NIPO is proud to announce the opening of our new Mumbai office. In recent years we have seen a strong growth of our business in the Asia Pacific region, something that also was the result of our Nfield China deployment we launched 2 years ago. This major step is now followed by the opening of our new office in Mumbai, that has been in business as of 1 November 2021.

The NIPO Mumbai office will be dedicated to supporting our customers in the Asia Pacific region, with backup from the NIPO Helpdesk in Amsterdam. 

NIPO offers remote support to all Nfield users by email (no telephone at the moment, due to all staff working at home for reasons related to Covid), hosts Nfield introduction sessions and on-site training sessions on topics ranging from survey creation to fieldwork management.

We are delighted to announce the opening of this new office and look forward to supporting you from Mumbai!

In this new series of NIPO Academy sessions we will do a short recap of the standard fieldwork report, but most time will be spent on how to create a private data repository and how you can use this to create your own reports.

As anyone who shares a broadband network with high-capacity users knows, when others are eating away at bandwidth by playing high-definition games, streaming TV shows or live broadcasting over social media, internet performance deteriorates.

The same is true for any shared IT resource. Including Nfield’s survey hosting environment in the Azure cloud. Our acceptable use policy is designed to prevent excessive resource use by some causing performance problems for all. But with the roll-out of our Isolated Interview feature, we aim to completely eliminate the risk of suffering from “noisy neighbors”!

The Noisy Neighbor effect

In a shared hosting environment, an individual survey occupying a disproportionally large amount of processing power will lessen everyone else’s performance. This can happen if a lot of respondents suddenly rush to a survey at the same time, or if a badly scripted questionnaire results in an infinite loop or excessive quota checks.

To prevent this in situations where it can be foreseen, such as the planned launch of a large-scale research project, we ask customers to warn us in advance so we can scale-up capacity as necessary. But errors, such as bad scripts, can overload the system without warning.

Nfield does automatically expand its capability as necessary, but this isn’t instantaneous. In the period before scaling up takes place, online interviewing performance and Nfield manager responsiveness slow down. Respondents can get frustrated and the market research team’s job becomes more difficult, as everyone suffers the consequences of having “noisy neighbors”.

Proactive protection and appropriate scale-up

Thanks to new technology, we have succeeded in developing an architecture whereby each individual survey is run in isolation (survey-level isolation), utilizing its own resources and with the ability to expand these without affecting other surveys.

When an isolated survey reaches its pre-set Nfield threshold, its resources will automatically scale up, without other surveys in the same or different domains being impacted during the moments of heavy loading or scaling. In Nfield design, if a request faces timeout, there is a double fall-back mechanism to keep servicing the request. Initially falling back to the isolated resource, then to the shared resource.

Expanding in this way at survey level is also more economic than doing so at deployment level (as in the noisy neighbor scenario).

By keeping every survey accountable within its own realm, Isolated Interviewing

• eliminates noisy neighbor effect
• scales more economically

A record-breaking case

Isolated Interviewing doesn’t just provide protection from noisy neighbors. It also enables heavy users to scale up faster and cheaper than when in a shared environment. A shining example is a recent project in which 2.36 million requests were handled in a four-day period, peaking at 5,000 requests per minute. This also saw us smash right through the 100,000 successfully completed Nfield interviews in 24 hours barrier for the first time!

Despite this extremely heavy load, processing time remained reasonably fast, with 99% of requests processed within 549ms, and no other customers impacted. In addition to performance speed, the Isolated Interviewing feature provides a more stable, risk-free environment for everyone.

Global roll-out

All domains within our America deployment environment already have Isolated Interviewing enabled. However, Isolated Interviewing only comes into effect in newly-created surveys. Existing surveys remain on shared resources.

Over time, we’ll be carefully rolling Isolated Interviewing out to more domains in other deployment environments. And, of course, we’ll continue to invest in this feature to further increase its capabilities to accommodate our customers’ hunger for high-volume projects.

Recently NIPO introduced Survey performance for Nfield Online, as part of fieldwork monitoring. Survey performance metrics are very important to make sure that your survey is technically running fine. But perhaps even more crucial is that these metrics give insights in how your respondents are experiencing your surveys.

Nfield’s Voice Over feature is a very useful tool for both Online and CAPI surveys, which can be used to overcome visual impairments (Online), interviewer bias (CAPI) and local dialect differences (CAPI and Online).

By voicing survey questions and the various response options, Voice Over broadens the scope of people who can contribute to answering surveys.

In particular, it provides the following benefits:

• Enables respondents with reading difficulties, due to blindness, part-sightedness, dyslexia and other cognitive and learning disabilities, to participate. These people usually already have voice-over-text programs to assist them in using the internet. However, some of these programs are not compatible with Nfield Online surveys, so it is far better to have Voice Over functionality embedded in the survey itself.

• Reading out questionnaires in the appropriate local dialect. This is especially handy in countries where there are multiple dialects. CAPI interviewers can still perform their work, even when deployed in a region where they don’t speak the local dialect. Online respondents can play audio in their own dialect, even if the written language is in another.

• Ensures CAPI interviewers don’t (consciously or subconsciously) influence responses through the way they read out questions and answer options.

Enhanced functionality

Nfield has recently enhanced its Voice Over functionality by making it possible to play audio for questions and answers separately. So users can repeat-play specific answers for clarification, without having to listen to the entire question with all its answers over again.

How Voice Over works

Go to the page produced by our NfieldChicago team for a simple demonstration of Voice Over in action and instructions for implementation. You’ll also find this in the NIPO Academy video #19.

Setting up Voice Over isn’t difficult. It simply needs some patience for the time taken to link each separate audio file with each part of the question.

Implementation tips

• To save time making audio clips, use a downloadable mp3 text-to-speech conversion tool.
• Use the same gender voice for different languages within the same survey to avoid responses being influenced by gender bias.
• Ensure audio clip file sizes are as small as possible, with a 128 kbps bitrate, for fast loading speed.

If there’s anything else you’d like to know about using Nfield’s Voice Over feature, don’t hesitate to contact us!

Having achieved gold status for the Application Integration competency for the Microsoft Partner Network at the end of last year, we are proud to share the news of NIPO’s success in achieving an additional Silver status for the much desired Security competency.

The competencies Microsoft awards are a strong confirmation that these partners have demonstrated the highest, most consistent capability and commitment to the adoption and implementation of the latest Microsoft technology. Securing a competency is highly dependent on successful certification of technical staff, which implies a deep and continuous investment from both the organization and the individual software developers.

Our Nfield users can benefit directly from NIPOs status within the Microsoft Partner Network. Next to our annual ISO 27001-2013 (Information Security) certification, this is another proof of leading external recognition for the NIPO team and our Nfield platform. This information can be used in client pitches for those projects where Nfield, as Kantar’s destination platform, is used and where the customer would like to understand how, for example, security is addressed.

Securing the Silver status for the Security competency was one of our goals for 2021. Now the NIPO team will continue her efforts to upgrade the Security competency to Gold status.

More and more customers have been asking for real-time insights while a survey is still in progress. And now, Nfield is able to deliver these via our new Data Repository feature, which provides a continuous data delivery pipeline straight into your dashboard.

The need for speed

Today’s fast-paced world calls for ever-faster reporting. Nfield Online’s powerful interviewing capability enables a tremendous amount of data to be collected in a short time-frame, without hardware or network limitations. For many customers, the ability to quickly capitalize on this data is also very important.

A good example could be in media production, where survey data can be used to inform outlets of current audience interests. Let’s say, skateboarding suddenly becomes a hot topic at the Olympic Games. The content producer can choose to use this information to switch focus and retain audience attention.

With the Nfield Data Repository feature, insights can be attained immediately, without expensive setup and dependency on IT teams.

Transition from traditional data processing to Continuous Data Pipeline

Transferring Nfield interview data into insights in customers’ own dashboards is a complex task. Traditionally, the ETL (extract, transform and load) process requires involvement from data processing and IT teams, either during initial setup or each time the process is run, which is a time-consuming overhead.

Now, with the Nfield Data Repository, data from completed interviews is extracted every 10 minutes and directly fed into an engine which converts it into a database format, from where your dashboard / reporting tool can instantly retrieve it.

Get started with scalable pricing

To make the fast, high-performance engine that keeps the data pipeline flowing affordable to all customers, we offer a scalable pricing system based on usage.

You’ll find the new “REPOSITORIES” section toggled within the Nfield Manager interface. To enable it, please contact your Nfield account manager.

When onboarding new Nfield Online customers we always organize an online introduction course to ensure a smooth start using Nfield. One of the NIPO trainers will go through the whole research process and will teach how to use the many features Nfield Online has, also taking into consideration the specific needs of the customer. We decided it would be a good idea that in this series of NIPO Academy sessions we will do such a session for a wider audience.

Nfield surpassed a significant milestone on 20 May 2021, smashing through the 100K completed interviews per 24 hours barrier. More importantly, the Nfield platform handled the 104,758 successful completes without showing the slightest level of stress.

The record completion rate was comprised of 86,949 Online surveys and 17,809 CAPI surveys. Of these, 49K were performed on the APAC server, an incredibly high figure which was driven by a single survey in Japan which produced 37,226 completes.

Assisted by isolation

This Japanese survey is, itself, significant for the fact that it ran as an isolated survey using dedicated Azure resources (containers). Using this solution means that the load it generated did not have any impact on other domains and/or surveys. The ability to run isolated interviewing is facilitated via Nfield’s Function app, which has been made possible following intensive collaboration between our team and Microsoft architects. The Function app itself was hit more than 2 million times in 24 hours in relation to this Japanese survey.

But not an isolated event

Having confirmed Nfield’s ability to comfortably handle this level of traffic, we are looking forward to it becoming a daily norm. It’s good to know that isolation can be a very positive thing! 😊

App-in-the-Middle is a feature developed for Nfield, in which control of a survey is temporarily handed over to an external application, so that functionalities not offered within Nfield can be incorporated into survey execution. This is useful, for example, if you want to make use of a Sawtooth module for implementing a complex conjoint.

How it works

All you have to do is instruct your Nfield survey when to switch to the external app, and instruct the external app when to switch back to your survey. Making sure, of course, that all the relevant data is handed over during both switching processes.

Within Nfield, this is handled in the sense of pausing and resuming interviews. We’ve accommodated the App-in-the-Middle feature by making it possible to resume paused interviews from an “as is” status, in addition to the usual “as was” status.

“as was” vs “as is”

Under normal circumstances which don’t involve App-in-the-Middle, a paused Nfield Online or CAWI interview simply returns to its last-known state upon resuming, with all variables and routing restored to the point they were at when paused. This is known as resuming from the “as was”.

Incorporating App-in-the-Middle requires Nfield to accept changes made during the external app’s time in control and resume from this updated situation. This means resuming from the “as is” instead of the “as was”. We’ve introduced this option into Nfield, so you can now incorporate extra functionality via App-in-the-Middle whenever you need to.

How to implement App-in-the-Middle in your surveys

This short video shows the basic principles without going into too much detail.

Switching control between Nfield and an external app

Control over conducting the interview is handed over from Nfield to the external app by using the ODIN command: *ENDST 107. This pauses the interview in Nfield and redirects to the relocation link defined for response code 107. The external app hands back to Nfield by redirecting to the survey URL with its corresponding respondent key and other information.

For the interview to continue in Nfield, some special script constructs must be used to prevent the interview executing *ENDST 107 again. This is done by using either the *INIT block or information that is handed over from the external app. You can find out more about using *INIT blocks in our Academy session video on pausing and resuming surveys.

Handing information over to an external app

The relevant information can be handed over to an external app by adding it as query string parameters to the exit link configured for the HandedOver response code (107).

For example:
https://aitm.com?respondent={respondentKey}&extra={extraInfo}

This shows the names of ODIN variables between the {}. The variable names are replaced by the variable values before redirection to the external app’s URL.

Handing information back to the Nfield survey

The external app hands back to Nfield by redirecting to the survey URL. The survey URL must contain the respondentKey. Extra information can be added as query string parameters. The interview will then be resumed (from “as is”) with the ODIN variables having the values now shown in the query string parameters.

For example:
https://{startlink}/{respondentKey}?aitmResult=199

This will resume the interview and if an ODIN variable with the name aitmResult is defined it will get the value 199.

Here to help!

Let us know if you want to integrate a specific app via App-in-the-Middle into your surveys. We’ll be happy to help you set up your project.

Recently NIPO launched a new DA course. This course concentrates on the responsibilities of the DA and the tools NIPO has built to help you meet these responsibilities. We would like to use this series of NIPO academy sessions to introduce this course. We will concentrate especially on the new features for survey groups and domain access that we have introduced over the last months.

The market research industry’s three main channels – Online, CATI and CAPI – each have distinct advantages in different situations. Online is fast, cheap and far-reaching. But better quality responses can sometimes be assured via CATI and CAPI channels, which can be backed up with visual, audio and GPS location evidence.

Circumstantial, cultural, demographic and geographic factors also come into play when it comes to which channel is most effective for delivering response. But these can vary within an individual survey and even within an individual sample.

To offer a comprehensive service that keeps all the options open, market research companies ideally need the ability to deploy all three channels, switching between them as necessary in a mixed-mode project.

Benefits Of multi-mode flexibility

While a particular survey type is often a preferred choice for a specific market research project, there are often circumstances when the ability to switch modes is beneficial.

• CAPI and CATI surveys are sometimes preferential when quality control via a human interviewer is important. But if a target group cannot be reached face-to-face or by phone, then an Online sample can be used to fill in the gaps.
• CAPI interviewers sometimes encounter respondents for whom on-the-spot participation isn’t convenient, but are happy to take the survey online at a time of their choosing.
• Some respondents are not comfortable with completing Online surveys and prefer to provide answers over the phone.
• India, with 370 million internet users, is the second largest online market after China. Yet this figure only represents 30% of the population. So while Online can be a great channel here, it’s not enough on its own.
• Online is the predominant channel in Europe and North America, there’s a preference for face-to-face in Asia and Africa.

Incompatible systems limit market research capability

Because Online, CAPI and CATI channels are driven by different technical systems, switching between them is often not as simple as it needs to be. Making a survey available by all three systems typically requires duplication of set-up work and additional effort to consolidate the results. For some market research companies, this is a burden to far. For the sake of efficiency, they dedicate themselves to a single channel. Thereby cutting off the many opportunities which come with multi-channel capability.

Nfield consolidates Online (CAWI), CATI And CAPI to boost productivity and open up possibilities

Here at NIPO, we are all about empowering market research companies to perform better. So we decided to get a grip on the situation by developing Online, CATI and CAPI systems which are fully compatible with each other.

Using our Nfield Online, CATI and CAPI survey solutions, you only have to set up a survey once for it to automatically translate across all three channels. Each respondent’s answers can be accepted via any channel and results are automatically consolidated.

New to Nfield?

If you’re currently burdened with incompatible systems for multi-mode surveys, switching to Nfield will noticeably boost your productivity.

And if you’ve been limiting yourself to just one or two channels, Nfield provides an easy way to explore the opportunities multi-mode survey capability could bring to your business.

What’s more, because Nfield survey solutions are specifically designed to meet the needs of market research professionals, they’re sully equipped with everything from stunning survey design and advanced scripting options to elaborate sampling, quota handling and much more.

Want to find out more?

Feel free to contact us to discuss your requirements and ask anything you need to know about Nfield Online, CAPI and CATI.

Nfield Online comes with the built-in capability to pause the interview and resume the interviewer at the precise location where the interview was previously suspended. We have recently added more control options to Nfield that determine how the interview is (differently) resumed in various situations. In this series of NIPO Academy sessions we will walk you through the options of this new feature.

Our article Your Nfield login’s value on the dark web explains why access to your Nfield account is such a tempting prize for hackers. The good news is you can make it almost impossible for them to get in by deploying two-factor authentication. Adding this extra security layer to your username and password login makes your Nfield account more than 99.9% less likely to be compromised, according to research by Alex Weinert, Group Program Manager for Identity Security and Protection at Microsoft¹.

This article explains the concept of two-factor authentication (2FA) and its benefits, as well as giving instructions for setting it up and rolling it out in your organization.

¹ https://techcommunity.microsoft.com/t5/azure-active-directory-identity/your-pa-word-doesn-t-matter/ba-p/731984

How two-factor authentication (2FA) works

You’re probably already familiar with using two-factor authentication to access things such as bank, social media (Facebook, LinkedIn, Instagram) and email accounts. 2FA adds to the first factor – your email address/username and password combination – by asking for a code which can only be obtained via a physical object you have in your possession. This might be a key-like token, an office access card or an SMS message received on your mobile phone. Very highly secured systems may even require a third factor, such as a fingerprint or iris scan.

Nfield accounts secured with two-factor authentication require users to enter a code (a token) generated by a standard authenticator app on a mobile phone. This has the effect of complementing something you know (your username and password) with a code obtained through something you have (your phone). It effectively blocks any hackers who have obtained your username and password from getting into your Nfield account, as they would not be able to retrieve the second factor code from the phone. Your valuable Nfield fieldwork and respondent data is thereby protected from prying eyes.

Data security compliance

Different companies have different policies for protecting different types of data. Even if your organization doesn’t require two-factor authentication, your client’s organization might. Having it set up on your Nfield account means you’ll be compliant with every policy or project requirement.

Two-factor authentication in relation to GDPR, ISO 27001 and ISO 27002

• The General Data Protection Regulation (GDPR) states appropriate data security as being a mandatory requirement. However, it is up to individual organizations to determine how they should achieve this. As an example, the Dutch Data Protection Authority (Dutch DPA) is responsible for a hospital patient portal in which medical data is stored. GDPR² considers this as sensitive personal data. The Dutch DPA has opted to deploy two-factor authentication to satisfy the requirement for appropriate data security.
• ISO 27001 only states that access control should require secret information, such as a password, as a means of authentication³. However, ISO 27002 advises a tighter level of control and recommends using two-factor authentication for a number of scenarios. These scenarios include Nfield, as it falls within the categories A.9.4.2 (secure log-on procedures) and A9.4.4 (use of privileged utility program).

With compliance and IT policies regularly being updated to fend off new security threats, it’s probably only a matter of time before two-factor authentication becomes a standard requirement.

² https://www.zivver.com/blog/which-type-of-2fa-do-i-need-to-use-under-the-gdpr
³ https://advisera.com/27001academy/blog/2017/01/16/how-two-factor-authentication-enables-compliance-with-iso-27001-access-controls/

Enabling two-factor authentication in Nfield

Enabling this feature across an Nfield domain can only be done by domain administrators or local domain managers. The instruction to enable is located in the password policy page in the domain settings.

After enabling two-factor authentication, follow the on-screen instructions for setting up two-factor configuration. You’ll need to start by selecting and setting up an authenticator app, such as Microsoft Authenticator, Google Authenticator or others. Next, use the app to scan the QR code provided by Nfield. Once all is correctly configured, the app will provide a code which needs to be entered into Nfield to complete the two-factor authentication. It is as simple as that! Every time you log in to Nfield, you go through the same process, getting a new code each time.

Two-factor authentication will become effective across your Nfield domain within 30 minutes of being enabled. Any logged-in users will get the same prompt asked them to complete their configuration setup. Other users will get this prompt when they try to log in. Using public API (https://www.nipo.com/api-what-researchers-need-to-know) is excepted from using two-factor authentication.

Timing your 2FA roll-out

To minimize disruption to your team, please plan this carefully. We recommend you consider the following:

• read and share this article.
• communicate with your team about why 2FA is necessary and what to expect.
• best practice is to use the authenticator via a phone, not via a PC. The second factor is far more secure when coming from a different source. A two-factor authenticator installed on a PC browser is vulnerable to hackers, as they can get hold of it when hacking into your PC.
• find a good time to enable your 2FA. Doing this at the start or end of the day may be best, so setting up the two-factor configuration doesn’t disrupt other tasks. Also, try to avoid days on which your users are likely to be especially busy. It’s a very good idea to plan it for during our Amsterdam helpdesk office hour 9 AM – 6 PM (GMT+1), so we can help you out of necessary. If necessary, our team can also disable the two-factor authentication on your domain.
• Enabling 2FA in Nfield won’t apply it to Single-Sign-On login. You should consult your IT department about adding 2FA to Single-Sign-On accounts.
• Set the password of the system default login “DA” to very strong and keep it in a secured place.

Whether or not you feel you need it right now, we highly recommend enabling two-factor authentication for your Nfield domain, to enjoy better security protection and gain more benefits from Nfield. If you have any questions, please contact our helpdesk. And, of course, we’re always curious to get your feedback via your account manager.

Invisible to standard internet browsers and search engines, the Dark Web is a place where users anonymously access content which is either illegal or related to illegal activities. This includes the lucrative marketplace for stolen login details, which are bought by criminals who are able to monetize the data and permissions they unlock. Among these, your Nfield login is a desirable prize, as it opens the door to a large pool of personal information.

How desirable? This can be worked out by taking a look at trading prices for the items your Nfield data helps unlock.

Dark Web Price Index

The illustration below shows the process a hacker would go through to harvest your survey participants’ login details from Nfield and make them saleable. If we work backwards from the end prize, we get an idea of the financial temptation.

According to Dark Web Price Index 2020, a stolen Gmail login (email address/username + password) sells for $155.73. A hacker who obtains your Nfield Manager login name and password gains access to all the sample information in all your surveys. That’s likely to include a high percentage of valid Gmail addresses. To make these saleable on the dark web, all the hacker now has to do is get the corresponding passwords.

Stealing passwords

Hackers commonly obtain passwords via phishing emails and database matching. Both of which are automated processes that easily deliver the goods.

Phishing Emails

Because login to Google accounts is protected by limitation on incorrect password attempts, there’s no point in trying to obtain passwords by endless guessing. Phishing, whereby a hacker approaches you via fake emails pretending to be from a trusted source and asks you to sign in to a related account – thereby revealing your password – is a far more successful method.

Every successful attempt can reap multiple payouts for the hacker. According to LastPass, 65% of people re-use passwords. A lucky hacker could net themselves an additional $74.50 if the same login details give access to a Facebook account and $50 each for Twitter and Instagram accounts¹.

¹ Dark Web Price Index 2020

Database matching

Another popular commodity traded on the dark web is credit card details, which sell for between $12 and $20 each.

Credit card details are composed of two parts. The first part is the info displayed on the card itself – credit card number, expiry date, CVV number (on the back) and holder name. These are plentifully available in a nicely formatted database, obtained through skimming devices planted in ATM machines, train ticket machines and are even sold by unscrupulous retailers who’ve been paid via card swipe machines.

The second part is the card owner zip code (derived from address), city, address, email and phone. Details which are commonly held in survey sample data! Armed with this information, a hacker can easily run a database matching tool between a purchased credit card database and your sample data to obtain complete sets of credit card details, ready to sell.

If you think this seems a lot of work for relatively modest returns, think again. Phishing and database matching are automated processes which take no more effort than a few clicks. Easy money.

How your Nfield account could get hacked

Hackers have all the tools they need to crack your password, take over your browser session and use malware to get hold of your Nfield login.

Cracking passwords using software is a basic skill in the hacking world. It’s simply a matter of time. Did you know 90% of passwords can be cracked in less than six hours².

Using shared computers in public spaces, such as cafés, airport lounges or even client meeting rooms, can lay out the welcome mat for hackers. You never know who’s hanging around waiting to inspect your activity in the event of you rushing off without logging out, or through having installed password capture software.

At the time of writing, a great many of us are working from home due to the COVID-19 pandemic. In this situation, the companies we work for usually have very limited control over the equipment we’re using for both work and recreation. It’s a vulnerability that makes it easier to implant malware that records your key strokes and can hack into your Nfield account.

² https://www.servalsystems.co.uk/6-facts-about-passwords-that-will-make-you-think/

Protect your gold mine

Although the sales values for individual login details and credit cards aren’t particularly high, they easily add up. How much do you think all the sample data held in your Nfield account is potentially worth to a criminal? Selling just one Gmail login per day would net a hacker over $56,000 a year. That’s too tempting to ignore. Which is why Nfield is now equipped with two-factor authentication, to keep hackers out of your account, even if they have cracked your password.

Learn how to implement two-factor authentication in Nfield.