How Ireland’s biggest bank executed a complete security redesign

4 min read
Abby Sinnott
  •  Sep 17, 2020
Link copied to clipboard

Mobile banking has seen a huge increase since Coronavirus. In fact, CX platform Lightico found that 63 percent of people surveyed said they were more willing to try a new digital banking app than before the pandemic.

So while you may be more inclined to bank remotely these days, cybercrime—especially targeting banks—is on the rise. Although online banking has always been very secure, phishing scams are becoming increasingly sophisticated, and hackers are taking advantage of people’s heightened emotions and anxiety amidst the global pandemic. As a result, more people are giving away their security details.

Research shows that even people who are fairly technical and sensitive to security matters are often inconsistent in their behaviors and don’t adopt strong, unique passwords or use two-factor authentication. That’s why designing security tools that are so seamless that any person or company can use them is critical to online banking security, said Philip Dwyer, experience design lead at AIB.

AIB put customers at the center of their design process

Dwyer applied this user-centered approach when he led AIB’s redesign to comply with new European Union security regulations (PSD2), which mandated that all payment organizations implement Strong Customer Authentication (SCA) by Fall 2019.

For AIB, Ireland’s biggest bank, this meant completely redesigning their login system for all of their personal internet and mobile channels—which had largely remained unchanged since 1998—and requiring users to receive a push notification on their mobile phone.

While this may seem like a relatively straightforward task, there was an interesting design challenge at play. Not only did AIB’s team of designers have to create a secure login system that was as frictionless and easy-to-use as possible, so that it didn’t raise any alarms or look like fraud, but it also had to serve a user base with wildly different needs. AIB’s customers range from the tech savvy to those who have never used a mobile phone before—and all of them had to be brought through the customer journey in the exact same way. The timeline on the project was super quick, too. AIB became compliant in just seven months.

InVision prototypes were instrumental to AIB’s redesign

The key to AIB’s success? InVision prototypes which allowed Dwyer and his team to collaborate securely and rapidly—even as they worked across disciplines and continents. Throughout the design process, the team hosted customers in their in-house, custom-built lab to test flows and screens. Prototypes allowed the team to make instant changes based on the feedback in each session, rather than being slowed down by lengthy design iterations.

“With prototypes, we were able to make changes on the fly as we got feedback, allowing us to get them back in front of customers straight away,” Dwyer said.

AIB conducted over 200 hours of user testing for the new login system

After seven months of designing, 200 hours of user testing, 300 new flows and screens, and 150 unique customer testers, the team was able to whittle down their customer login journey from over 20 screens to a simple and clear six on the main log in flow. The team discovered that customers didn’t care about the back-end complexity of apps or complicated regulatory laws.

“They just wanted to do things as quickly as possible and get on with their day,” Dwyer said.

But the product development didn’t end there. Once the user flow was designed, it needed to be shared, reviewed, and approved by stakeholders across the organization. Prototypes allowed key collaborators like developers, project managers, and lawyers to work closely and give feedback quickly.

AIB used a ‘design first’ approach

Such a highly regulated, fast and complex redesign required “all hands on deck” across AIB, which Dwyer admitted was a huge challenge. But by using a ‘design first approach,’ the team was able to smooth out any major problems before writing code and starting to build. “If we had used the old strategy, which was to build first and design second, we wouldn’t have been able to meet our deadline and create such a user-friendly system,” he said.

In just the first two weeks after launch, more than 600,000 customers signed up for the app, which AIB considers a resounding success. Now faced with a global pandemic, not only will these digital interactions keep customers safe and healthy, it’ll do the same for their finances, too—a top differentiator for financial services. In fact, a recent survey conducted by Lightico found that 84% of customers expect their bank to maximize digital interactions to keep them safe during the pandemic.

“As designers, it’s exciting to know that we play a huge role in that, which is more important than ever in such uncertain times,” Dwyer said.

Collaborate in real time on a digital whiteboard