gnunet-svn
[Top][All Lists]
Advanced

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[taler-docs] branch master updated: expand Anastasis UI document


From: gnunet
Subject: [taler-docs] branch master updated: expand Anastasis UI document
Date: Fri, 16 Apr 2021 13:19:43 +0200

This is an automated email from the git hooks/post-receive script.

grothoff pushed a commit to branch master
in repository docs.

The following commit(s) were added to refs/heads/master by this push:
     new 2acbc5f  expand Anastasis UI document
2acbc5f is described below

commit 2acbc5fa16efecfe0f7136be8d877f03baf0384e
Author: Christian Grothoff <christian@grothoff.org>
AuthorDate: Fri Apr 16 13:19:41 2021 +0200

    expand Anastasis UI document
---
 design-documents/006-anastasis-ux.rst | 246 +++++++++++++++++++++++++---------
 1 file changed, 180 insertions(+), 66 deletions(-)

diff --git a/design-documents/006-anastasis-ux.rst 
b/design-documents/006-anastasis-ux.rst
index 37444aa..17839bd 100644
--- a/design-documents/006-anastasis-ux.rst
+++ b/design-documents/006-anastasis-ux.rst
@@ -78,13 +78,12 @@ Setup Steps
 Entry point: Settings
 ---------------------
 
-The app settings should have a section for Anastasis
-using a different more universally understood name
-like Wallet Recovery.
+The app settings should have a section for Anastasis using a different more
+universally understood name like Wallet Recovery.
 
-The section should have an option to setup Anastasis initially.
-This option should be disabled as long as no backup has been set up.
-The section could maybe be integrated into the backup settings.
+The section should have an option to setup Anastasis initially.  This option
+should be disabled as long as no backup has been set up.  The section could
+maybe be integrated into the backup settings.
 
 .. image:: 
https://git.taler.net/anastasis.git/plain/doc/wireframe/png-export/menu.png
   :width: 800
@@ -96,53 +95,46 @@ The section could maybe be integrated into the backup 
settings.
 Providing Identification
 ------------------------
 
-Instead of a forgettable freely chosen user name,
-Anastasis collects various static information from the user
-to generate a unique user identifier from that.
-Examples for such identifier would be a concatenation
-of the full name of the user and their social security or passport number(s).
-
-The information that can reasonably used here various from cultural context 
and jurisdiction.
-Therefore, one idea is to start by asking for continent
-and then the country of primary legal residence,
-and then continue from there with country-specific attributes
-(and also offer a stateless person option).
-
-Special care should be taken to avoid that information can later be provided 
ambiguously
-thus changing the user identifier and not being able to restore the user's 
data.
-This can be typographic issues like someone providing "Seestr."
-and later "Seestrasse" or "Seestra├če" or "seestrasse".
-But it can also be simple typos that we can only prevent in some instances
-like when checking checksums in passport numbers.
-
-The user should be made aware that this data will not leave the app
-and that it is only used to compute a unique identifier that can not be 
forgotten.
-
-If possible, we should guide the user in the country selection
-by accessing permission-less information such as the currently set 
language/locale
-and the country of the SIM card.
-But nothing invasive like the actual GPS location.
+Instead of a forgettable freely chosen user name, Anastasis collects various
+static information from the user to generate a unique user identifier from
+that.  Examples for such identifier would be a concatenation of the full name
+of the user and their social security or passport number(s).
+
+The information that can reasonably used here various from cultural context
+and jurisdiction.  Therefore, one idea is to start by asking for continent and
+then the country of primary legal residence, and then continue from there with
+country-specific attributes (and also offer a stateless person option).
+
+Special care should be taken to avoid that information can later be provided
+ambiguously thus changing the user identifier and not being able to restore
+the user's data.  This can be typographic issues like someone providing
+"Seestr."  and later "Seestrasse" or "Seestra├če" or "seestrasse".  But it can
+also be simple typos that we can only prevent in some instances like when
+checking checksums in passport numbers.
+
+The user should be made aware that this data will not leave the app and that
+it is only used to compute a unique identifier that can not be forgotten.
+
+If possible, we should guide the user in the country selection by accessing
+permission-less information such as the currently set language/locale and the
+country of the SIM card.  But nothing invasive like the actual GPS location.
 
 .. image:: 
https://git.taler.net/anastasis.git/plain/doc/wireframe/png-export/userid.png
   :width: 800
 
-Select Authentication Methods
------------------------------
+Add Authentication Methods
+--------------------------
 
-After creating a unique identifier,
-the user can chose one or more :ref:`anastasis-auth-methods`
-supported by Anastasis.
+After creating a unique identifier, the user can chose one or more
+:ref:`anastasis-auth-methods` supported by Anastasis.
 
-Ideally when selecting a method,
-the user is already asked to provide the information
-required for the recovery with that method.
-For example, a photo of themselves, their phone number or mailing address.
+When selecting a method, the user is already asked to provide the information
+required for the recovery with that method.  For example, a photo of
+themselves, their phone number or mailing address.
 
-Using Anastatis providers usually isn't free.
-From here on, the UI should show estimated recurring costs (yearly)
-and the cost of recovery.
-Both costs should get updated with each user action affecting those costs
-such as selecting more authentication methods.
+The user interface validates that the inputs are well-formed, and refuses
+inputs that are clearly invalid. Where possible, it pre-fills the fields with
+sane values (phone number, e-mail addresses, country of residence).
 
 .. image:: 
https://git.taler.net/anastasis.git/plain/doc/wireframe/png-export/truth.png
   :width: 800
@@ -155,15 +147,10 @@ such as selecting more authentication methods.
 Confirm/Change Service Providers
 --------------------------------
 
-Taler should propose a mapping of authentication methods to providers
-by minimizing cost (tricky: sign-up vs. recovery costs)
-and distributing the selected authentication methods across as many providers 
as possible.
-
-The user should be able to change the proposed default selection
-and add more than one provider to each chosen method.
-
-It should also be possible to add providers
-that are not included in the default list provided by the wallet.
+From the dialog where the user is adding authentication methods, the user can
+optionally jump to a side-action with list of available providers (and their
+status) and possibly add additional providers that are not included in the
+default list provided by the wallet.
 
 .. image:: 
https://git.taler.net/anastasis.git/plain/doc/wireframe/png-export/policy.png
   :width: 800
@@ -172,26 +159,36 @@ that are not included in the default list provided by the 
wallet.
 .. image:: 
https://git.taler.net/anastasis.git/plain/doc/wireframe/png-export/addpolicymethod.png
   :width: 800
 
+
 Defining Recovery Options
 -------------------------
 
-After mapping authentication methods to providers,
-the user needs select which combinations are sufficient to recover the secret.
-The default could be ``n-1`` out of ``n``.
+After mapping authentication methods to providers, the user needs select which
+combinations are sufficient to recover the secret.  Here, the system
+pre-computes a reasonably sane allocation, for small ``n`` the default could
+be ``n-1`` out of ``n``.
 
-However, Anastasis recovery policies support more complex recovery options 
(policies) such as
+We should propose a mapping of authentication methods to providers by
+minimizing cost (tricky: sign-up vs. recovery costs, different currencies) and
+distributing the selected authentication methods across as many providers as
+possible.
 
-* video-identification + passphrase
-* video-identification + SMS
-* SMS + postal mail + passphrase
+The user should be able to change the proposed default selection
+and add more than one provider to each chosen method.
+
+Using Anastatis providers usually is not free.  From here on, the UI should
+show estimated recurring costs (yearly) and the cost of recovery.  These costs
+should get updated with each user action affecting those costs such as
+when the user reconfigures the policies.
 
-when video-identification, passphrase, SMS and postal mail were chosen as 
authentication methods.
 
 Pay for Setup
 -------------
 
-As the last step when all information has been properly provided,
-the user is asked to pay for the service with the regular wallet payment 
confirmation screen.
+As the last step when all information has been properly provided, the user is
+asked to pay for the service with the regular wallet payment confirmation
+screen.
+
 
 Show Service Status After Setup
 ===============================
@@ -201,4 +198,121 @@ TODO
 Recovery Steps
 ==============
 
-TODO
+.. graphviz::
+
+   digraph G {
+       rankdir=LR;
+       nodesep=0.5;
+       settings [
+           label = "Restore from Backup";
+           shape = oval;
+       ];
+       provide_id [
+           label = "Provide\nIdentification";
+           shape = rectangle;
+       ];
+       select_challenge [
+           label = "Select\nAuthentication Challenge";
+           shape = rectangle;
+       ];
+       satisfy_challenge [
+           label = "Enter\nChallenge Response";
+           shape = rectangle;
+       ];
+       pay [
+           label = "Confirm Payment";
+           shape = oval;
+       ];
+       finished [
+           label = "Success";
+           shape = rectangle;
+       ];
+       settings -> provide_id;
+       provide_id -> settings [label="Back"];
+       provide_id -> select_challenge;
+       select_challenge -> provide_id [label="Back"];
+       select_challenge -> satisfy_challenge;
+       select_challenge -> pay;
+       satisfy_challenge -> pay;
+       pay -> satisfy_challenge;
+       satisfy_challenge -> select_challenge;
+       pay -> finished;
+       satisfy_challenge -> finished;
+   }
+
+
+Entry point: Settings
+---------------------
+
+Like the backup, the recovery option should be available via
+the App settings.
+
+The section should have an option to recover from backup.  If a previous
+recovery was not completed, the interaction should resume from that previous
+checkpoint instead of from the beginning.
+
+
+.. image:: 
https://git.taler.net/anastasis.git/plain/doc/wireframe/png-export/menu.png
+  :width: 800
+.. image:: 
https://git.taler.net/anastasis.git/plain/doc/wireframe/png-export/settings.png
+  :width: 800
+.. image:: 
https://git.taler.net/anastasis.git/plain/doc/wireframe/png-export/backupsettings.png
+  :width: 800
+
+
+Providing Identification
+------------------------
+
+The first dialog(s) during recovery should be identical to the first dialog
+during backup: the user is asked to select a continent, country of residence
+and then to provide country-specific inputs for identification.
+
+.. image:: 
https://git.taler.net/anastasis.git/plain/doc/wireframe/png-export/userid.png
+  :width: 800
+
+Select Authentication Challenge
+-------------------------------
+
+If Anastasis could recover the recovery document via any provider, it should
+show a dialog allowing the user to select one of the open challenges, and
+highlight which challenges still need to be satisfied for the various policies.
+
+Additionally, the specific provider and recovery document version should be 
shown.
+The user should be able to change the provider or recovery document version,
+resulting in a switch of the recovery document and policies. If the user has
+already satisfied some challenges of the current recovery document, switching 
to a
+different recovery document should only be done after a confirmation pop-up 
dialog
+warning the user that the existing progress will be lost.
+
+When selecting a challenge, the user may be asked to confirm making a payment
+for this challenge if the provider requires payment.
+
+
+Payment
+-------
+
+Typcially, this would be the canonical wallet payment confirmation dialog.
+
+However, in the case of a security question, the payment confirmation should
+be combined with the dialog where the user enters the security answer (so
+instead of an ``Ok`` button, text showing the amount due and ``Pay`` should be
+used -- except of course if the security question challenge is free of
+charge).
+
+
+Enter Challenge Response
+------------------------
+
+If the challenge was not a security question, the dialog to enter the security
+code (PIN/TAN) should open after payment.  The security code field should have
+a prefix ``A-``. However, the user should be able to enter both only the
+numeric code, or the full code with the ``A-`` prefix (or ideally, the user
+cannot delete the pre-filled ``A-`` text).
+
+
+Success
+-------
+
+The user is informed about the successful recovery.  We may want to do this
+as part of a separate screen, or simply with a notification bar in the
+main wallet screen.

-- 
To stop receiving notification emails like this one, please contact
gnunet@gnunet.org.



reply via email to

[Prev in Thread] Current Thread [Next in Thread]