Users have ben reluctant to adopt and use two-step verification because it involves a step beyond ID / password which is seen as a burden. However, as a top financial organization we still need to think about cybersecurity at the top of the list.
Client Research
Schwab Clients
Post-verification rollout (legacy screens), there was a spike in the number of service calls. We needed to uncover past trigger points that would allow us to better prepare and hopefully avoid similar issues in the future. I worked with our researcher to listen in on 3-4 hours of recorded calls during that timeframe (2018). While listening to the calls, we identified many different factors, including age, purpose of call, and their understanding of the login process.
Call Volume Review
Goal: Understand call spike
Successful Login but Not All Easy – All participants were able to login successfully, however not all thought logging in was easy. 80% thought the login process was easy or very easy while 20% thought logging in was difficult.
Frustration and Lack of Clarity – In this test, we asked about frustration and clarity unlike in the past. Lack of clarity came up in several comments about not understanding what an access code was. One participant stood out as finding the process unclear and frustrating.
Takeaway: Consider ways to set expectations of clients by providing education to clients and make it clear what each would entail.
Key Takeaways
Call spike reviews
Competitive Analysis
Goal: Compare and contrast top competitors
I created a spreadsheet and documented the strengths and weaknesses from our top competitors. In addition, I reviewed competitors that had interesting design layouts, components and various options presented for two-step verification. I found that the majority of these sites used radio buttons as the primary component for selecting a method to send a security code.
Language was also an interesting factor, each site had their own unique copy for addressing user ID verification and next steps. (i.e. "Let's Make Sure It's You)
Sketch | Wireframes | Siteflow | Final Visual Design
Sketch
Goal: Sketch & Ideate
After observing the current experience, I began sketching ideas to emphasize options that are selectable and easy to understand. I also tapped into some of our new components from our design systems library to explore with, including tappable cards.
Design Systems
Schwab 'Everest' Patterns
I used Schwab's Sketch UI Toolkit to access foundational patterns that are universal for all layouts and designs including, colors, typography, spacing and grid systems. These patterns were inspirational to my exploration of various components.
I felt that the icons for the two-step screen options could work to visually enhance and define each option at-a-glance. Since our Schwab design systems was in a state of transition, we were limited to using only our 2.0 system icons, with slight flexibility for enhancement.
I was able to find icons that would work for each method, outline them and added color that matched our branding. The intention was to keep it light, informative and well-balanced with each component.
Siteflow
Schwab 'Everest' Patterns
I needed to re-create the entire end-to-end experience from logging in to forced interventions to successfully landing into the account page. The siteflow has been reviewed and re-iterated based on feedback from our product owners and developers.
After a client logs in, can potentially receive a two-step verification challenge if they:
-Log into a new device
-Are outside of the country
-Have an unusual IP address
This is to provide an extra layer of security to our clients and advisors.
Prototype | User Testing | Content Strategy
We ran a few rounds of user testing to understand if participants easily and successfully login and understand the steps in the process. We also wanted to endure that the multi-step login process promotes feelings of account security.
Participants were directed to complete two tasks. In the first task, participants were directed to login with their desired two factor authentication method.
In the second task, participants were directed back to the two factor authentication screen. All participants were asked to describe expectations of each method.
Executive Summary
Key Takeaways
Straightforward and Clear Login – All participants (6/7 strongly) felt the login process was clear and easy and were able to login successfully. All participants (6/7 strongly) felt confident about the process and believed it could be learned quickly.
Hardly Cumbersome Process – Most participants (4/7 strongly) disagreed with the statement that the login process was cumbersome.
Texting Preferred – All participants preferred texting as their default two factor authentication methodology due to security, ease, and quickness. While many thought calling a Charles Schwab representative was the hardest, no unanimous conclusion was made on the hardest methodology.
Minimal App Understanding – All participants were either unsure of the process involving the app or interpreted it as a different process entirely such as being asked personal questions to verify identity.
Opportunities | Content flow | Clearer descriptions
Opportunities
How might we...
Based in the user feedback and key takeaways, we were able to identify opportunites to improve my design and flow. I worked closely with our Content strategist to explore areas where we can provide descriptive and personalized experience for our users. Areas identified below.
