Keywords

1 Introduction

Due to the rapid extension of the use of the Internet, many industries could improve their operations and provide online services through the use of Web applications [6]. One of the industries that provide online services are banking entities, with the use of Internet Banking.

Currently, many banks provide Internet banking services, offering the confidence of being able to carry out transactions quickly and safely, which is not 100% guaranteed. The growth of the use of these services via Internet brings with it the increase of cyber-attacks, which harms both banks and users. Therefore, banks invest in security mechanisms and provide information to users about the existence of these mechanisms in their systems [19].

If an industry wants its Web application to persist on the Internet, this application should be usable for customers [15]. In the case of Internet banking, where sensitive, private and important customer information is handled, an integration of usability and security in Web interface design should be considered [23]. Although there are studies that indicate that these concepts are opposed, it is observed that there is a need to balance them [4, 6, 19,20,21, 23].

To measure the usability of a Web interface, there are methods of evaluation of usability, one of the most used being the heuristic evaluation technique [8, 23], which consists of the evaluation developed by expert evaluators based on a set of heuristics. of usability [8]. Nielsen’s Heuristics are the most used [13], but according to studies [7] they do not cover all the usability characteristics of specific domains. While [20] it is emphasized that Nielsen’s heuristics do not cover security aspects, they are considered as the basis for a usable and safe Web design [23].

While there are few studies of heuristic usability assessments for the Internet Banking domain [7], there is more information from other types of studies that refer to the concept of security as an important characteristic of a Banking Web application design that should be considered without forgetting the features of Usability [23].

For all the above, this article proposes a set of usability heuristics for E-Banking based on the knowledge of heuristics proposed in the literature and information related to usability, always keeping security in mind, as it is an important characteristic of this domain.

1.1 E-Banking

In recent years there has been a rapid development, based on the use of emerging technology, in the way in which banking services are provided. Currently, it is no longer necessary to physically attend the bank to request a service, since now it can be done using other means, such as ATMs, telephone lines or through the Internet with systems called E-Banking [31].

This form of access to the Bank is important because it is a way to reach many customers from anywhere in the world with services such as transfers, payments, credit management, etc. [31].

Internet banking is a type of transactional Web application. A Web application is software that makes use of the Internet and a Web interface, accesses or sends information to a centralized place. This type of application differs from traditional or conventional software by the amount of information it handles and access to millions of users from anywhere in the world [6].

Transactional Web applications, like E-Banking, require an architectural design with an emphasis on security, because when accessed by millions of people from anywhere in the world, them must protect all the information they handle using security mechanisms, to comply with the pillars of information security (CIA): confidentiality, integrity and availability [5].

According to [31] three types of risks can be specified: operational, legal and reputation. We will focus on operational risks due to the context of the project.

Operational risk: It happens due to a failure in the banking system process (either due to system processes or cyber-attacks) or due to human error.

A banking Web application must consider security controls so that it can provide benefits such as [31]:

  • Access 24 h a day, from any computer connected to the Internet.

  • Avoid long queues to be served at agencies and ATMs.

  • Availability in real time of the most relevant information (balances, transactions, etc.).

  • Decrease in the time of processing the information (direct from the Database).

  • Transparency of information between competitors (the customer can compare prices, services, etc.).

1.2 Usability

According to ISO/IEC 9241-11 [10], usability is defined as “The degree to which a product can be used by certain users to achieve their specific objectives effectively, efficiently and satisfactorily in a given context of use”, Whose measurable attributes are: effectiveness, efficiency and satisfaction.

According to ISO/IEC 9126-1 [11], which is being incorporated by ISO/IEC 25000 [34], usability is a quality characteristic of the software product and is defined as “The ability of the software product to be understood, learned, used and attractive when used under specific conditions.” The Usability feature has as measurable sub-characteristics [34]: understandable, easy to learn, operable and attractive.

According to ISO/IEC 25000 [34], aligned to the concept defined in ISO/IEC 9241-11, usability is defined as “A subset of quality in use, whose sub-characteristics are efficiency, efficiency and satisfaction” [34].

The definition of usability in ISO/IEC 9241-11 refers to any product that can be used by man. In contrast, in ISO/IEC 9126 it refers to a software product that can be used by man. By orienting these two definitions to the software context, both standards seek that the user can make use of the software product in an easy way, that is understood, that can be used by any user and that is attractive in its use. In this way the user can achieve their objectives effectively, efficiently and satisfying their needs.

According to Jakob Nielsen, usability is a quality attribute that measures how easy it is to use an interface and defines it based on 5 components [15]: ease of learning, efficiency, recall, errors, satisfaction.

1.3 Usability Evaluation Methods

These methods allow determining or measuring the degree of usability of a software product. They are classified into two categories [8]: usability inspection methods and usability test methods.

Inspection Methods

According to Nielsen [25], inspection methods refers to the methods in which an evaluator inspects a user interface. It can be used at an early stage of the software development process, for example in the prototype stage or in the software requirements survey, where tests with users are not required. Compared to the usability test method, it is lower cost and does not require the user.

According to Holzinger [8], these methods are: heuristic evaluation, cognitive walkthroughs and action analysis:

  1. 1.

    Heuristic Evaluation: allows finding more usability problems than other evaluation methods [8]. It is the best-known method, with least formal training, fast, does not require user tests and is widely used as an inspection method [32]. The evaluation process consists in the direct and individual evaluation of the evaluators to a software product, making use of a list of usability heuristics, while the evaluators interact with the software product, inspecting and evaluating each element of this [14].

  2. 2.

    Cognitive Walkthroughs: It is a task-oriented method, which consists of simulating the step by step that users can follow to develop a task in the system. It is predicted the possible actions that users can take or problems they may encounter to reach their goal, by going through the functionalities of the system. Emphasis is placed on cognitive and learning, analyzing the required mental process of users [8]. One version of this method is pluralistic walkthroughs, which consists of a collaborative work in which end users, software developers and experts discuss each element of the system.

  3. 3.

    Action Analysis: Method that allows to quantify the time that it will take to develop a task and to know the behavior that the user may have, it is a slow process method, since everything is in function to what the users do and not to what They say they do, and because all the actions are divided into small tasks. For this type of method, it is required to have users with experience in their journey through the system’s functionalities [8].

User Evaluations

According to Nielsen [25], these are methods where evaluations of the user interface are performed through tests with representative users. This method allows a direct communication between developers and users, which will allow the developer to learn more how users perceive the system and if it meets their needs and objectives, and from that, to be able to also know their questions and problems [5].

There are many methods, but the most common are [5]: Pencil and paper test, Thinking aloud, Co-discovery, Formal experiments, Methods of inquiry and Card Sorting.

1.4 Nielsen’s Usability Heuristics

The heuristic principles of usability for the evaluation of the design of user interfaces most commonly used and known are the heuristics of Jakob Nielsen [8]. Next, the ten Nielsen principles that are used in the usability evaluation [13]:

  1. 1.

    Visibility of system status

  2. 2.

    Match between system and the real world

  3. 3.

    User control and freedom

  4. 4.

    Consistency and standards

  5. 5.

    Error prevention

  6. 6.

    Recognition rather than recall

  7. 7.

    Flexibility and efficiency of use

  8. 8.

    Aesthetic and minimalist design

  9. 9.

    Help users recognize, diagnose, and recover from errors

  10. 10.

    Help and documentation

1.5 Security

In this article, when talking about security, reference is made to the security of information and the use of security mechanisms to protect this information.

According to ISO/IEC 27002: 2013, the security of information is the “Preservation of confidentiality, integrity and availability of information” [12].

2 Methodology

According to Hermawati [7] there is no formal methodology for the development of usability heuristics but in most of the studies analyzed the authors start with a literature review and then combine methods. Due to this lack of formal methodology, it is that the research conducted by Rusu [29] proposes a methodology for the development of heuristics, this methodology includes a previous review of the literature, related to the subject in question, the development of the proposal of heuristic principles and finally, of a process of validation and refinement of the heuristic proposal.

This methodology was validated by Rusu in his study [29] and used in heuristic proposal studies related to various software domains, such as, in Grid Computing [30], Interactive Television [33], Touchscreen Mobile Devices [9], Transactional Web [15, 27] and in Internet banking [3].

The methodology presents six stages:

  • Stage 1 - Exploratory: bibliographical collection related to the subject of study and usability heuristics.

  • Stage 2 - Descriptive: Highlight important characteristics of the information collected in stage 1, related to the subject of study.

  • Stage 3 - Correlational: Identify the main characteristics that a heuristic usability proposal should consider for the study domain based on traditional heuristics and analyzed case studies.

  • Stage 4 - Explicative: formalize the set of proposed heuristic principles, considering a format that describes the heuristic.

  • Stage 5 - Validation: this stage consists of the validation of the proposed heuristics, within a real context, in contrast to Nielsen’s heuristics. For this, a case study is used to validate the proposed heuristics, in which usability evaluation processes are developed using the Nielsen heuristics and the proposed heuristics, following a protocol scheme modeled for the case.

  • Stage 6 - Refinement: Based on the feedback obtained from the evaluators in stage 5, the proposed heuristic principles are refined.

3 Designing the Proposal

3.1 Exploratory Stage

In this stage, the bibliographic collection of current studies of heuristic and usability proposals for the Web Banca Internet domain was carried out, starting in 2012. The methodology followed is based on the one proposed by Kitchenham [17], since it is the most used and validated by different researchers.

After following the steps of the review, three relevant works are selected in the chosen domain, whose summary is shown in Table 1.

Table 1. Papers selected
Full size table

3.2 Descriptive Stage

In this stage the heuristics proposed in the primary studies are described and analyzed, with the purpose of highlighting important characteristics according to the research topic, heuristic principles for Web sites of Internet Banking.

In the selected studies (Fierro [3], Mujinga [23], Paz [27]) a base reference of the Nielsen [13] heuristics is observed to generate new heuristic proposals applicable in the domain. Here is an analysis of the heuristics proposed in the studies, initially focusing on the heuristics of Jakob Nielsen:

Visibility of the State of the System

In visibility of the state of the system, Paz maintains the definition described by Nielsen in the heuristic; However, Mujinga inclines this definition to the concept of security: visibility of the state of the security protection level and the state of connection of the system. On the other hand, Fierro, mentions that the system, apart from, informing the internal state of the system, must inform the state of the security mechanisms, to the user; and in another heuristic, it refers specifically to the state in which a transaction is found: “State of the transaction”.

Apart from the definition of the heuristic “Visibility of the state of the system”, Paz proposes an additional heuristic, which could be related to this heuristic, and is: “Feedback on the State of a Transaction”, in the first instance it can be understood that this Heuristics could be included in the heuristic of “Visibility of the state of the system”, but according to the results obtained by Paz it is defined separately, because in this way it was able to identify more usability problems.

Summary: There is a concern in prevailing that the system must keep the user informed, constant feedback, about what is happening in the system (state), or, in the process of a transaction, of a system’s own functionality or of the security mechanisms that it uses.

The System and the Real World

Mujinga refers to it as “User’s language”, Fierro divides this definition into two heuristics: Clarity and Familiarity, indicating that the security elements must be clear and familiar to the user. Paz relates it to the cultural aspect in which the user develops and interacts with the system.

Summary: there is a concern that the system communicates with the user using a natural language, specific to the user, that is clear and familiar to him. Especially messages related to security.

User Control and Freedom

Paz maintains the definition described by Nielsen in the “Control and user freedom” heuristics. Mujinga refers to the user can easily revoke security actions, if it is possible to perform (Revocability). Fierro refers to the definitions given by Nielsen and by Mujinga for the User Control and Freedom heuristics.

Summary: there is concern that the system provides exit options in situations unwanted for the user. Even in cases of security measures, in this case the revocation is made whenever possible.

Consistency and Standards

Fierro maintains the definition described by Nielsen, in the “Consistency and standards” heuristic, and adds that the system should not only be internally consistent, but also consistent with other similar websites. Meanwhile, Mujinga maintains only what is related to internal consistency.

On the other hand, Paz makes a total separation of these heuristics, which are: “Alignment towards Web design standards” and “Consistency in the design of the system”. And in addition, they create a heuristic oriented towards compliance with “standardized symbology” that is often used by the user.

Summary: there is a concern that the design of the system should be aligned to a Web design standard and that it should follow the same style in all its interfaces. In turn, it is observed that the system must use a standardized symbology like other Web environments, which are already part of the user’s usual environment.

Error Prevention

Fierro maintains the definition proposed by Nielsen in the “Prevention of error” heuristic, but Fierro adds that the user should know clearly what the consequences would be if a certain security action and whether they are irreversible or not. Paz proposes a new heuristic called “Prevention, recognition and recovery of errors” that covers the concepts defined in the Nielsen heuristics: “Error prevention” and “Help users recognize, diagnose and recover from errors”, and is aligned to what was defined by Nielsen. Mujinga, in his “Errors” heuristic mentions that the system must provide messages of security errors, without codes, and how to recover from errors (with simple mechanisms).

Summary: there is a concern that the system prevents the user from a possible error, through messages or other elements. Information that allows the user to identify the consequences of whether he performs a certain action, be it operational or security.

Recognition Rather Than Remembering

Fierro and Paz maintain what Nielsen proposed in the “Recognition rather than remembering” heuristics. On the other hand, Mujinga mentions that security actions must be easy to learn and remember for users (Heuristic “Learning capacity”).

Summary: there is a concern that the system allows the user not to retain in memory, for a long time, information that could be provided by the same system, especially when actions are developed where security is involved. The actions to be carried out should be easy to remember, through intuitive interfaces or messages.

Flexibility and Efficiency of Use

Paz and Fierro maintain the definition proposed by Nielsen in the “Flexibility and efficiency of use” heuristic, while Mujinga relates it to the information that must be to obtain a user profile to carry out their task without being harmed (Heuristic “Ideal user”).

Summary: there is a concern that the system provides development mechanisms to improve the performance of the user, be it novice or expert, who can carry out their activities without harming each other. Flexibility and efficiency of use is related to both system functionalities and information provided to the user.

Aesthetics and Minimalist Design

Paz maintains the definition proposed by Nielsen in the heuristic “Aesthetics and minimalist design”, while Mujinga relates the definition of heuristics to security: show relevant safety information and of the system. Fierro also maintains the proposal by Nielsen, but also adds that this minimalist design must be related to the information of security mechanisms.

Summary: there is a concern that the system provides a design of relevant and necessary information to the user, without overshadowing other important elements for the user such as security.

Helps Users to Recognize, Diagnose and Recover from Errors

Paz maintains the proposal by Nielsen in the heuristic “Help users recognize, diagnose and recover from errors” and defines it within of its proposed heuristic: “Prevention, recognition and recovery of errors”. Mujinga, in his “Errors” heuristic, directs him to security error messages and how to get out of it, and Fierro, as described by Nielsen, adds safety concepts.

Summary: there is a concern in providing enough information to the user about how to recognize, diagnose and recover from errors.

Help and Documentation

Paz maintains the definition proposed by Nielsen in the “Help and documentation” heuristic, Fierro also maintains the proposal by Nielsen, but also stresses that there must be documentation related to security, visible and easy to find, for making decisions that the user can make in the face of a security action. Mujinga mentions that the system must aid on how to use the service and security functions, to the user.

Summary: there is a concern that the system provides help and documentation, both system functionalities and the use of security elements, which helps the user to perform certain tasks and to face situations where the user has doubts in what action to perform. This help and documentation should be visible and easy to find.

As we observed, the heuristics proposed by Mujinga and by Fierro are oriented to a system with samples of security elements. Next, heuristic principles are described, which by the definitions presented by the authors can be considered outside the scope of Nielsen’s heuristics:

  1. 1.

    Customizable

    According to Mujinga and Fierro the user must be free to customize their interface, including security functions. Mujinga also indicates that if you are given the option to customize the user, you should also provide the reset option to a default configuration. All this will allow the user to be aware of their level of security.

  2. 2.

    Satisfaction

    According to Mujinga the user’s experience in interacting with the system and its security mechanisms should be pleasant and satisfactory, otherwise users will be tempted to avoid security features.

  3. 3.

    Navigable

    According to Fierro, the navigation of the site must be logically structured, allowing the user to locate easily from one place to another.

  4. 4.

    Security

    In the case of security, Mujinga mentions two heuristics: Protection of the system, and Security and privacy. In the first, it refers to the veracity of the communication channels between the user and the system, these must be shown to be true and not fraudulent, using security mechanisms, all based on the security principles of Information: confidentiality, integrity, availability, authenticity, non-repudiation and privacy. The second concept refers to the fact that the system must be confidential, complete, available and private. On the other hand, Fierro goes on the perception side, mentions that the user needs to feel the confidence to use the system, that the security measures should be visible, friendly and understandable, for the user.

  5. 5.

    Clarity

    Although Mujinga does not propose a heuristic specifically aimed at the prevention of errors but does pose a “Clarity” heuristic that refers to the prevention of errors in themselves, through clear information, to users, of the consequences of if a certain action is carried out, especially of security or if they are irreversible, and that there must be the option of reversing the action taken.

  6. 6.

    Compliance with Requirement not related to usability

    According to Paz, based on the study conducted, for the Web transactional domain there are three heuristics that cover usability features that are not completely covered by Nielsen’s heuristics, which are: “Reliability and Speed of Transactions”, “Correct and Expected Functionality” and “Visibility and Clarity of System Elements”, which refer to what the system is expected to perform and return. The first heuristic is related to the fact that the transactions must be reliable and that they be carried out in an adequate manner under any circumstance; the second heuristic is related to the system returning what the user expects, and the last refers to the clarity with which the elements of the system should be viewed, depending on their importance.

On the other hand, Mujinga, proposes two heuristics: “Path of least resistance” and “Minimum authentication delay”, where the first refers to the minimum effort that the system must perform to use the security features, and the second, to the waiting time that the system delays in authenticating the user.

In conclusion it is observed that for the usability of Internet Banking it is necessary to give a priority focus to the security aspects in addition to other characteristics that define a Web site as usable, such as, that it is navigable, customizable, satisfactory (at the level of functionalities and use of security elements), secure, clear and that meets the requirements not related to usability.

Adding all the heuristics and characteristics, 16 heuristics were obtained, it is a considerable high number to develop usability tests, this could cause the evaluation process to be longer and perhaps tedious. So first we tried to adapt the concepts identified by the researchers to the traditional heuristics of Nielsen and to add the remaining ones as new heuristics, with the aim of obtaining more complete heuristics that not only point to usability, but also, to security.

3.3 Correlational and Explicative Stages

From the previous section, it is determined that heuristics for Internet banking should not only be usable, but also safe; and that in addition to the heuristics specified by Nielsen, there are other heuristics that are not covered. Therefore, to increase the likelihood that the banking Web design will be more usable, the following characteristics adapted as heuristics should be fulfilled:

  1. 1.

    Customizable: It is a feature that is important for Internet Banking design, because according to Mtimkulu [22], allowing the user to configure their website is already a trend that should be considered in this type of Web design.

  2. 2.

    Navigable: according to Fierro [3] navigability is also important.

  3. 3.

    Satisfaction: it is an important characteristic, because if the system does not satisfy the user, it ceases to be useful for the user [23, 24, 28].

  4. 4.

    Security: because is an important factor that must be present in the Web design of a banking entity [1, 2, 18] is that it is considered an important feature in its design. The presence of security in a Web site provides confidence to the user to continue using the system.

  5. 5.

    Clarity: the definition given by Mujinga [23] in his Heuristic of “Clarity” can be included as part of the definition of the heuristic “Prevention of errors” (clear messages that prevent an error or something related to security); and to the heuristic “Relationship between the system and the real world” (clear information).

  6. 6.

    Functional and Performance: Characteristics better measured by user tests, therefore, will not be used in the proposal.

From what is specified in the correlational stage, we proceed to design the heuristic proposal, which is an extension of Nielsen’s heuristics. The first ten heuristics are related to Nielsen’s heuristics and the next four to the heuristics identified as characteristics of this Web domain. In Table 2 shows the mapping between Nielsen’s heuristics and the proposed heuristics.

Table 2. Heuristics Nielsen (HN) and project proposal (PHB)
Full size table

3.4 Validation Stage

For this validation phase we proceeded to develop a case study, from which we intend to explore and know if the Nielsen heuristics or the proposed heuristics are complete for use, under a real context, in usability evaluations of interface design of Internet Banking.

There were two groups of evaluators who reviewed a certain banking website using different heuristic sets, group 1 made use of Nielsen’s heuristics and the other of the proposed heuristics.

The comparison of the effectiveness of the proposed heuristics and the Nielsen Heuristics was developed, because they are the most proven through case studies and most recognized in the field of Web domain usability. Furthermore, there is not a group of heuristics in the Internet Banking domain that have been validated with a considerable amount of studies.

The validation phase was applied to the banking website of the study, during the months of January and February of 2017.

Results for Time Invested and Efficiency

According to the results of the survey, the average time invested by the evaluators in developing the evaluation was 32.5 min for Group 1-HN and 71.25 min for Group 2-PHB. The reason for this, according to the answers of the evaluators and that can also be deduced, was due to the time it took them in their understanding and to relate heuristics to identified usability problems, since the proposed heuristics differ a bit from Nielsen’s heuristics.

Regarding efficiency, if we relate the time invested with the identified (total) usability problems, Group 1-HN has an efficiency value of 0.67 and Group 2-PHB had 0.39, we observed that Group 1-HN was more efficient than Group 2-PHB, because they did it in less time, although they managed to identify fewer usability problems than the Group 2-PHB group (Table 3).

Table 3. Results for time invested and efficiency
Full size table

Results by Number of Usability Problems

Group 1-HN, using Nielsen’s heuristics, identified 22 usability problems, but after reviewing them, eliminating repeated usability problems and validating them, 20 usability problems were obtained. Being the heuristic of “Flexibility and efficiency of use” the one that had more quantity, 6 usability problems (30%), as shown in Fig. 1.

Fig. 1.
figure 1

Percentage of usability problems identified by Group 1-HN - without repeated values

Full size image

Group 2-PHB, making use of the proposed PHB heuristics, identified 28 usability problems, but after reviewing it eliminating repeated usability problems and validating them, 27 usability problems were obtained. Being the heuristic of “Relationship between the system and the real world” and the heuristic of “Consistency and standards”, which had the greatest amount of usability problems. Being 4 the number of usability problems identified (15%) for both cases. As shown in Fig. 2.

Fig. 2.
figure 2

Percentage of usability problems identified by Group 2-PHB - without repeated values

Full size image

Analyzing the problems by criteria, it is observed that the number of problems identified only by Group 2-PHB is 25 (56%), the number of problems identified only by Group 1-HN is 18 (40%), and number of problems identified by both groups of evaluators is 2 (4%). See Fig. 3.

Fig. 3.
figure 3

Problems identified

Full size image

Results by Severity

From the Table 4, it is observed that the group that made use of the proposed heuristics (Group 2-PHB) obtained more problems of greater degree: 12 major problems and 5 catastrophic problems. On the other hand, the group that made use of the Nielsen heuristics (Group 1-HN) obtained fewer problems of greater degree: 7 major problems and 3 catastrophic problems. In average severity, Group 1-HN obtained 1.83 and Group 2-PHB obtained 2.03, Group 2-PHB has the highest value.

Table 4. Severity of problems
Full size table

Results by Degree of Perception

The objective is to measure the level of perception that evaluators have about each heuristic used. The constructs used were: Ease of use, Utility, Clarity and Need to use a checklist (Checklist) for each proposed heuristic, the model of constructs is based on what was developed by Jiménez [16].

The constructs are:

  • Perceived utility: it allows to measure if the heuristics are perceived as useful for a process of usability evaluation in Internet Banking.

  • Perceived clarity: it allows to measure if the heuristics are perceived as clear or more specification is necessary to achieve its objective within a process of evaluation of usability in Internet Banking.

  • Easy perceived use: it allows to measure if the heuristics are perceived as easy to use in a process of usability evaluation in Internet Banking.

  • Need to use a checklist: it allows to measure whether to use the heuristics it is necessary to use a checklist or not, to achieve its objective within a process of usability evaluation in Internet Banking.

The questions of the perception survey are of a closed type, and for its measurement the Likert scale has been used, which includes values from 1 (most negative perception) to 5 (most positive perception). The question form is based on what was developed by Paz in [26].

From Tables 5 and 6 we can see that the heuristics: “Visibility of the state of the system”, “Recognition instead of remembering”, “Navigability” and “Satisfaction” have more perception, which means that these heuristics are more viable. In contrast, the heuristics “Prevention of errors” and “Help users to recognize, diagnose and recover errors” are those that have a lower degree of perception.

Table 5. Nominal results of the survey conducted – Group 1-HN
Full size table
Table 6. Nominal results of the survey conducted – Group 2-PHB
Full size table

In summary, according to the results obtained in Table 7, it can be seen that PHB heuristics have more validity than Nielsen’s heuristics, since they show that a greater number of usability problems can be obtained, and with a greater degree of severity and catastrophic.

Table 7. Summary of results
Full size table

3.5 Refinement

According to the results obtained, the heuristics that were not clear, easy and useful are refined; and that require a checklist. The definitions and related examples were redefined, focusing more on the security mechanisms, which apparently did not identify themselves.

In addition, because one of the expert evaluators of Group 2-PHB, indicated that these mechanisms are not clear, the concepts of security in the following heuristics are better specified:

  • In PHB1: Not only the system must keep the user informed if the access channel is safe or not, but also, must keep informed about the level of security protection, through the visualization of activation states of the mechanisms of security that the banking entity applies.

  • In PHB2: it was stressed that the security messages, that the system provides, through different means such as texts, graphics, among others must be clear and be consistent with the real world of the user and must be easy to understand, in this way the user will avoid obviating the security mechanisms that the Bank applies.

  • In PHB3: it is indicated that the system allows the user to revoke any unwanted security action, whenever possible.

  • PHB6: it is indicated: “For the users, the messages and actions related to security must be easy to understand and learn, not having to resort to the information material in a constant way thanks to the use of metaphors.”

  • PHB11: includes configurations in the security functions.

In the heuristics PHB4, PHB5, PHB8, PHB9 and PHB14, only the text of the definition was refined to make them clearer and more useful; and for cases PHB10 and PHB7, no change was made, since it is considered that the definition of the text is punctual.

4 Conclusions

Being a bank to analyze, the issue related to errors and help about these are what you want to avoid, Internet banking must be prepared to overcome any internal error, but if it is an error caused by the user, type error number of account, the system will not recognize it as an error, it is considered as a user error.

There are evaluators who indicate that Nielsen’s heuristics are complete for this type of Web design, but there are also those who indicate otherwise. After an analysis of the usability problems identified, using Nielsen, it could be identified that some usability problems were better solved using the proposed heuristics such as the case that the system does not return as expected, lack of necessary information or there is an excess of use of security mechanisms; which support the proposed heuristics of Satisfaction, Personalization and Security and data privacy.

From everything analyzed favorable values were obtained using the proposed PHB heuristics, they are not very prominent, but they make the difference. But in this, it must be borne in mind that when judging the Web design based on the criteria and different level of expertise of the evaluators, developed in a single iteration of evaluation processes, it cannot be assured or generalized that the proposed heuristics they are more effective than Nielsen’s, for this, several additional evaluation processes are required using refined heuristics. But what can be argued is that Nielsen’s heuristics do not fully cover features such as navigability, satisfaction, personalization, and data security and privacy, and that, in addition, the heuristics of Navigability, Satisfaction are well perceived by users. evaluators; and Personalization, and Data security and privacy are currently a necessity, since one is a trend and the other is a factor of adoption in use of Internet Banking, respectively.