The Forces Working Against UX

Posted on by

Why do we run into situations where a company seems intent on making their systems or people incapable of taking our money for their services which we desire?

I had the good fortune to hang out with Joshua Kerievsky at Øredev 2025. We were on the same flight home, so we made our way to the Copenhagen airport and decided to buy a day pass to the SAS (Scandinavian Airlines System) lounge. We had arrived at the airport the recommended three hours before our flight, so the lounge seemed like a good idea. Well, at the time at least. It quickly turned into a user experience case study of how not to delight a customer.

The first hurdle was the front desk. The associate asked when our flight was and we told her that was at noon. She told us that anything less than three hours isn’t eligible. I held up my app and explained that it was allowing me purchase, but I guess the rules are the rules and she still said she couldn’t help and we were welcome to try the app. Joshua proceeded to navigate the SAS phone app to get to the screen where you could purchase a pass, which was a nontrivial navigation experience, but we got there. He tapped the button and nothing would happen. He tried again. And again. “Maybe it’s because I’m using the app as a guest,” he wondered aloud. He didn’t want to create an account because he doesn’t fly SAS typically, so why bother with yet another username/password (no passkey support) and the inevitable barrage of unwanted marketing emails that we are opted into by default everywhere.

All of this was done standing at the lounge front counter, so we decided to find a place to sit down and see if creating an account would unlock the functionality to give SAS the $55 USD they desired for lounge access. He gets out his laptop and begins the account creation process. We all know the pain of trying to use most web sites on spotty Wi-Fi, and flysas.com was no exception. He gets to the create account page and it’s protected with a CAPTCHA, which would not load. If you can’t solve the CAPTCHA, you can’t create an account. So we wrestle with trying various networks, phone tethering, and finally get it to load. Then the password rules. Then resetting the password because it didn’t save in the password manager. Then messaging the password because device syncing isn’t going great because Wi-Fi. It may shock you to learn that some airport Wi-Fi networks are not great.

Finally he’s in the app, gets to the buried part of the app where you can add lounge access and the price has gone up since we started! They wanted to charge him more money to spend less time in the lounge! We both make our purchases and head in, although it’s certainly not the relaxing experience we had expected.

So what was going on? Why was the app and website so resistant to selling him a lounge pass? The app issue is a pure UX issue. If a user can’t do something because they aren’t logged in, you have to tell them. The website, I suspect, has more to do with a sequence of decisions made in the name of security and fraud prevention that did not take into account the cumulative negative impact on the user. “We have to use a CAPTCHA to thwart the bots!” Did anybody think about introducing that as an external dependency that could have performance issues? Many websites have started using services that will flag suspicious behavior to prevent fraud, which sometimes relies on knowing that a user is suddenly far away from the last usage. Weird! Unless you’re traveling…

I’ve been on the implementation side of this fence and the Internet is a very nasty place. Web application firewalls, bot mitigation, and fraud prevention all introduce friction and you have to be aware how it’s accumulating and impacting your customers.

What about the human who simply refused to sell us access before the time window and could have prevented this whole technology ordeal? That limit is likely to prevent customers from missing their flight due to passport control. The delay through passport control could be made available to customers though, not just as a predefined unchangeable time window that doesn’t seem to be enforced in the app. We see signs like this on roads all the time, telling you how long it’s going to take to get to certain destinations. From the customer perspective, enough information to understand the barrier probably would have been sufficient. Instead, it was just a “I can’t” with no explanation.

Companies, I assume, are not intentionally making suboptimal experiences for their customers.To whoever took each decision, in isolation, they probably made all the sense in the world. “We have to block the bots!” “We have to prevent fraud!” “We can’t let our lounge be the reason why customers missed their flight!” Each decision contributes towards the system drifting away from its original purpose: to serve the customer. We all need to remember that our decisions live in a larger system and that every local safeguard has global consequences, up and downstream.