The internet has been a core part of hotel companies’ promotional and distribution activities for at least five years now, maybe even ten or more. It is no longer new, it is well known, to consumers and to the companies seeking to use the internet to promote and sell to their customers.
So there’s no excuse for any remaining idiocy in what these days is a well understood medium.
Let me list the things that are, unfortunately, obdurately idiotic on the Wyndham website. I wonder what their explanation is.
1. Ridiculous Over-The-Top Security
In addition to having a username and password to access your Wyndham Rewards information and to book hotels on their site, you are forced to set up three security questions. But you can’t define your own questions, you have to choose from a short selection of questions put forward by people who clearly took the short bus to their special school.
The problem is that for many of us, the questions that we have to answer do not have a single right answer. And some of the others ask us things that most of us wouldn’t have a clue about.
For example, one possible question/answer is to provide the maiden name of one’s paternal grandmother. Do you know the maiden name of your paternal grandmother? Or, for that matter, of your maternal grandmother either? I’ve sure got utterly no idea at all, and no convenient way of finding out – besides which, even if we could research the issue and get the answer, how likely is it we’d remember it if being asked the question again in the future to confirm our identity?
Another ridiculous question is the name of the street you grew up on. Maybe that works well for people who lived all their life at one address, but what about those of us who moved every few years? Which street do we choose? I lived on four different streets.
A similar problem applies to the question asking for the name of your elementary school. I went to three elementary schools – which answer should I give? Should I write the name out in full, or can I abbreviate it?
Or how about the question asking for the name of one’s best friend. I’m hard put to answer that question, and I suspect my answer would probably change every 5 – 10 years or so too. Does one name, and one name only, leap into your mind, and can you be sure that same name will remain into the future?
A question of greater difficulty to me as one who attended two high schools, neither of which were in the US or which had a mascot, is to specify my high school mascot.
So you get the sort of picture – asinine questions, all to secure access to what – my frequent guest program membership at Wyndham. It isn’t as though they have any sensitive personal information or credit card details on file or anything – well, actually, once they store the answers to these ‘prove your identity’ questions they now do have sensitive personal information (an interesting paradox, isn’t it!). But talking about ‘they don’t keep my credit card number on file leads to :
2. They Don’t Keep Payment Information
Decades ago, many people were worried about providing credit card details online. Nowadays, 99% of us do so, many times every week, without blinking or thinking twice. We know there’s a tiny risk, but there’s just as much risk giving a credit card number over the phone, or having a waiter take our credit card somewhere out of our sight to process it in a restaurant, so we suck it in and get on with our lives.
Most of the high profile security breaches that have revealed sometimes millions of credit card numbers have not been in the transmission of a credit card number to a remote site, but rather have been from a remote site’s data store, a store which holds information whether we give our credit card numbers by phone, fax, internet, or hand the card over in person.
It is an acceptable small risk to use a credit card online, in return for a huge element of convenience. None of us like having to, every time, type in a 16 digit account number, a four digit expiration, and a three digit CVC code; plus probably other stuff like billing zip code and so on and so on.
But notwithstanding the security levels erected, when you go to book a hotel reservation on Wyndham’s website, and after logging in to your Wyndham rewards account, while they remember most of your details, they don’t remember any payment information at all. Why not?
Most other online companies understand that the easier you make it for a client to complete a transaction and to pay for something, the more likely they are to do so. Amazon even patently the ability for people to buy things with a single click of a single button. If Amazon can succeed as wildly as it has with one-click transactions, shouldn’t Wyndham be trying to get as close as possible to a two click transaction, rather than making for a multi-click hassle-ridden nightmare?
And when I say hassle ridden, entering in my credit card number yet again is just the start of the unnecessary hassle. How about :
3. Upper Case is the Same as Lower Case
Some people still fail to understand than an email address is the same, whether it is in upper case or lower case. While some poorly programmed websites will return different pages depending on how you type in a website page address, email addresses are not case sensitive, and never have been. [email protected] will reach the same place just as readily as [email protected] or even [email protected]. If you don’t believe me, try it for yourself. Send someone an email with whatever variable combination of upper and lower case letters you can think of. They’ll receive it, every time.
But this news has yet to reach Wyndham’s ‘programmers’. And why do we need to enter our email address in the first place?
The first point of annoyance is when making a web booking after logging into your account, their site helpfully enters your email address for you in the booking form (this is good) but then requires you to re-enter it a second time (this is asinine in the extreme).
And then – oh my gosh – if you don’t have the exact same mix of upper and lower case both times, you get an error message that your email address is wrong.
Nope, the email address isn’t wrong. It is the Wyndham idiots that are wrong. I can understand someone who seldom uses the internet and knows little or nothing about it somehow forming the ridiculous notion that it matters if your email address is in upper or lower case, but for a professional internet programmer to make this mistake is inexcusable.
Talking about stupid errors, that leads to :
4. Asking Questions to Which They Already Know the Answer
Did you have a show-off kid in your class at school? One who would ask questions to which he already knew the answers, just to show how smart he was? If you did, I’m sure that everyone hated him.
I was reminded of that on the Wyndham site, too. I saw on their website a Spring Promotion opportunity – if I stayed at their hotels twice in the next few months, I get a free movie ticket or something similarly like that. Annoyingly, you had to actually ‘register’ for this rather than simply be automatically enrolled, but so be it.
I went to register, while already logged in to my Wyndham account, and up popped a form asking for my Email Address, Phone Number, and my Wyndham frequent guest number.
All three pieces of information were mandatory.
Now the Wyndham account number was already showing in the top right corner of the screen. Why did they ask me for it a second time when they already knew it?
The same could be said for my email address. And also for my phone number (why do they need my phone number, anyway?).
I remembered the email address I’d used due to the upper/lower case idiocy I’d encountered just a minute before, so entered that carefully, then when it came to phone number, put in my home phone number, only to receive an error – the phone number didn’t match the number in my Wyndham account.
So, first question – if you already know my phone number, why do you ask for it a second time?
And, second question – have you never encountered a guest with more than one phone number before? Most of us have at least three (home, work, cell phone), some of us have plenty more than three (I’ve also got a direct work number, a different work number, a Google phone number, a Skype phone number, a private phone number, and a second cell phone number). I had no recollection at all of which of the nine different phone numbers I’d used in my Wyndham account profile, and if I didn’t get it exactly right, Wyndham refused to allow me to register for their promotion.
The amount of hassle it took to register for the possibility of a free movie ticket was massively disproportional to the value of the possible reward in the future. Next time I see a Wyndham promotion, I’ll just roll my eyes and ignore it.
So why is it that Wyndham has such a dysfunctional approach to their website and online customer experience? What is the reason for asking us stupid questions the answers to which they already know? Why do they insist that email addresses have the same mix of upper and lower case every time they are entered?
Why are they unwilling to store our credit card details, but insist on three questions being answered that, if disclosed to identity thieves, would help them take over our identities?
I have emailed Wyndham’s public relations contact and invited them to respond to this article and look forward to a chance of sharing their explanation with you.
Update : Thursday 5 April
After enduring the nonsense to register for their incentive program, I got an email today inviting me to register and sign up for it. Apparently all the ridiculous effort I put in to joining, earlier in the week, failed to get accepted (and with no error/warning message either).
But wait, there’s more. I went back and signed in to their site, using the same computer and browser as a couple of days before. But up popped a ‘for your security’ message asking me now to validate one of the three security questions I’d been forced to enter earlier in the week, too.
Fort Knox probably has less security than the Wyndham Rewards site. This is beyond ridiculous.
Oh – and a non-update too. I’ve yet to hear back from Wyndham’s PR people about why their site is so appalling.
Update : Thursday 12 April
Oh no! I got an email from Wyndham again this morning, inviting me to register for this stupid promotion. I’ve already registered for it twice.
Can’t they only send the email to people who haven’t registered for the promotion?
And – while I got this email, I’ve still yet to receive a reply from Wyndham’s corporate people about the inadequacies of their website.
I agree 100%, especially about the 3 questions. I know of many sites that do that and already have a set of questions that I would unlikely be able to answer the same way two months later (as you, I went to many schools and would never remember my first (or favorite) teacher. I like the sites that allow one to make up their own questions – such as “in what city did you attend 6th grade”. I especially dislike the sites that make one answer all three questions and need an exact match.
In a way I disagree. I often have this trouble when I have been asked to prove my identity on other websites as well when I forget my password or login name.
Hi, Joel
Do you agree with the other points I raise? I’d happily accept your agreement on 3 of the 4 points.
And as for the point you clearly disagree with, see my update today where I had to provide a security question/answer not because I’d forgotten my password or user ID, but just ‘because’. For no reason at all.
It appears that Wyndham have adopted the highly effective TSA model for doing business.
Specifically:
1. wasting peoples time with stupid unnecessary procedures,
2. wasting money in an exercise in futility, angering the very people they are supposed to serve and
3. applying useless “security” measures to keep you safe.
4. paying big bucks for the above improvement in public relations
Despite their best efforts they have failed, I am disappointed they don’t provide coupons for a bonus feel-up, cavity search and a good dose of radiation… for the complete travel experience.
Actually, many of the questions presented can be dealt as long as you have a moderately decent memory. For instance, adopt a standard approach to questions with multiple possible correct answers: if you attended three elementary schools (as I did), always answer the first – or the last – or the one you attended longest – whatever standard you adopt. Same for the street you grew up on – pick the oldest one you remember, or the last, or the one on which you lived longest. With a “standard” the answers become easier.
Perhaps it’s an American thing (we tend to be interested, at least in passing, in genealogy) but maternal or paternal grandmothers’ maiden names aren’t hard for me. Chances are, if your grandmother had a brother, his last name and her maiden name would be the same.
With the rest of the issues with the site, however – it does sound like they could use a tutorial on makign things more accessible.
As for website page names and mixed capitalization: it’s not “poorly programmed websites” that require page names to match exactly. That’s solely related to the underlying operating system: Windows-based servers are not case-sensitive; Unix and Linux based ones are. It’s not the fault of the website designer.
Email addresses can be compared with the desired case insensitivity — regardless of operating system — by simply converting each string to uppercase before comparison.
I hate entering my email address twice. If I can’t enter it correctly the first time, then what I’m registering for won’t work. That’s my fault. Quit trying to protect me from myself. Or… do they want my email address to be correct so they can bombard me with spam? I’ve noticed that the use of User ID and password has changed to email address and password.
SUBJ: surrendering email and phone numbers (and sometimes even your street address).
Yes, it’s for spam… actually, your phone no. and email address are sold on to other sources. Thus far, not to the Nigerian fraudsters, but it does garner Wyndham the ability to spam you AND to make a tidy profit off your ability to enter a mail address to their liking.
Ugh.
Pingback: Weekly Roundup Black Friday 13 April 2012 » The Travel Insider
Re the stupid security questions, my solution is to answer all such questions with DECLINE TO STATE. I don’t have the patience to try to decide who was my best childhood friend or whatever.
Wyndham may be a more egregious offender, but I’ve encountered a lot of sites offering similar frustrations.
Apparently Wyndham doesn’t require you to type in the characters appearing in an adjoining box (to confirm that you are a human being and not a computer). Very often these characters are so distorted that, e.g., an L is indistinguishable from an I, or an O from an A. If you can’t decipher the intended characters, you’re out of luck and all the time you’ve already spent inputting your personal info and answering questions goes for naught.
All that said, I have been pleasantly surprised recently how some of the corporate giants I deal with have been improving their websites and making them more user friendly. Amazon, as you observed, is a great example. So there is hope.
Good one Dave….the security questions on most sites are as rediculous as this one….the same Genie seems to be the consultant to these people….I have tried Wyndham in the past with much frustration so that now I go back to the good ole landline only to be subjected to the “press” need before getting a human being to speak with….We are taking odds that it may never be, to get a response to your Email, but it will be interesting if you do….It is not likely that any “human being” will admit to the folly of these questions…..Keep up the good work…your obervations are well stated and continue to expose the “dum” that is now rampant in the world !!