16 April, 2009

Incorrect PIN

I had been to one of the State Bank of India ATMs in Bangalore to withdraw some money. I keyed in an incorrect PIN out of curiousity to check what happens. Alas! It displayed the Select Transaction page with options like Balance Enquiry, Deposit, Withdrawal etc. Was I logged in successfully with an incorrect PIN? Not really. When I randomly selected the Withdrawal option, the ATM prompted a message that I had entered an incorrect PIN and expected me to enter correct PIN to proceed with my transactions. Why did the software wait for me to select a transaction and then prompt me that the PIN was incorrect. Isn't this a serious usability issue? Isn't the end user(in this case, me) tricked that he/she is already logged into the system.

In the above scenario, ideally if the PIN was incorrect, an error message should have been displayed almost immediately after the validation instead of displaying the Transaction page, letting the user select any transaction and then prompt the message.

Next time you key in an incorrect PIN at an ATM, watch out!

Happy Testing,
Pari - http://curioustester.blogspot.com


  1. I wondered about this long back when I started to use those ATM machines and it looks to me that there are people who would agree to me.

    Good you blogged about it.

  2. Hmmm, interesting :-) You will see many usability issues in these ATM m/cs..

    Well, i take it in a different way and analyze this.
    - May be they don't want to validate each step as it leads to poor performance issue (No database hit @ each step increases performance)
    Thought behind this may be like, People using their card will be knowing and entering the correct PIN. If not then, again go back and restart the procedure :-) May be 2/10 might enter wrong PIN, so still we are good here and increasing the performance(they might have studied and tested it or it's their assumption, we exactly don't know the context. We still don't know that, it's a known issue or missed defect.)
    - It also avoid people waiting outside for long time and making stupid faces when we take a bit longer time in the ATM :-)

    I will tell you one example. In one of our application, we had many fields to be validated in a page and that application was used by internal users and they use to work on it regularly. As the design was to validate each field immediately after u enter the value and navigate to the next field, it irritated regular users to wait after entering each value. They even told they don't even want confirmation message after each validation as it takes another hit to click on 'OK' button, because they enter valid values only and very few times
    invalid values unknowingly/ by mistake.

    So we suggested developers and gave this idea of better usability to clients
    - not to validate each field immidiately after entering the value and navigating to the next field. Better we validate pagewise ie validate all the fields in a page at a time and display a valid error message or a confirmation message. Now clients were very happy to click on a single 'OK' button and proceed accordingly.
    Isn't this idea a simple one? Believe me, it is and it worked in that context.

    So until and unless we know the thought behind the design or release notes(may or may not be a known issue), it's really a bit weird to declare it as a defect or an usability issue. Here, i am not trying to prove you right/wrong nor even i am trying to say i am right. I am just analyzing things with different angles, that's it. So no hard feelings :-)

    Believe me you will see many more usability issues in these ATM m/c's when you try with diff types of cards and diff banks. Even you don't give much attention, those defects will dance infront of you to take a look at them :-)


  3. Hmm..Last month, to my blind attack - i forgot all my passwords and pins.. I tried one atm card - but it went as same, It didnt give an error message until i wrote the money in withdrawl and select proceed.

    And also i learnt from my friends, if we enter more than 3 times - the card will automatically go inside.