Light Mode

Designing the vision for customer authentication at Nationwide

Introducing two-factor authentication for the UK's largest building society.

Screenshot of the Nationwide login web page and secure message in the mobile app

Role: Lead UX Designer & Researcher | Team: Myself, 2 UX Designers, 1 UI Designer, 1 Content Designer, 2 x Business Analysts, 1 Product Owner, Development team

Key outcomes

Explored and defined authentication methods that balanced risk, security, user experience and technical feasibility.
Engaged and challenged stakeholders through research and workshops to drive user-centred decision making.
–Created a modular design framework for authentication that provided a clear roadmap for delivery.

Summary

Setting the direction for Nationwide customers authenticate. The aim was to create a seamless, secure and consistent experience when people accessing their accounts to confirming online purchases.

Problem statement

The introduction of the government’s Strong Customer Authentication regulations required Nationwide to review and update how customers accessed their accounts.

Our goal was to define a vision for authentication at Nationwide that balanced enhanced security with customer convenience.

Project Objectives

Create a seamless and consistent experience to authenticate across channels
Ensure we are compliant to new PSD2 ‘Strong Customer Authentication’ regulations
Reduction in fraudulent activities
Increase app registration and usage

My Process

Stakeholder interviews and competitor review

We started by conducting one-to-one sessions with key stakeholders to deepen our understanding of the work that had already been done to date and ensure we had a better grasp of the PSD2 government regulations.

Alongside this, we reviewed existing research that had been conducted and looked at how others had approached providing 2-factor authentication that managed to strike a good balance between convenience and security.

A model of research findings including quotes, questions and hypothesis

Design principles

We distilled this initial research into a set of Design Principles that we would use to help guide our thinking and make design decisions as we moved through the project.

As we were considering how authentication could work in a number of different scenarios - the principles were important to ensure cohesion and consistency in the final solutions we ended up creating..

Summary of the design principles we created to guide us when moving into designing concepts

User journey mapping workshops

The aim of the workshops was to discuss and define an approach for the different authentication moments, as a group.

In the workshop, we considered the optimum journeys from a users perspective but also aimed to identify and highlight any questions, risks and issues which we would go on to answer/resolve as we moved through the project.

Images of the user journey workshops with various stakeholders across the business

Wireflows

We took the output from the workshops and started to refine them with some high-level whiteboard sketches, as a team. This was a really useful exercise to work through some questions or concerns raised from the workshop and create consensus.

Reusability was key when developing these wireflows and we were able to define patterns that could work in a number of different scenarios.

Image of people testing wireframes of the Pet Health Club website

Concept designs and user testing

We ran 3 rounds of user testing, focused on understanding how people found the changes we were planning on introducing to their when authenticating with their bank or making payments online.

Some insights from the testing included:

Using the app to authorise login / online payments was seen as quite a novel concept by but after trying it once found the process quite simple and straightforward
There were simply too many different numbers for the customer to remember which caused confusion
Some found the process of having to change channels to authenticate as “confusing” “strange” and “frustrating”

Image people observing user research sessions testing concept designs

What I learnt and enjoyed

Conducting stakeholder interviews at the start of the project helped to understand different team’s priorities and meant I was able to tackle them head-on in later workshops and user research.
It was important to get buy-in from a variety of different departments (particularly security and risk) if the project was to succeed. Involving them in workshops and user research helped them feel invested in the solutions we created and understood why changes were needed as they were exposed to user feedback, first hand.
Interactive prototypes were a great way for senior stakeholders to properly visualise proposed solutions, whilst also being used to get feedback from users.

← Back to portfolio