Defensive design is the future of digital services

The digital industry needs to stop believing its own hype. It's no longer an industry of scrappy start-ups; it's the underpinning of our economy, and it's under attack.

The tech industry still likes to portray itself as a scrappy little upstart, challenging incumbent players and disrupting things. But that hasn’t been true for years. Amazon is over a quarter of a century old. A 13-year-old, signing up for their first Facebook account today, would be joining a service four years older than they are. 

These are established, powerful global businesses. But they’re still behaving like they’re those mythic scrappy upstarts — and that’s a problem. Because when they operate at the scale that they do, they’re a target. And the balance between building services that are immune to attack and those that are frictionless to use has to change. 

It’s time for any tech service to get defensive. 

The Frictionless Age

For the past 15 years, for most apps, friction was the enemy. You wanted to make the whole process easier and easier for the users. As long as apps — and their funding — was determined by measuring monthly active users (MAUs), making it as fun and easy to use apps as possible was the watchword.

It worked — it catapulted the most successful services into the stratosphere of growth. It helped spur many companies to unicorn status. But it also made the creation of fake identities by misinformation specialists easy, too.

However, we’re paying the price of that now. The frictionless nature of the social networks applied to the casual user, but to more malign entities as well. Much of our debate about “fixing” social media is about how to maintain its utility while minimising its harm.

Defence means adding friction 

If you raise the bar for creating an account to make it harder for would-be abusers of the system to use it, then you also raise the bar for casual users. When growth is everything to a company, then there’s no way you’re going to do that. And so, most social problems have settled on a compromise approach: allow easy account creation, but then trace and remove “fake” accounts after the fact. 

These issues extend beyond social networks. Thinking back to our 20-something business, Amazon, it also has issues around friction. Frictionless (or, at least, low friction) returns have been a critical part of the development of online retail — particularly in clothing. For over a decade, the standard argument against online clothes shopping was the need for people to actually try clothes on for fit. The answer to that was, largely, easy cost-free returns. 

It worked. Online clothes shopping is a staple for many people. But, at scale, it creates huge logistics problems for some businesses, with Amazon choosing to destroy some returned goods, rather than restocking them:

An anonymous former Amazon employee told ITV that workers at the warehouse were given a weekly target of 130,000 items to destroy. This was corroborated by an internal memo viewed by ITV, which showed that during one week in April, 124,000 items were marked “destroy.”

Not exactly a sustainable policy amidst the climate crisis. No wonder Amazon is trying to row back

The price of dodging defensive design

There’s more incentive for retailers to address this than the social networks. As Vogue Business wrote in 2019:

Retailers lose a third of their revenue to returns, says RSR Research retail analyst Paula Rosenblum. Fashion-focused retailers are hit particularly hard as customers swap in-store dressing rooms for the privacy of their own homes. California e-tailer Revolve did $499 million in sales last year but spent $531 million on returns, after accounting for processing costs and lost sales.

In an attempt to reduce the costs of returns, Amazon automated the process. It automatically triggered a refund if a package of the correct weight arrived. That system was NOT designed defensively:

The biggest Amazon fraud ever discovered in the EU has been uncovered reportedly costing the company €330,000 in lost product. The scam was simplicity in itself which as to order high value goods such as iPhones from Amazon, weigh the box, remove the retail packaging, fill it with dirt and return it keeping the goods. 

This shouldn’t have been a surprise — self-checkout machines have attracted low-level scams since they were invented. 

The frictionless age is in its twilight. It’s time for a defensive age.

Enter The Defensive Age

Scrappy wee startups attract loyal and enthusiastic advocates. Global companies attract customers, and with them come scammers, fraudsters and political activists. If you don’t build with that in mind from the very beginning, you’re just storing up pain for yourself in future. 

This isn’t a new insight; for over a decade, people have been talking about defensive design for the web, or secure design for services. But over that decade, lessons still don’t get truly learned. Just as the pandemic hit, and Zoom became the centre of many people’s working and personal lives, “zoombombing” became a buzzword, and the company had to swiftly re-engineer its systems for both scale and security. But it still has a way to go

When you’re planning a new product or service, build it defensively. Think about what could go wrong. Trust your corporate tricksters. And take the time and financial pain now, to avoid bigger problems once you hit scale. Complex systems are much harder to re-engineer defensively.


Photo by Vista Wei on Unsplash