HSBC - A Lesson in Awful User Interface Design and Terrible Project Management

I made the decision in December to switch banks. The process is surprisingly painless and only takes 7 days, as a reward banks normally throw in a bonus of around £150 for joining them - which is great, it's literally money for nothing, and we all know that never happens in day to day life. So I joined HSBC and this is where the good news ends.

What followed is a superb, real world example of the things we teach about project management disasters, poor software development and security in GCSE and especially A Level CS every year. What unfolded in front of me was a story of total and utter abandonment of common sense, core software development principles and one of the most frustrating and mind boggling experiences of my life.

The HSBC banking app for IOS is, quite simply, one of the most appalling pieces of software to ever grace a phone screen. How it ever made it out of internal testing, let alone into public use and general release is beyond me. A bank the size of HSBC (worth £147 billion as of 08/02/2018) has the resources to create a truly wonderful, seamless user experience. Instead it decided to create:

• Needless complexity in the name of "security"
• Truly horrifying user interface design
• and my very favourite - absolutely no features of any use whatsoever.

I shan't go into their full website, but that too is an eye opening tour of hideous design fails. I'll leave that with just one example which illustrates it's failures perfectly - if you want to send a message to the bank, you can, but only if it is less than 2900 characters, which is approximately 350 words (a seemingly arbitrary limit) and if you use an exclamation then... that's it! You can't send it. Incredible.

Old does not equal "needs replacing...."

Rule 1 - Have a reason to change

So, during a phone call with the bank, they told me the reason the app was so poor is because it's new. Apparently, and please make sure you're sitting down for this, it is better and has more features than their old app.

Wow.

I can only begin to imagine the horrors HSBC customers must've put up with before their latest revelation was released upon the poor, unsuspecting public. I can also conclude that their previous app must have had a feature count of 1. That's not a typo. 

Computing history teaches us the following things:

• No system is ever perfect, devoid of bugs and feature rich to the point of being "complete"
• When it comes to banking, safety critical and similar systems where failure would be catastrophic, then once a system works you leave it alone save for maintenance. 
• When a system works, and works well, you do not replace it without very, very good reason and a robust understanding of the benefits of making a new system and the potential issues that the new system itself may cause
• Finally, if you do have a genuine need to make new software then it has to be better than the system you plan to replace. This is the essential bit here...

You, I and your parents have also made many individuals very, very rich in the name of improvement through software development. Do I need to go any further than the £20 billion wasted on "digitising" the NHS only for precisely nothing to be actually developed of any use. Seriously, I could not even begin to explain where £20 billion gets spent on a project like that, even taking into account some incredible nights out, special dinners and amazing holidays for all involved, you'd still have change from £1 billion.

It makes the £300 million that Nationwide spent updating their IT systems seem like a bargain - and they were very brave in fairness, considering the consequences of even the smallest error.

This is why, believe it or not, much of the infrastructure we rely on day to day and indeed wouldn't even think about, runs on software that was developed in the 1970's and 80's - you know, a time when computers were delivered on the back of several lorries and needed you to knock a few walls down and phone the electricity provider to come and fit new cables to your building to make them work.

Want to fire a nuclear missile from the USA? Then you'll need an 8 inch floppy disk and some 1960's mainframe skills (link)

What about landing a plane at a small Parisian airport? Put your life in the hands of Windows 3.1! (link)

And on it goes - why did several banks stop working last year when people tried to use their cards? All down to IT system failures, and likely due to the fact that the code they rely on is literally older than you and me put together.

Trust me, even the US government isn't stupid enough to risk the lives of millions at the hands of a dodgy computer system - 1960's it may be, but it works, is robust as coffin nails and has been designed quite literally to withstand a war happening. It isn't going to break, it doesn't need replacing because its old.

So you need a good reason to change and, if HSBC are to be believed and their old app was genuinely that awful then they'd got over the first hurdle - a genuine need to change. On to the next phase!​

"We've concluded this app is awful!"
"What shall we replace it with?"
"Something even worse! Inexplicably we shall also represent our global business with a picture of a small boy about to jump off a pier into the sea."
"Fiendish genius."

Rule 2 - Conduct a decent analysis and know where you're going

It seems so obvious, doesn't it? Before you potentially spend millions, you should probably stop and think about:

• What was wrong
• What you're going to improve
• How you'll do it.

The idea here is that you arrive at a point where you have an absolutely robust, cast iron set of objectives that become absolute gospel throughout the project. This is the list of things you must deliver, these are the deal breakers, the principles by which you work.

When projects wander from these tight, clear, focused objectives then you get failure. How much failure depends how poor your objectives were in the first place and then how poor your project management is. But failure you will get.

In the case of HSBC I can only imagine the conversation went something like this:

"What do we want the new app to do?"
"Well... banking, innit?"
"What do people do with their bank?"
"Look at their money."
"'Look at money' I'll add it to the list. Anything else?"
"Nah. That's it."
"Shall we jazz it up with some of those terrible pictures you see with awful motivational captions underneath?"
"It's a winner, it's like a professional meme."
"Pub?"
"Yeah, go on."

​Nothing else could explain what followed.

Page 1, paragraph 1, sentence 1 of the book of design "Make it consistent."
They had one job...

Rule 3 - Conduct usability and User Interface testing

Let's not jump the gun, before we even get to use the app there are hurdles to jump, challenges to overcome, stamps to be licked and eyes to be washed after being forced to look at this abomination.

This is the process you go through to use their app for the first time:

1. Open the app, be confronted by boy jumping in the sea for some inexplicable reason.
2. Click sign up
3. Enter your telephone banking number (does anyone telephone bank any more??) which you have waited for to come through the post - remember that, you've already waited over a week to just get to this point.
4. Create a user name
5. Password
6. Verify you're who you say you are via an email, click the link, continue
7. Type in a code sent by text to verify your phone number
8. Then.... get this.... wait for yet another code to arrive by post. I'm surprised they don't offer a telegram service just to be doubly sure.

So that's you done for another week. You've gone through all that to then find out you can't actually use it. Ingenious. 

What's wrong with this?

• Double postal verification - you've already had one secret code from them, one more does not add any more security, you've already proven you're in receipt of the post by having the first code
• Three separate methods of verification for various means
• Just layer after layer of needless complexity in the name of security.

Don't get me wrong, security is very important, but overbearing security is worse than seemingly more lax security. It puts people off, provides more avenues for users to become confused or go wrong and ultimately leaves the user having a genuinely poor experience. You jump through less hoops to get a passport. 

I've been with many, many banks and this is by far the most absurd set up I've ever been through. I've since switched to another bank and managed to get set up on their app in 5 minutes without once having to wait for the post to arrive. Every bank has a vested interest in fraud prevention and security. Every other bank has proven you can achieve this without users handing over their very soul.

The irony is, if someone did manage to set up as me on this app... they wouldn't be able to do any damage because it doesn't let you do anything anyway! Security through obscurity...

Is that... a banner ad?! In a mobile banking app??

The river of terrible keeps flowing.

Once you're in, after verifying yourself for the 3rd or 4th time, just to be sure, you get the wonderful log in screen above. Believe it or not, this is an improved version released a few days ago and it's still awful.

First, if you feel the need to star out information for privacy on the home screen for "security" reasons... Don't put it there in the first place! To contrast, here is the log in screen for Natwest:

Spot the difference:

• No personal details - there is no need to show them, let alone star them out
• Clear, clean, consistent design with no unnecessary information, images or text.
• Professional look and feel right from the off. Only show what is absolutely necessary for the function of each screen.

They read the design book didn't they?

HSBC just keep giving the gift of awful, because if you cast your eye down the screen you see what looks like, smells like and is effectively a... banner advert? 

My eyes nearly fell out of my head the first time I spotted this. What possible need or reason can there be for a link to the Financial Services Compensation Scheme on the home page of a banking app? It's utterly, utterly bizarre and just paints a picture of an app that is poorly thought out, poorly designed and doesn't fill you with a feeling of trust. Would you advertise so boldly that you'll probably need some financial compensation at some point?

​Ominous isn't it...

Rule 4 - Did I mention testing?

"Have you tested the new app?"
"Yeah it's perfect!! The titles are almost off the top of the screen and the log off button is so close to the notifications area that it doesn't respond!"
"You, my boy, are heading for a promotion!!"

So we get into the app. Finally.

Things continue to fall apart. 

On Iphone X, the interface doesn't take into account that there is a notch at the top of the screen. Consequently, titles quite literally fall off the top of the screen and the log off button is placed so close to other features in the notification area that it quite often doesn't respond to touch.

How long would that take to test? How much money do banks and their developers have? The answer is enough to buy several of every phone on the market today and about 10 minutes of testing. Worse, is that you don't even need to spend £1000 to test your app on an Iphone X. You need to click "build" in XCode and it'll show you on screen what it'll look like.

This means one thing, one thing that occurs again and again throughout this sorry tale:

• The developers of this app, and HSBC, are completely aware of all of these faults and quite simply.... don't care. Not one bit! If you release an app this bad, you know it's bad. You also know you couldn't be bothered to fix those problems because you think.... its ok for customers to use a total and utter garbage application!

Nice!

"Contact" - The irony is wonderful, you can't actually contact them in the app. You wouldn't know if they'd contacted you either, no notifications!

What about down here? Any notifications of messages? Don't be silly!!

One final kick in the teeth is the contact section of the app. If the bank respond to you (this is after you've logged into the full site, navigated the awful there, then formatted your message to fit in 22 words or less, removed punctuation, done a very special dance, done the Mr Tumble magic and off it goes) then you wouldn't know.

There are precisely zero notifications in the app, no notice of new messages, not even a change of the icon to indicate new mail. Nothing.

This is why for a week I didn't realise they'd sent me a message. Why would I? Even when you press the contact icon and are taken to the "inbox" there is still no method of indicating new messages. It would literally have taken 5 lines of code to put a number next to the icon or word "inbox."

But my favourite bit, for a contact section of an app, is once you realise you have a message, then want to reply to it, you..... can't!

Off to the website again with you! Another usability win and clearly a "feature" too far.

Rule 5 - Review, evaluate, make sure you've actually met your objectives

So the app passed the design stage and the developers would've brought along their work for HSBC to try out and, seemingly, they all sat around nodding approvingly and released it.

It's at this point, the last chance to save planet earth before it's recycled, the bit in the life cycle where you can still right the wrongs, that they just went "yeah... that'll do. Send it out."

What should have happened is large amounts of hysterical laughter as they picked up the phone to their legal department to begin legal proceedings for breach of contract at the sight of such a woeful app.

This is where my favourite part of my phone conversation with them comes in:
"The banking app is totally free of features I'd expect in a modern banking app and are provided by every other provider I can think of."
"Mr Davidson, we developed the new app because the old one didn't meet the needs of our customers!"
"And the new one does?!"
"Yes, it's already got more features!"
"Tell me, exactly which single feature did the old app have that wasn't meeting peoples needs, because I cannot find a single, useful feature anywhere."
"We've added a feature where you can report a lost or stolen card."

"A feature" according to HSBC. Blink and you'd miss it!
Notice the hilarious use of "more" as if there had been lots preceding this screen...

"that's... a feature? A useful feature? One I'd use every day? What exactly are the priorities in developing this app?"
"Oh there's lots of features planned for the future!"
"Like what?"
"I can't tell you."
"Can't or don't know?"
"Well, there's lots of things coming, we just don't know when..."

In any sane organisation, at this point, someone would make the glaringly obvious decision:

"We cannot release this. It's not ready."

Because... no improvement is better than woeful attempts at improvement.

Rule 6 - This is 2018, there are no excuses

The fact is that 11 years after the release of the first capable smart phone, there are no excuses any more. Companies literally live and die by the quality of their applications.

Mobile is the way people work now, more and more we conduct our affairs solely through a phone and if it can't be done, then we either don't do it or move to a service that can. We have over a decade of experience, the bad mistakes have been made and everyone knows what users expect apps to look and feel like and exactly how we expect them to work.

Microsoft spent millions in the 1990's conducting experiments into user interface design, finding out how to get novice users to make the least mistakes and be the most productive with the least barriers to progression or work. The result was Windows 95, one of the biggest leaps in OS usability until IOS came along in 2007. We have learned - usability is not a new field, interface design is a trail well blazed by many thousands of applications.

If HSBC were a start up company today, they'd be dead in the water.

I've been humbled by the whole experience - the fact that this type of experience is happening today, that it is even possible for it to still happen really blew my mind. Worse, I learned a valuable lesson:

Never, ever assume that software is actually good before you've used it. Especially if you plan to move your banking to an organisation that seem to believe you don't deserve to use an application which provides you the ability to actually do some, er... banking?

​Crazy.