The thumb twitches. It is , and the blue light of the smartphone is the only thing illuminating the living room. On the screen, a 46-year-old man-let’s call him a version of myself, or perhaps a more patient version of you-is staring at a spinning wheel.
He has already entered his email address. He has already created a password that requires one capital letter, one number, and a symbol that isn’t a hashtag because the database is apparently from . He has already navigated a third-party age verification portal that demanded a photograph of his driver’s license, which he had to go find in his coat pocket in the hallway, nearly tripping over the dog in the process.
He is now at the final stage. The “Pay Now” button has been pressed. Then comes the 3D Secure redirect. The bank wants a code. The SMS arrives late. He enters it. The wheel spins again.
The value of a sale lost to a “Digital Shrug”
The screen turns white. “Transaction declined for review.” No explanation. No phone number to call. The shop loses the sale; the bank logs a “safe outcome.”
The man puts his phone on the nightstand and goes to sleep, not with the product he wanted, but with a vague sense of having been accused of a crime he didn’t commit. The buyer loses an evening to a system that assumes everyone is a fraudster until proven otherwise.
For , I’ve been pronouncing the word “epitome” as “epi-tome” in my head, like it’s a very large book about bees. I only realized my mistake recently, and the embarrassment was physical. It felt like I had been walking around with my fly open for a decade.
Our e-commerce checkout infrastructure is currently in its “epi-tome” phase. We have built a series of layers that we tell ourselves are “secure” and “necessary,” but they are actually just a facade.
The Human Toll of Algorithmic Friction
Olaf G., a hospice volunteer coordinator I know, is the kind of person who radiates calm. He deals with the most profound human transitions for a week. He understands that friction is usually a sign of something needing attention.
When he tried to buy a simple lifestyle product last month, he hit the wall. Olaf isn’t a tech-native, but he’s competent. He spent trying to convince a series of algorithms that he was, in fact, a 56-year-old man with a valid UK bank account and no intention of laundering money via a single retail purchase.
The “Sedimentary Rock” of compliance: each layer is reasonable in isolation, but absurd in aggregate.
Each layer, viewed in isolation, is “reasonable.” Together, they are an absurdity. We have created a Suspect Economy. In this economy, the buyer is the only one who sees the whole picture, and the buyer is the only one who carries the weight of the friction.
The merchant just sees a “dropped cart” metric. The bank just sees a “prevented risk.” Nobody sees the human being sitting in the dark at feeling like a failure because they couldn’t figure out how to give a company their money.
The friction is particularly acute in lifestyle categories. Anything that requires age verification-alcohol, tobacco, or even certain supplements-is treated with a level of digital scrutiny that would make a border guard blush. If you want to Buy THC Vape UK, for example, you aren’t just entering a shop; you are entering a legal and technical labyrinth.
These retailers are caught between a rock and a hard place. They want to provide a premium, frictionless experience, but they are forced to use tools that were built for suspicion.
“I once spent trying to explain to a customer service bot that my transaction was declined because I was using a VPN. The bot kept telling me to ‘check my card details.’ I knew the card was fine. The bot knew the card was fine.”
– The User Experience Gap
But the system was programmed to lie. It’s easier to tell a customer they made a mistake than to admit the system is too paranoid to function. This is the great lie of modern checkout: that the friction is for your protection. Most of the time, the friction is for the bank’s protection. They aren’t protecting your money; they are protecting their liability.
In high-friction categories, barely over half of transactions succeed on the first attempt.
We’ve reached a point where the “standard” checkout flow has . If the AV provider’s API is slow, the sale dies. If the bank’s SMS gateway is congested, the sale dies. If the user’s phone has “Do Not Disturb” on and they don’t see the 3D Secure notification, the sale dies.
The Digital vs. Physical Paradox
Olaf G. eventually gave up. He went to a physical shop the next day, which took him of driving and parking, but at least the teenager behind the counter didn’t ask him for a biometric scan of his iris to buy a pack of specialty tea.
There is a deep irony in the fact that the digital world, promised as the ultimate convenience, has become more taxing than the physical world it was supposed to replace.
I find myself thinking about that word “misled” again. I used to think it was “mizzled.” To be mizzled is to be wander aimlessly in a light fog. That is exactly what the UK checkout feels like.
You are wandering through a fog of pop-ups, redirects, and “processing” circles. You aren’t being led; you are being managed. You are a unit of risk to be mitigated, not a customer to be served.
The merchants who are winning right now are the ones who realize that “compliance” doesn’t have to mean “cruelty.” They are the ones who have spent the last stripping back the unnecessary questions.
They are the ones who have integrated their age verification so seamlessly that it feels like a handshake rather than a frisking. They understand that if you treat an adult like a suspect, they will eventually stop trying to be a customer.
The Erosion of User Dignity
We talk a lot about “user experience,” but we rarely talk about “user dignity.” There is something inherently undignified about having to prove your existence three times to buy a £26 item. It suggests a society that has lost the ability to trust.
We have offloaded our social trust to algorithms, and algorithms don’t have a sense of proportion. An algorithm doesn’t know that Olaf G. is a pillar of his community. It only knows that his IP address looks slightly different than it did yesterday.
I remember a time-perhaps ago-when buying something online felt like magic. You clicked, you waited, and it arrived. Now, it feels like an audition. You have to perform “The Responsible Citizen” in three acts just to get a shipping confirmation.
And heaven help you if you try to buy something “controversial” or restricted. The digital gatekeepers will make you jump through hoops that don’t even have a purpose other than to prove you’re willing to jump.
Why do we accept this? Part of it is the “boiling frog” syndrome. Each new security measure was added slowly. We’ve been “mizzled” into thinking this is normal. It isn’t normal. It’s a collective failure of imagination.
The cost of this architecture is invisible but massive. It’s the lost revenue of the buyer. It’s the frustration of Olaf G. It’s the hundreds of millions of pounds that vanish into the “transaction declined” void because a bank’s risk engine had a hiccup.
But more than that, it’s the erosion of the relationship between the brand and the person. When the checkout is a battle, the product at the end of it feels less like a treat and more like a trophy.
A Choice for Realignment
I recently caught myself pronouncing “hyperbole” correctly in a meeting. No one noticed, but I felt a small surge of pride. It was a tiny correction, a small alignment with reality. We need that same alignment in our digital commerce.
We need to stop pretending that more friction equals more safety. We need to realize that the “epi-tome” of a good checkout isn’t one that catches every possible fraudster; it’s one that welcomes every possible human.
The next time you’re staring at that spinning wheel, or being asked to upload a photo of your utility bill to buy a vape pen, remember that this isn’t the way it has to be. This is a choice.
It’s a choice made by committees and compliance officers who have forgotten what it’s like to be a person at with a thumb and a dream. The architecture is broken, but it was built by us, which means it can be unbuilt.
Until then, we will keep twitching our thumbs, waiting for the SMS that may never come, living in a world where we are all suspects until the bank says otherwise. And if you’re like me, you’ll probably just go to bed, wondering when “safety” became so exhausting.
