Designing and implementing an OTP system across TELUS & Koodo brands that significantly reduced fraud attempts by 20%, and decreased call centre volume by 15%.
With the rise in login fraud and an increase in calls to the customer centre regarding login and authentication issues, there was a need to address security concerns while minimizing friction in the customer experience.
The research team prepared a set of reccommendations that informed design decisions:
Majority of participants indicated they would be indifferent or pleased with mandatory 2FA
Ensure the 2FA process is as quick and simple as possible to accommodate low-tech users.
Use a mix of 2FA options such as SMS OTP or Email verification to accommodate both low-tech and high-tech savvy customers
Ensure to address security concerns when implementing 2FA
Meeting user needs
Tailoring the experience to meet the needs and preferences of both-low tech and high-tech customers would enhance customer satisfaction for both groups.
The primary objective was to design and implement a mandatory Login OTP to effectively reduce fraud attempts, maintains a seamless customer experience and reduce calls to the customer center.
Measures of success:
Ensuring customers can easily navigate the authentication process.
Reducing the number of login-related and authentication calls to the call center.
Minimizing bugs
and production
issues post-implementation.
User Experience considerations in relation to security
If a customer does NOT have regular 2FA enabled on their account, they will be challenged with an OTP option every time they log in until they sign up for 2FA. If a customer has 2FA enabled, they will NOT be challenged with the OTP option at login.
User Experience considerations in relation to security
If a customer does NOT have regular 2FA enabled on their account, they will be challenged with an OTP option every time they log in until they sign up for 2FA. If a customer has 2FA enabled, they will NOT be challenged with the OTP option at login.
Audit of Existing Login & Authentication Experiences
Conducted a comprehensive audit of current authentication processes to identify barriers and opportunities for improvement.
Customer Interviews and Surveys
Engaged with customers through interviews and surveys to gather insights on their preferences, desires, and frustrations related to authentication.
Internal Stakeholder Interviews
Conducted interviews with internal stakeholders to gather their perspectives, requirements, and potential concerns regarding the new 2FA system.
Leading competitive analysis to understand the current state of the industry and forecast trends.
Audit of Existing Login & Authentication Experiences
Conducted a comprehensive audit of current authentication processes to identify barriers and opportunities for improvement.
Customer Interviews and Surveys
Engaged with customers through interviews and surveys to gather insights on their preferences, desires, and frustrations related to authentication.
Internal Stakeholder Interviews
Conducted interviews with internal stakeholders to gather their perspectives, requirements, and potential concerns regarding the new 2FA system.
Leading competitive analysis to understand the current state of the industry and forecast trends.
User Experience considerations in relation to security
If a customer does NOT have regular 2FA enabled on their account, they will be challenged with an OTP option every time they log in until they sign up for 2FA. If a customer has 2FA enabled, they will NOT be challenged with the OTP option at login.
Design Explorations
Leveraging the insights from our research team, we started design explorations to address the 2FA implementation. Since the goal was to apply 2FA across multiple brands, we began with platform-agnostic low-fidelity designs. These designs were created to be adaptable and would later be customized into high-fidelity versions for each brand.
To enhance security within the login experience, we separated the username and password input into two distinct screens, with the goal of reducing the risk of fraud attempts.
Audit of Existing Login & Authentication Experiences
Conducted a comprehensive audit of current authentication processes to identify barriers and opportunities for improvement.
Customer Interviews and Surveys
Engaged with customers through interviews and surveys to gather insights on their preferences, desires, and frustrations related to authentication.
Internal Stakeholder Interviews
Conducted interviews with internal stakeholders to gather their perspectives, requirements, and potential concerns regarding the new 2FA system.
Leading competitive analysis to understand the current state of the industry and forecast trends.
Profile:
Aged 18 - 54 years
60% of wireline customers
61% of wireless customers
Favour convenience and unified logins
More likely to adopt advanced security measures like authentication apps
More likely to download telecom provider app
Profile:
Aged 55+ years
40% of wireline customers
39% of wireless customers
Prefer secure and straightforward digital services
Prioritize security
Less likely to download new apps or try new technology
Meeting user needs
Tailoring the experience to meet the needs and preferences of both-low tech and high-tech customers would enhance customer satisfaction for both groups.
Profile:
Aged 18 - 54 years
60% of wireline customers
61% of wireless customers
Favour convenience and unified logins
More likely to adopt advanced security measures like authentication apps
More likely to download telecom provider app
Profile:
Aged 55+ years
40% of wireline customers
39% of wireless customers
Prefer secure and straightforward digital services
Prioritize security
Less likely to download new apps or try new technology
OTP Options
To accommodate the diverse preferences of both low-tech and high-tech customers, we expanded the range of 2FA options. This approach aimed to improve the overall customer experience while ensuring robust security measures were in place.
Profile:
Aged 18 - 54 years
60% of wireline customers
61% of wireless customers
Favour convenience and unified logins
More likely to adopt advanced security measures like authentication apps
More likely to download telecom provider app
Profile:
Aged 55+ years
40% of wireline customers
39% of wireless customers
Prefer secure and straightforward digital services
Prioritize security
Less likely to download new apps or try new technology
The research team prepared a set of reccommendations that informed design decisions:
Majority of participants indicated they would be indifferent or pleased with mandatory 2FA
Ensure the 2FA process is as quick and simple as possible to accommodate low-tech users.
Use a mix of 2FA options such as SMS OTP or Email verification to accommodate both low-tech and high-tech savvy customers
Ensure to address security concerns when implementing 2FA
The research team prepared a set of reccommendations that informed design decisions:
Majority of participants indicated they would be indifferent or pleased with mandatory 2FA
Ensure the 2FA process is as quick and simple as possible to accommodate low-tech users.
Use a mix of 2FA options such as SMS OTP or Email verification to accommodate both low-tech and high-tech savvy customers
Ensure to address security concerns when implementing 2FA
OTP Options
To accommodate the diverse preferences of both low-tech and high-tech customers, we expanded the range of 2FA options. This approach aimed to improve the overall customer experience while ensuring robust security measures were in place.
Design Explorations
Leveraging the insights from our research team, we started design explorations to address the OTP implementation. Since the goal was to apply OTP across multiple brands, we began with platform-agnostic low-fidelity designs. These designs were created to be adaptable and would later be customized into high-fidelity versions for each brand.
To enhance security within the login experience, we separated the username and password input into two distinct screens, with the goal of reducing the risk of fraud attempts.
OTP Options
To accommodate the diverse preferences of both low-tech and high-tech customers, we expanded the range of 2FA options. This approach aimed to improve the overall customer experience while ensuring robust security measures were in place.
Adapting to user feedback
Adapting to user feedback
During our competitive analysis, we observed that many companies had shifted to a two-screen login process. However, user testing revealed a different preference. All 8 customers interviewed preferred having both credentials on a single screen. Their reasoning centered around the convenience of using password managers and the ease of restoring their credentials from one page. They found the extra step of entering the password on a separate screen to be difficult and expressed interest in gaining quicker access to their accounts.
We consulted with our security team to assess the impact of this preference on security. Since we were already enhancing security by implementing OTP, the team approved consolidating the login experience to a single screen. This change aligned with user preferences without compromising security.
Transforming the agnostic designs to multi-brand theming through collaborative effort
Transforming the agnostic designs to multi-brand theming through collaborative effort
In a collaborative effort involving multiple teams, we transformed the agnostic designs into multi-brand themed experiences for both TELUS and Koodo. Utilizing the Universal Design System, we applied these designs to ensure consistency across both brands.
The project included updating the user experience and introducing OTP for both web and mobile platforms. We worked closely with the content team to streamline the user flow by adding clarity, reducing unnecessary copy, and enhancing call-to-action elements. Additionally, our translation team ensured that the experience was accessible to our French-speaking customers.
TELUS Login & OTP experience
TELUS Login & OTP experience
One page login
Listening to user feedback, we reverted back to one screen login
Listening to user feedback, we reverted back to the one screen login
Email OTP
Email OTP follows the same flow for both Telus & Koodo customers
Email OTP follows the same flow for both TELUS & Koodo customers
OTP Options
Users can update to a different form of OTP based on preference.
Koodo Login & OTP experience
Koodo Login & OTP experience
Impact
The implementation of OTP (One-Time Password) led to a 30% increase in 2FA sign-ups since launch. This enhancement significantly reduced web fraud by 20%, contributing to a decrease in incident response threats. Additionally, calls to the customer center regarding authentication issues dropped by 15%.
TELUS Login & OTP experience
Koodo Login & OTP experience
Reflection
This project was a significant collaborative effort, involving cross-functional teams working together for months to bring it to completion. Collaborating with security and fraud teams on sensitive issues provided interesting learning experiences. Additionally, observing users during interviews and usability testing offered critical insights that directly informed our design decisions.
Reflection
This project was a significant collaborative effort, involving cross-functional teams working together for months to bring it to completion. Collaborating with security and fraud teams on sensitive issues provided interesting learning experiences. Additionally, observing users during interviews and usability testing offered critical insights that directly informed our design decisions.
Autoplay Carousel
Feature
Increasing impressions, and conversions by 500% through the implementation of an autoplay feature.
App Community
Feature
Empowering users to collectively engage in addressing climate change.
Multi-brand Design System Standardization
Unifying three design systems, ensuring seamless component swapping while preserving brand theming.
© 2024. Designed by Cristina L
© 2024. Designed by Cristina L
© 2024. Designed by Cristina L
© 2024. Designed by Cristina L
