• Home
  • About
  • Work
    • View All Projects
    • 3M | Web Redesign
    • Spok | Authentication App
    • Spok | Design Toolkit
  • LinkedIn
  • Contact Me
  • Home
  • About
  • Work
    • View All Projects
    • 3M | Web Redesign
    • Spok | Authentication App
    • Spok | Design Toolkit
  • LinkedIn
  • Contact Me

UX CASE STUDY: MULTI-FACTOR AUTHENTICATION

Objective

As part of the business request, I was tasked with devising a comprehensive solution to implement a multi-factor authentication system seamlessly integrated into the Spok Go app.

Multi-Factor Authentication (MFA) is a robust security process designed to enhance account protection by requiring two distinct authentication methods for accessing a specific service. Widely recognized as a standard security feature across online services, MFA plays a pivotal role in safeguarding user accounts. My preliminary investigation identified three primary authentication methods:


1. Username and Password:

  • The traditional combination of a unique username and a confidential password, ensuring the initial layer of account security.


2. Secure Code:

  • Involves the generation or receipt of a secure, one-time-use code, adding an additional layer of verification beyond the conventional login credentials.


3. Secure Key:

  • Utilizes a secure key, often in the form of a hardware token or digital key, providing an extra level of authentication that goes beyond standard username and password practices.


Implementing MFA with these diverse authentication methods enhances the overall security posture, offering users a comprehensive and adaptable defense against unauthorized access to their accounts.

Design Inclusions & Considerations

The proposed Multi-factor Authentication solution for both web and mobile platforms encompasses the following key functionalities:


1. Native Account Configuration: 

  • Enable native accounts to sign in using multi-factor authentication, with configuration options based on security roles.


2. MFA Token Management: 

  • Facilitate the enrollment of an MFA token into a native account.
  • Provide a straightforward process for resetting an MFA token associated with a native account.


3. Web Application Integration:

  •    Enable users to sign into the application via the web using a unique 6-digit code as part of the multifactor authentication process.


4. Hardware Token Support:

  • Integrate a mechanism allowing users to sign into the application using a hardware token, enhancing security measures via the web application.


This multi-factor authentication system aims to enhance security measures while ensuring a user-friendly experience, supporting various authentication methods and accommodating the diverse needs of our users.

"To avoid my account from being taken over by a malicious third party, as a user, I need multifactor authentication" 

UX Challenges

Building a Multi-Factor Authentication (MFA) app presents several UX (User Experience) challenges that must be carefully addressed to ensure a seamless and secure interaction for users. Here are some of the key challenges:


1. Balancing Security and Usability:

  • Striking the right balance between robust security measures and a user-friendly experience is crucial. Adding extra layers of authentication should enhance security without causing frustration or inconvenience for users.


2. Onboarding and User Education:

  • Educating users about the importance of MFA and guiding them through the initial setup can be challenging. Clear and concise onboarding processes with informative tooltips or tutorials are essential to help users understand the added security benefits.


3. Choosing and Implementing Authentication Methods:

  • Selecting appropriate and user-friendly authentication methods is critical. Some users may prefer biometrics, while others may favor one-time codes. Implementing a variety of methods and allowing users to choose their preferred option can be challenging but is essential for broad user acceptance.


4. Device Compatibility:

  • Ensuring compatibility across various devices and platforms is crucial for a consistent user experience. MFA apps should work seamlessly on smartphones, tablets, and computers, considering different operating systems and screen sizes.


5. Error Handling and Recovery:

  • Users may encounter issues during the authentication process, such as entering incorrect codes or losing access to their primary authentication method. The app should provide clear error messages and simple recovery processes to guide users in resolving issues swiftly.


6. Session Management:

  • Handling sessions effectively, especially in scenarios where users need to re-authenticate, is essential. Users should not be forced to re-enter authentication multiple times during a single session unless absolutely necessary, striking a balance between security and convenience.


7. Accessibility Considerations:

  • Ensuring that the MFA app is accessible to users with disabilities is crucial for an inclusive user experience. Features like screen readers, voice commands, and adaptable font sizes should be taken into account.


8. User Trust and Communication:

  • Building trust in the security of the MFA app is vital. Clearly communicating the purpose and benefits of MFA, as well as keeping users informed about any security-related activities or changes, helps in maintaining user confidence.


9. Regulatory Compliance:

  • Adhering to privacy and data protection regulations, especially when dealing with sensitive user information, is crucial. Compliance measures should be integrated seamlessly into the app's UX without hindering the user experience.


Addressing these challenges requires a holistic approach that considers both security and usability, ensuring that the MFA app is effective in protecting user accounts while providing a positive and intuitive user experience.

Below is a custom application flow and document I was tasked to create.

Wire Flows - Mobile

Wire Flows - Web

legacy design

STEP 1: User enters organization ID and clicks "next"


Note: 

*For first time users only.

*The cookies will capture this information on the backend, users will not have to repeat this step for future sign-in.

*If user clicks on "Find Your Organizaion" - Then an email will be sent to user with their organization ID

STEP 2: Organization Login Portal


Notes:
*Trouble signing in takes you to help/IT information

*Change Organization takes you back to first step to enter organization

*User should be able to bookmark this

*when user returns to spokcareconnect.com this is the screen they should see

*sso button labels provided by organization

STEP 3: User clicks "Use a Spok Go provided account" to get to native login


Note:
*If you SAML configuration - make this the default organization login and change "back" to "Change organization"

New & improved MFA Design

    Copyright © 2020 Harnam Chana Portfolio - All Rights Reserved.