for agreement to terms of use (even though I don't think there is), perhaps what we need is a uniform ToU that we agree to once and then our equipment asserts that for us when we connect. It would be a better experience and more meaningful than all the blind clicking of "I agree" buttons that goes on.