In a great post titled 'UX Grid of IOT', Scott Jenson (@scottjenson) defines a simple taxonomy of User Experience (UX) for IoT,
This UX Grid is a classic 2×2 matrix of device type vs. interaction type. Solo vs swarm is on the vertical axis and a direct interaction style vs. an ambient background styles on the horizontal.
The interaction style axis is distinguished by:
Direct - The user interacts directly and explicitly with a given device (typically with a dedicated application on their phone, which Scott has previously pointed out as not scaling). In the direct style, the user has to ask that the device 'do something'. Examples include the current crop of wearables, smart homes, etc.
Ambient - The user interacts with a device passively, i.e., without active action on their part (other than hopefully at initial setup & registration). In the ambient style, it's not the user that asks the device to perform some operation, but rather some other thing or 'the system'. Scott points out that the full value proposition for smart locks demands this style (the lock opens as you approach the door, as opposed to having to explicitly use the app to unlock). The archetypical 'start coffee machine based on your work schedule' use case is another example.
Clearly direct-style UX doesn't scale. Nor will it enable the labor-saving that IoT is meant to. What value is there in me using an app to open my garage door from the driveway as opposed to the car requesting the door open as I turn onto the street?
Thomas Ricker makes this same point in his "You can't spell 'idiot' without IoT" article, where he bemoans his family's unwillingness to buy in to his variably-illuminated passion:
Nobody else in my family of five thinks that pulling out a phone, unlocking it, launching an app, and clicking an "off" icon is better than simply flipping the wall switch -- so that's what they do, killing the power and the internet of the things.
This direct vs. ambient UX distinction (and the corresponding difference in value for the user) applies to how devices will enable authentication of users.
The direct model is manifest in the current wave of biometric phone sensors - whether measuring fingerprints (like Apple's TouchID or Samsung's equivalent), voices or faces. These sensors are typically used to unlock the phone, providing an alternative to a PIN or pattern. Regardless of the particular biometric, the expectation is that the user initiates the unlock.
There are also current examples of the ambient (or passive or continuous) style of UX for user authentication. When my Samsung Gear Watch is nearby, then my Galaxy S5 recognizes it and does not require that I enter the pattern to unlock. The Nymi wristband does the same, but adds the twist that it must still be on the wrist of the registered user (by measuring the user's ECG). Apple was recently awarded a patent for using a facial biometric to lock the phone rather than unlocking it. The phone constantly (or at least frequently) takes a picture and if the face is not recognized, then locks the phone.
Scott argues that before we can get to the fully ambient style (with the inevitable failures where a device performs unexpectedly or inappropriately) we should aspire to a UX model of 'offer instead of do':
A system that sets things up, prompting the user to complete the action with as little effort as possible.
So, for example, instead of having the lights go on when you walk into the house (and thereby waking up your cousin sleeping on the couch) have the system gently turn on the floor lights so you can navigate in the dark but a voice system waits for you to say 'lights' before actually turning on the main lights.
Ensuring that users have the ability to mediate and control how they are authenticated is critical to protecting their privacy. Direct-style authentication by its very nature has privacy protection built-in as the user can control when (or when not) to be authenticated. The ambient UX style creates the risk of the user being authenticated when they are unaware of being so and therefore may require the occasional 'do you still wish to be authenticated?' query - similar to Scott's 'offer instead of do'. This sort of privacy protection feature will be even more of a requirement when we consider the other axis of Scott's grid, that of 'solo vs. swarm' - creating the scenario of multiple devices simultaneously and continuously authenticating us.