PIN entry is not a numbers game: The unpredictability factor in AusPayNet’s ‘Guidelines for Accessibility in PIN Entry on Touchscreen Terminals’

Categorized in: Archived Articles Posted on: Last updated on: Written by: Gisele Mesnage

On 3 December 2019, Coinciding with International Day of People with Disability, Australian Payments Network (AusPayNet), the self-regulatory body for Australian payments, released Guidelines for Accessibility in PIN Entry on Touchscreen Terminals, which can be viewed here.

The AusPayNet media release issued on this occasion proclaims the guidelines are designed to make it easier for people living with vision and/or motor impairments to make transactions on point-of-sale (POS) touchscreens.

This is an objective that has been on the radar of the Digital Gap Initiative (DGI) for over four years. So, what’s the verdict?

The AusPayNet guidelines fail to score on at least three key factors strongly identified by DGI and other disability advocacy groups who participated in the community consultations:

  • Consistency and predictability: ’Consistency’ is the number one factor for accessible and secure PIN entry. a standardised, predictable PIN entry method is critical.
  • Tactile keypad: a keypad with the raised dot on the number 5 key is still needed for PIN entry by many in the target community of people living with vision and/or motor impairments. A tactile option is necessary for people who are deaf blind.
  • Enforceability: Voluntary guidelines are not enough: accessible payment systems must be regulated and mandated in law.

The Expanding Universe of ‘Albert’

DGI has been steadfastly raising these factors since CommBank’s ‘Albert’ touchscreen POS device came to our attention in 2015.

More than four years on, despite CommBank’s efforts to evolve the Albert’s accessibility features (comparable to enhancements recommended in the AusPayNet guidelines), many people with disabilities and older persons still find it challenging to enter their PIN on its touchscreen terminal.

But what has made the ‘Albert’ challenge even more complex, is the fact that other touchscreen payment devices have since come onto the Australian market.

And while these competing devices may have onboard accessibility features, due to a lack of standardisation and regulations, they do not have a consistent PIN entry method.

So, when a customer fronts up to pay at a point-of-sale terminal, it’s a guessing game as to which method he or she will need to use to enter their PIN: “What payment device is this today?” “How is accessibility mode turned on for this device?“ “What gestures does this accessibility mode require me to use?” and so on.

Different Strokes

While tactile keypads on conventional POS terminals were not uniformly accessible, at a minimum most of these tactile keypads had a raised dot on the number 5. That little dot allowed customer to easily navigate around the numeric keypad and safely enter their PIN, using the same method on most machines. No special training or instructions or assistance were needed to enter the PIN.

But on touchscreens terminals, firstly different devices have different methods for turning on accessibility mode (if an accessibility mode is even available). Secondly, different gestures are used to enter the Pin in accessibility mode on the virtual keypad , depending on the different operating platforms or the method set by different suppliers. This unpredictability requires the user to be familiar with each different method and remember which to use on which device.

Imagine the difficulties this could cause for the customer faced with that situation, in a queue in a busy shop or café.

It multiplies the possibilities of errors, time out and card lock-out.

Such real experiences were shared by people living with vision and/or motor impairments who attended the AusPayNet consultations or responded to its survey.

PIN Entry is Not a Numbers Game

Of all the issues relating to accessibility of banking services, the issue of Pin entry on touchscreens POS terminals requires singular action. DGI welcomed the fact that AusPayNet singled out this issue for its own set of accessibility guidelines.

AusPayNet CEO Andy White said: “We’re grateful to the many stakeholders who helped us better understand the impact of the barriers and worked closely with us on how to overcome them”

The impact of the lack of consistency for PIN entry was vigorously raised by stakeholders during the AusPayNet consultations. Yet the guidelines fail to include firm measures to overcome this high-priority consistency barrier.

Private Versus Public

The AusPayNet media release also states that the guidelines are “a key step in efforts to ensure innovations in payments technology are accessible to the widest population.”

This is a worthy objective. However, accessible PIN entry cannot be viewed in the same scope as may be advantageous for driving accessibility in innovation more generally in the marketplace.

Here, what must be kept in mind when setting such objectives, is that there is a distinct difference between personal use devices, such as different models of smartphones, and public use devices, such as POS terminals.

Guidelines may be workable for personal use digital technologies , allowing innovations and competition, though even with such personal use products, legislative requirements for accessibility should be enacted. But for public use technologies, such as payment systems, self-service kiosks and so on, a regulated standardised approach is needed.

PIN entry is not a numbers game: an accessible solution should not be left to chance, to competition, or to voluntary guidelines.

And even if the guidelines led to a 100% voluntary uptake, without a specified, consistent method for accessible PIN entry , suppliers will create different accessibility solutions. Different accessibility solutions for public use facilities may in fact perpetuate accessibility barriers.

And the lack of requirement for a tactile keypad will still exclude those who find it difficult or impossible to interact with a touchscreen.

Pin entry is subject to privacy and security factors, and consumer obligations relating to PIN sharing. Yet, daily, customers who require accessibility features are having to share their PIN or forego their purchases if faced with using an inaccessible – or unfamiliar – payment device.

This real and pressing concern is simply not adequately addressed by the AusPayNet guidelines.

Time and time again, DGI has heard the argument that standards are not workable for digital technologies. Yet in 2018 the Payment Card Industry Security Standards Council issued a new PCI Security Standard for software-based PIN entry on commercial off-the-shelf devices such as smartphones and tablets. The PCI SSC is also referenced as the ‘PIN-on-glass’ security standard.

So why are standards for secure PIN entry being developed, but not for accessible PIN entry?

AusPayNet CEO, Andy White, said the guidelines “mark the start of collaborative work on enhancing accessibility and inclusion in payments”.

Viewed in that scope, DGI acknowledges the guidelines may be a starting point for further conversation with the payment industry sector on this question.

These are the first dedicated guidelines on accessible PIN entry on touchscreen POS terminals in the world. That’s a commendable effort and a step forward.

However, there was a disappointing missed opportunity here to respond to community concerns and act more decisively and proactively to concretise that collaborative work – and truly take the global lead on setting the agenda for Accessibility in PIN Entry on Touchscreen Terminals as we move into 2020.

Sum Up

The AusPayNet guidelines fail to score on at least three key factors:

  • Consistency and predictability: ’Consistency’ is the number one factor for accessible PIN entry. a standardised, predictable PIN entry method is critical.
  • Tactile keypad: a keypad with the raised dot on the number 5 key is still needed for PIN entry by many in the target community of people living with vision and/or motor impairments. A tactile option is necessary for people who are deaf blind.
  • Enforceability: Voluntary guidelines are not enough: accessible payment systems must be regulated and mandated in law.

Acknowledgment

I would like to note my most sincere thanks to Will Barlow, a student at Trinity Grammar School in my local area in Sydney, for sourcing the graphic that accompanies this post. At 6.45 am on the eve of the day DGI was due to launch its new website, I said to Will, “I want to write a post, but I’m stuck because I need a graphic”. Will offered to help me out. I briefed him on the topic of the post. By 7.35am that same morning, Will’s email was in my inbox, with links to four different graphics. Will had added image descriptions notes; copyright status notes; and notes on which graphic he suggested to choose and why. This was very helpful to me and freed my mind to write the post. Thank you Will: you made a difference. This is an example of ways people can assist us with DGI’s everyday work. We are all volunteers and we need your support. Please check our ‘Get Involved’ page and please contact us if you can help us out in any way.

81 thoughts on “PIN entry is not a numbers game: The unpredictability factor in AusPayNet’s ‘Guidelines for Accessibility in PIN Entry on Touchscreen Terminals’

  1. Pingback: costco cialis
  2. Pingback: online cialis
  3. Pingback: iras pharmacy oxycodone
  4. Pingback: pharmacy store design
  5. Pingback: buy sildenafil paypal
  6. Pingback: where to buy generic cialis
  7. Pingback: best price for tadalafil
  8. Pingback: buy cheap sildenafil online uk
  9. Pingback: medication costs
  10. Pingback: what is brand cialis
  11. Pingback: sildenafil tablets 100mg india
  12. Pingback: can i buy sildenafil online
  13. Pingback: sildenafil 20 mg tablets cost
  14. Pingback: buy sildenafil tablets online
  15. Pingback: sildenafil online purchase
  16. Pingback: buy sildenafil citrate 100mg
  17. Pingback: bluesky tadalafil
  18. Pingback: cheapest cialis
  19. Pingback: where to buy cialis
  20. Pingback: review of cialis
  21. Pingback: bactrim recall
  22. Pingback: apo-gabapentin 300
  23. Pingback: metronidazole klebsiella
  24. Pingback: nolvadex esperma
  25. Pingback: lyrica pregabalin capsules 50 mg 21 capusule
  26. Pingback: valacyclovir anhydrous
  27. Pingback: furosemide potassium
  28. Pingback: glibenclamide+metformin+pioglitazone brands
  29. Pingback: tamoxifen lisinopril
  30. Pingback: use of rybelsus
  31. Pingback: 1/2 life of rybelsus
  32. Pingback: where do you inject semaglutide
  33. Pingback: 911
  34. Pingback: link
  35. Pingback: list
  36. Pingback: fluoxetine 2.5 mg for cats
  37. Pingback: flagyl gebelik
  38. Pingback: a
  39. Pingback: what is the half life of lexapro
  40. Pingback: gabapentin dangers
  41. Pingback: how does duloxetine make you feel
  42. Pingback: cephalexin uses for humans
  43. Pingback: what are side effects of cymbalta
  44. Pingback: escitalopram and clonazepam together
  45. Pingback: cheap sildenafil citrate
  46. Pingback: spiraldynamics
  47. Pingback: Spiral Dynamics
  48. Pingback: ciprofloxacin and dexamethasone
  49. Pingback: cephalexin 500mg
  50. Pingback: side effects of bactrim ds 800 160
  51. Pingback: bactrim antibiotic
  52. Pingback: vxi.su
  53. Pingback: amoxicillin warnings
  54. Pingback: will flexeril show up on a drug test
  55. Pingback: vyvanse vs contrave
  56. Pingback: purpose of taking flomax
  57. Pingback: diclofenac sod ec 75 mg
  58. Pingback: ddavp hemorrhage
  59. Pingback: ezetimibe half life
  60. Pingback: cozaar for high blood pressure
  61. Pingback: diltiazem dosage for atrial fibrillation
  62. Pingback: what is depakote er 500mg used for
  63. Pingback: aripiprazole 10 mg tablet
  64. Pingback: allopurinol and gout
  65. Pingback: site
  66. Pingback: reddit ashwagandha
  67. Pingback: celecoxib capsules
  68. Pingback: robaxin dosage for humans
  69. Pingback: actos casuales
  70. Pingback: 0.5 semaglutide not working
  71. Pingback: does remeron help with anxiety
  72. Pingback: fungsi acarbose
  73. Pingback: highest dose of effexor
  74. Pingback: brand name for amitriptyline
  75. Pingback: repaglinide epocrates
  76. Pingback: combination of dutasteride and tamsulosin
  77. Pingback: contraindications of sitagliptin
  78. Pingback: 50 mg spironolactone acne reddit
  79. Pingback: how to taper off venlafaxine
  80. Pingback: ivermectin 3mg for lice
  81. Pingback: another name for tizanidine

Comments are closed.