UI Design & Research:

United Services Automobile Association (USAA)

The objective

Reduce the level of fraudulent account take-overs and account exposure to fraud practices while reducing customer abandonment.

My role

As Lead UI/UX with the fraud group we worked to address losses the business was incurring due to fraud executed in the form of account takeovers achieved by phishing schemes and soft account security practices.

Performed research and design on projects across the enterprise for both external and internal stakeholders.

I contributed to the enterprise re-design, patterns and library initiative.

I was very fortunate to be aligned with a senior producer with years of experience who helped me navigate the organizational ins-&-outs as well as promoted a nurturing learning environment.

 

Services Provided

  • UX Research
  • UX Design

Problem Statement

Analytics reflected account intrusion and takeover by showing discrepancies in account access. The perception that one area of the business may be exposed to soft security practices could spill over into other product lines, ultimately hurting the enterprise’s reputation across multiple lines of business.

The fraud takes the form of kiting and systematically exposes the business to losses in other lines of business due to customer account integrity being compromised.

Discovery

Stakeholder Interviews and Requirements Gathering

Multiple collaborative requirements elicitation meetings with Product Mangers and Development partners.

The changes are employed within an existing technical architecture.

Portions of the user flow can be retained.

Invaluable insights provided from the  banking SME  into the Automated Clearing House electronic financial transactions network and the changes required to introduce connectivity to that external system.

Project Goals

Employ a robust solution to address technical implications of account takeovers and kiting practices via the “Add Account” user flow in banking while preserving the customer experience. 

 

Implementation target date is defined “as soon as possible” due to the nature of exposure to fiscal risk and legal liability. 

The solution will track users behavior within the flow and reveal bad actors.

The process must be changed to enable the bank to verify external account ownership.

 

The business can verify customers complete the new verification process with comprehensive data.

User Flow


Leadership was concerned that customers would abandon the flow if it became overly complicated but recognized that elimination of all friction created a significant security vulnerability.

We evaluated implications of injecting account validation into the process and how the security implementation would impact the customer experience.

The re-architected user flow implied a very different experience that would require straightforward language to communicate a more complex process.

Persona Generation

I interviewed banking Customer Service Representative Specialists (CSR) who dealt with fraud calls, screening them for particular challenges they encountered and monitored support calls as well.

Referential personas created to help bring others along in the thought process.

The interviews provided opportunity to dig deeply into the CSR interfaces.

These internal interfaces would be updated with elements for the project to enable CSR’s to address and manage the new elements.

Low fidelity wire frames

Socialize the proposed changes among the design group and team and present to users for feedback and insight.

Verbiage and specific concise textual instructions early on identified as being cornerstone to task completion.

Testing combinations of page elements and content.

User Testing

Iterative Agile Design paired with a revolving door UX Research approach

My team had a huge advantage in having a dedicated customer recruiter available to onsite customers to test in usability lab.

Multi-session user testing presented an opportunity for simple structured discussion with users to highlight breaking points, roadblocks and opportunities and hear the realistic applicability of the solution.

I learned facilitation techniques and was able to practice hands-on guided usability interrogations.

Findings

01

Level-Set Expectations

Communicate as much about the process upfront to prevent users from abandoning the process.

Optimize content making it accessible to the widest audience.

02

Consistency of Experience

Focus on creating a solution that integrates seamlessly with the site. The language and interaction touch points must minimize friction and maintain established usage patterns as featured site wide. 

03

Minimize Complexity

We are introducing complexity into a system. 

Reduce the work the user must perform to be successful to its functional minimum.

04

Interpret the Data

Users interacted with prototypes. There are successes and failures.

Outcomes produced results that require interpretation. Interpretations offer insights.

Such as :

“It just told me to come back to the site to finish later. 

Do I Really?”

The user { DOESN’T GET IT }.

 

05

Iterate Design, Re-Test

I worked with our customer engagement specialist to boil down the session findings into actionable, presentable reports
Critical path deviations, blocking points, insights, problems, comments and recommendations all found their way into the after action

Mid-Fidelity prototype and production ready design

The most significant finding testing revealed was that reaffirmation must be built into the solution so that customers feel empowered in their decision to undergo the verification process and retention is not impacted.

We had to pivot the design to simplify the interaction touch points and escalate the prominence of the content.

Technical Architecture

The technical architecture of the legacy system was tightly knit & not originally designed to allow for the type of functionality we were demanding of it.

I co-authored the technical architecture roadmap that illustrated exactly how the solution fit into the workflow.

User testing provided insight into what point customers would be comfortable deviating from the expected task completion or simply abandoning altogether.

The customer validation against the ACH database required specialized data verfication capabilites.

We engaged a external vendor who specialized in the type of solution we were looking for. They would be able to provide a robust, time tested solution within budget and provide long term support with a integration that could be brought inline with our timetable.

Takeaway

Executive Presentations

There was concern about messaging to the customer and escalating awareness of direction to complete the process. I created a mockup of the messaging center page and example notifications and account alerts specific to our process. Copy clarity was a high level concern that I fortunately could tap a great Content Manager for further help with.

Updated prototypes were retested with a small sample set of users. The scenarios were executed with only one low severity navigation issue occurring in the prototype. At the final project presentation, I presented the scenarios to the executive committee with my Sr. Producer. We received the blessing to close the project and hand off the code base to the development group.

Our due diligence escalated the unforeseen impact introducing external verification would have on the My Accounts page. Augmenting this important customer services portal was outside of our project scope and though the sponsors were apprehensive to the fact that changes to the portal would have to be made they were enthusiastic that our research had revealed the need for changes.

We encouraged them to challenge their assumptions about the customers online experience and think more strategically about the My Accounts page redesign and to be aware that it would need to have a flexible design that could be updated as the enterprise services changed over time instead of being constructed in a way that prevented organic growth.

Outcome


The application flow this team implemented was launched into production as designed and to my knowledge as of 2013 will have been in service to the membership over 5 years, protecting them and the business from fraud damages totalling over half a million dollars.