FAMI web portal criticism - part 3

Back to part 2

Okay, now lets review the inside of the FAMI web portal. 

The first thing I noticed upon logging in was that I was prompted to choose a new password because my old password was expired. If you go back to part 1 you will see that the password criteria is very strict. It took me over 10 min to decide on a password then. Its been less than 2 weeks since I made part 1. If the password expires once every 2 weeks or less than I am never going to use this portal again. Why the heck is the password expiry period so short? Never mind, I'm not going there.

For a website so paranoid about security, I'm curious as to why they do not use https web encryption.

Okay, moving on. This is the page that greets you once you are in, the main page.

Its a bit busier than the competitor's web portal main page as seen in part 2 but it does the job. Its divided into 4 parts.

The "investor summary" in the upper left essentially is the equivalent of the competitor's main page in part 2. Clicking the "+" brings up a popup with more info. It shows how many units you own, the latest NAVPS and how much its worth as of now.

Clicking the "graph" tab merely brings up a graph showing what kinds of FAMI funds you own. Since I only own balanced funds i get a single 100% graph. A little boring.

In the lower left is the "statement of account". Its very similar to the "investor summary" with more data. The "graph" tab is also similar. You can limit it by time period. If you invested say 100 pesos in jan 2012, jan 2013 and may 2013, it will display 300 pesos worth. If you limit it from Jan 2013 to today, it will show 200 pesos worth.

In the lower right is the "Historical SOA". It should be available now since its after july 31 but its still down. FAMI should add it soon.

In the upper right is the "investment analysis". Unlike the "investor summary", it displays the amount you invested. Unfortunately it only shows a total amount within the time period specified. If you invested 100 pesos twice within the time period selected, it does not show each individual transaction but only shos the total of 200. Now this is a big limitation IMHO. The competitor's web portal in part 2 does have this. See pic below. FAMI should add a feature like this.

Verdict: Since the web portal seems to be in beta, there are a lot of bugs, wrong design and missing features. From just the web portal alone I would give it 3/5 stars. But considering the difficulty in signing up and logging in, I drop it to 2/5 stars.


The end for now

FAMI web portal criticism part 2

Part 1 tackled the registration process for FAMI's new web portal. Part 2 now tackles the web portal itself. I will review it and tell you if its easy to use and if it gives the info you need. Take note that the FAMI web portal is newly launched and can be considered to be in beta so expect changes and improvements in the future.


First, let us look at  a competitor's web portal. It will remain anonymous of now. I chose this competitor because Its the only other MF I own with a web portal. Below is the main page that greets you after logging in.

Its pretty simple and direct to the point. You can immediately see the 2 things you need the most, current NAVPS and current value. "To the point' as the saying goes.

As a side note, the entire portal uses https for better privacy.

You can also click on your account number to bring up a chronological list of all your investments.

You can immediately see how many times you invested. Different types of MF's are grouped together. For each you can see when you invested, how much you invested, any deductions, NAVPS at the time you bought it and number of shares.

At the bottom is the interface for looking at historical values. It gives you a list of numerical values which can be copy pasted onto a spreadsheet so you can make a graph and perform calculations. Unfortunately the portal has no function to make a graph. Take note that FAMI's web portal does not have this function as of this time.

This other company's web portal works well and is easy to use. I give it a 4/5. Now, lets look and compare.

UPDATE: unfortunately, I cannot get into the portal.

882 minutes is like 14.7 hours. I tried before at 991 minutes but didnt get a screenshot then.

This is a huge bug. If you do not log out properly and just close the browser tab, when you try to login again you get the above error message.

This is a huge usability problem. Its not user friendly because a normal user would just close the browser. It does make it more secure but at an unacceptable cost, it becomes less user friendly. The other company gets around this without incurring a security hole by merely auto-logging the user off if you close the browser. This is very poor design IMHO. I hope FAMI fixes it.

More security is nice but not at the expense of making it less user friendly and harder to use. AFAIK you can't really buy or sell anything in the web portal so I think the extreme security is unwarranted.

So, expect a part 3 of this review. I had to cut it short because I could not log in.

UPDATE: part 3 is up.

FAMI web portal criticism - part 1

Recently FAMI, a mutual fund company, launched its web portal. Here's some criticism of the FAMI web portal. I'm still trying to decide a new password so expect a part 2 once I get inside and look around.


I've had lots of experience navigating web portals like these from major companies as well as designing some using HTML and PHP. And so far, FAMI's first shot at it has major usability issues. It is, I'm afraid very much unpolished unlike some of the portals used by big multinational companies.

This is so disappointing since I like the performance of FAMI mutual funds and I invest in them.


OK, here goes.
 
* I didnt know that I needed to register. I only found out by reading the comments i the FAMI facebook page. There should be a note or something, not just a page with a blank username and password. See Pic below

* When registering, there should be some help since some terms like "COR" might be unknown to the users. Hint: its in the snail mail you receive.
* When registering there are multiple blanks that I dont understand. Aside from the aforementioned "COR", there are multiple COR's and multiple accounts. How the heck can a simple client understand what the multiple "COR" and "accounts" means? Is it one COR/account per person? Or is it one COR/account per transaction? If its the latter then if you bought say 10,000 pesos worth of mutual funds last year then bought another 10k this year then is that 2 accounts? Or maybe yo just have to fill in the first account only? Look at the pic below and you can see how a normal person might be intimidated

update:  The FAMI facebook says that you only need to input one valid COR. You get one COR every time you buy MF's. Its in the letter they snail mail to you.

* I didnt know that i should recieve an email. I only found those out from reading the comments here. You should have a small note that says "an email will arrive with your username and password bla bla bla"
* after registering there is a number generated. There is no note that explains what the number is for. And so far I see no use for it except maybe as a reference number if for some reason your registration has a problem
* It takes some time for your email to arrive. A day or so. A note explaining that it would take a day or so would be nice
* The email gives you 2 pieces of info: User ID and Password. But when you try to log in, there is a password blank but there is no User ID. There is a username blank but some people might not get it. From my experience in databases, changing the name of a variable can cause lots of confusion
* When you first login with the userid and password emailed to you, you are required to change the password. OK thats very much standard procedure. Good
* However the website is set up to be VERY VERY strict with creating a password. Look at these restrictions

• Password must have at least 1 special character.
• Password must not contain your user id.
• Password must have at least 1 capital alphabet.
• Password must have at least 1 lower case alphabet.
• Password shouldn't contain date aspect.
• Password shouldn't contain consecutive character.
• Password must be alphanumeric.
• Password must not match with your 5 old passwords .
• Password should be greater than 7 characters
  and less than 14 characters.

Security is good but TOO MUCH security is bad since it makes remembering the password hard. Heck, even inventing a new password that passes all these (specially the consecutive character thing) is hard. There is a time for idiot proofing stuff but this goes too far and is condescending, treating the user like a child.
* "Password shouldn't contain date aspect". What the heck does that mean? I'm getting a rejection like that even if my password only contains among it s characters a single number.
* "Password shouldn't contain consecutive character ". Hard to explain but lets give an example. the word "password" fails that rule because it has 2 letters in succession, s and s. Removing one s would make it pass that. At least I think so. Not sure.

The end for now. Wait for part 2

UPDATE: part 2 is up

Its now illegal to have unprotected wifi

Its now illegal to have unprotected wifi and someone uses it to pirate stuff.

Internet users can be fined up to euro100 ($126) if a third party takes advantage of their unprotected WLAN connection to illegally download music or other files, the Karlsruhe-based court said in its verdict.

Link

Xerox machines are a security risk

This is an eye opening article. In the philippines we are used to old fashioned xerox machines that work mechanically. But if your xerox machine is a digital model, it has a hard drive that stores all documents that were xeroxed.

If for example a digital copier is refurbished and sold, the hard drive may still contain images of the documents that you xeroxed.
in reference to: Digital Photocopiers Loaded With Secrets - CBS Evening News - CBS News (view on Google Sidewiki)