Overview
Problem
Create a secure and seamless authentication experience
Keep my account information safe and easy to access.
Keep us compliant with federal regulations with minimal to no effect on login efficacy.
Account management built using a vendor’s template
The product team had signed a contract with the vendor without involving the design and engineering teams. As we dug deeper, we discovered a few limitations that severely impacted the experience.
Ideation
Map vendor’s process and address key limitations
Competitive analysis
Manage authentication in account settings post-login
Many other financial services only allow users to manage authentication methods in their account settings. This significantly simplifies the experience when a client is asked to authenticate at login.
Solution
Proof of concept, iterate, then roll out publicly
We set up tight, controlled feedback loops with internal teammates allowing us to quickly identify problems and improve iteratively.
Launching first in a closed environment allowed us to identify and address legal and security risks based on user behavior before rolling out to external clients.
Enrollment
Authentication
Results
>2 million accounts enrolled, high authentication success
of active accounts enrolled within 4 months of public launch
of clients successfully authenticate in one session
accounts successfully enrolled in secondary authentication
Improvements
API-driven authentication experience
The flaws inherent in the vendor's template led us to build a duplicate custom authentication experience in account settings. If we had realized these flaws before signing a contract, we could have built a first-class experience and ensured security and compliance via calls to the vendor's APIs.