Case
Study
Backbase · UX Designer
2019-2021
Login and authentication: Developing an insight-driven design approach
Overview
My role…
Operating as the sole designer within the product squad, I advocated for an insight-driven process to steer the design of a device-registration journey.
The need for insights
Understanding a new channel…
As this was the value stream’s first foray into app functionality, I advocated for an insight-driven process to validate assumptions. By prioritising evidence over speed-to-market, this would ensure we delivered a high-value product rather than just a fast one.
Research execution…
In the absence of a dedicated user researcher, I took ownership of the end-to-end research process. Using the available UserTesting suite, I designed and executed a series of discovery and usability studies to uncover key insights.
What insights were uncovered?
User discussions…
In these discussions, users shared their previous experiences with device-registration flow and preferred security preferences before I usability testing a high-fidelity prototype that mirrored existing SDK interaction logic.
Finding #1
Biometrics are not universally trusted by users, who often prefer the perceived control of PIN-based authentication.
Finding #2
The SDK logic did not align with users’ expectations. The linear approach was too rigid and reliant on capturing a biometric.
Finding #3
Users feel more secure and engage with biometric setup if the benefits are clearly communicated to them.
The value of these insights…
Exposing the negative impact of the SDK logic on user confidence proved to be a powerful catalyst for my product and engineering stakeholders. It shifted the conversation from technical constraints to a collaborative dialogue on solving critical experience challenges.
Challenge.1
Softening the system’s interaction logic
Identified issue…
The flow’s linear approach forced users to reject the FaceID biometric prompt twice before offering a fallback. Only then could they set up a PIN—which was mandatory regardless. This overly rigid, "logic-led" process created significant, unnecessary friction for the user and became a primary focus to resolve.
Potential solutions…
To eliminate this friction, two options were presented for technical refinement that both focused on making the FaceID capture an optional action.
Option A: Passcode First - Present the mandatory passcode capture as the primary step, followed by the optional FaceID challenge.
Option B: FaceID First - Present the optional FaceID challenge first, preceding the mandatory passcode capture.
These options both relied on the in-app experience resurfacing the FaceID prompt at a later point, particularly in high-risk scenarios or when it significantly enhances the user's perception of security.
Validating the approaches…
Testing of lean prototypes confirmed that a majority of users were reluctant to set up Face ID when the UI lacked clear context or explanation of the benefits. Therefore, providing a 'skip' option for biometric setup would prove beneficial to the user during this first contact with the journey.
Decision(s)…
It was agreed and technically signed-off for users to skip the initial Face ID challenge and instead fall back to creating a passcode.
Re-surfacing the Face ID challenge within the app experience would be handled when requested on individual customer projects. This temporary approach will be used until the future, roadmapped 'User Profile' feature is added to the roadmap.
Challenge.2
Creating opportunities to guide the user
Identified issue…
User’s were less likely to ‘skip’ a biometric capture action if they had context as to why it was important to their experience.
Solutioning…
While it required additional front-end development, prototype-testing proved that a dedicated 'interstitial' screen performed significantly better than an automatic OS prompt. By 'pausing' the experience, we gave users the necessary friction to digest the importance of the biometric request, resulting in higher confidence and success rates.
Decision…
The development investment in these screens was granted and built in to the project plan. My key design task was to figure out how these screens could be reusable components for this journey and others that were to follow.
Challenge.3
A need for new components
Identified issue…
As the login screen had not yet been built for the mobile app, I managed its inclusion into the project scope. While existing button components offered a functional 'quick-fix,' I recognised they failed to convey the brand personality required for a high-trust banking environment.
Outcome…
Aligning with the global brand team, I introduced a specialised button pattern for the login and authentication journeys. I ensured these components were recognised by the design system while remaining distinct enough to support the high-level customisation banks required to express their brand identity.
Delivering the product
Squad support…
Given the technical complexity of the authentication product, design handovers inevitably contained minor, unaddressed edge cases. Fortunately, these were typically non-critical issues, and the rigorous QA testing process successfully identified and contained them without impacting the core design integrity.
QA collaboration…
Upon shifting my focus to app design, I collaborated closely with the QA team to understand typical failure points and test scenarios. This knowledge enabled me to proactively design for known pitfalls, ensuring my final deliverables were more robust and less likely to incur similar issues in the future.
What value was delivered and what came next?
Results and impact…
Over time the product became a foundational platform offering, but on launch it delivered the following value:
Full project adoption:
It replaced all existing custom-coded instances across relevant projectsTime-to-Market Acceleration:
Reduced time-to-market costs by 80%Revenue Impact:
Secured over $20 million in Annual Recurring Revenue (ARR)
What came next…
Long before the functionality made it to market, my focus turned to some of the following roadmapped items:
Biometric and identity self-serve:
User Profile management functionality, encompassing configuration of biometric preferences and updating of personal contact information.
In-app experiences:
Transaction-signing experiences to secure high-risk actions
Learnings I took away from the project
Framing design as a key stakeholder…
By advocating for a shift toward evidence-based design and securing leadership buy-in to fund dedicated user research activities, this not only validated our product direction but established design as a core strategic partner in the decision-making process.
App-first design…
As my first app-design project, this allowed me to deepen my technical understanding of key authentication flows for mobile and helped me build a comprehensive knowledge of both Apple’s Human Interface Guidelines (HIG) and Google’s Material Design patterns.
Team growth…
To maintain design velocity across both the mobile and web channels, investment in the expansion of the design team was funded. Beyond my involvement in the hiring process, I acted as a mentor to the new hire, accelerating their technical proficiency in authentication logic and ensuring design consistency across platforms.