For frequent fliers, having the ability to change or cancel a reservation is very important. Southwest has a fairly friendly cancellation policy where at the very worst you will be able to hang on to credit for a purchased flight and reuse it on a future flight. There’s a section on their site where a user can check how much credit a specific confirmation number has.

This flow is not designed for the most seamless user experience and can definitely be improved. To begin, three pieces of information are required of the user:
1. Flier’s name
2. Flier’s previous flight confirmation number
3. Entry of a captcha code

When I tried to go through this flow, I could not get past step #3 no matter how many times I tried. In fact, from the message below, I’m not even 100% sure if this is the reason why I cannot proceed, but I’m 100% certain my name and confirmation number are correct.

Thinking more about the captcha code, I realized how unnecessary it can be. The purpose of requiring users to enter a code is to protect against fraudulent users who attempt to obtain airline credits by doing a brute force program to guess millions of confirmation numbers.

The enhancement I propose can easily guard against fraudsters while not ruining the user experience for the 99.9% rest of the users who are not fraudsters. Since Southwest.com has an account system where users can sign in, the site can relax the captcha restriction and require that the user enter a captcha code only after 5 failed attempts of their name/confirmation number pair. The idea is that since Southwest knows which user has logged in, they can do a rate-limiting solution instead of a one size fits all solution.

Good users wont be slowed down. Bad users will be stopped.