APrivacy Secure Messaging App
APrivacy provides security of files and information for the financial industry. The security operates behind the scenes and is integrated with any file type or device, meaning users can send secure information anywhere, any time, and how ever they wish.
due to NDA, the images will all be password protected. Please email me for access.
The Brief
How can bank employees communicate confidential information with clients using any messaging app?
As we discovered in our past project “Secure File Sharing”, where regulations are strict. One cannot send confidential information via unsecure chat apps. The problem is the employee wants to keep the client happy and make it easy for them. People enjoy the convenience of using their own devices as well as their own chat apps (Facebook Messenger, WhatsApp, WeChat) rather than a new type of messaging app. People already have an abundance of apps to chat with, they generally don’t want any more. So the challenge becomes, how do we keep the data secure at all times and allow the client to access said data from whatever chat app they wish?
Fortunately enough for us, we were able to reuse a lot of the data from the previous project because our stakeholders were the same. Thus our research was not as intensive. Similar to the previous project, we went through the current solutions ourselves and documented our experience, pain points, as well as what works well.
Interviews this time around were more specific to the problem. We wanted to know people’s tendencies when they message people and whether it differed depending on who they were messaging. Most importantly, we wanted to know how they communicate with bank employees and vis versa.
Fortunately enough for us, we were able to reuse a lot of the data from the previous project because our stakeholders were the same. Thus our research was not as intensive. Similar to the previous project, we went through the current solutions ourselves and documented our experience, pain points, as well as what works well.
Interviews this time around were more specific to the problem. We wanted to know people’s tendencies when they message people and whether it differed depending on who they were messaging. Most importantly, we wanted to know how they communicate with bank employees and vis versa.
Findings
We discovered that the app would also be used to communicate internally among employees to keep all data secure. We also discovered from the employees that all data would need to be recorded for audit purposes in case there was ever a dispute.
Our research allowed us to generate user stories and scenarios for us to use as a benchmark for success. We also confirmed the data from the previous project was applicable. The previous data found;
We used the same personas, however, with some adjustments as we found that particular demographics were using messaging as their primary method to communicate with the bank employees. We also needed to adjust the objectives and stories for the personas specifically to messaging and access via a mobile device (as a desktop/laptop were not necessary). To recap, there are 3 types of users; Banker, Executive, and Client (client can actually be broken down into 3 of its own that being high-wealth, Family Person, Young Adult because each would most likely be in a different financial situation).
Our research allowed us to generate user stories and scenarios for us to use as a benchmark for success. We also confirmed the data from the previous project was applicable. The previous data found;
- That regulations restrict sending confidential information across to clients via unsecure chat apps.
- Clients and employees were siloed to using a single method and access point to communicate
- Clients did not want to adopt new messaging apps
- Accessing secure messages were cumbersome and required a lengthy process
We used the same personas, however, with some adjustments as we found that particular demographics were using messaging as their primary method to communicate with the bank employees. We also needed to adjust the objectives and stories for the personas specifically to messaging and access via a mobile device (as a desktop/laptop were not necessary). To recap, there are 3 types of users; Banker, Executive, and Client (client can actually be broken down into 3 of its own that being high-wealth, Family Person, Young Adult because each would most likely be in a different financial situation).
Design Process
We needed a starting point, our data showed a majority of stakeholders used WhatsApp as their primary communication method. So anything we created would be tested with WhatsApp. We used the same design principles and requirements as the secure file sharing project with some adjustments;
PrinciplesMajority of actions be one step if possible Invisible, only show what is needed at that moment Emersion and Unintrusive Intuitive over Innovation for retention gain user trust (transparency, informative, aesthetic |
RequirementsAllow access from any messaging app Ensure data is always secure Access needed to seamless and quick Conversations would need to be recorded |
Listing our requirements gave us a starting point of how the design would be measured as viable. The first set of solutions we came up with would piggyback off the messaging apps, a plugin if you will, that worked with all of them. We wanted to avoid making a messaging app as to hold to the requirement of letting the user use their own. We also knew users would not be for a new app to navigate.
While working toward this solution, we found barriers that would prove it was not the appropriate solution. The main barrier was, one cannot build off of another app especially if it is not your own.
We decided to take a different approach, one that would involve making a messaging app. However, the app would be focused on the bank employee rather than the client. We mapped out the user journeys for both the client and employee. As the journeys became finalized, we added wireframes and then skinned them. Something we learnt from the previous project, that the stakeholders would be continuously coming in with new requirements and changes. As a result, we ensured the product was modular enough to adapt.
While working toward this solution, we found barriers that would prove it was not the appropriate solution. The main barrier was, one cannot build off of another app especially if it is not your own.
We decided to take a different approach, one that would involve making a messaging app. However, the app would be focused on the bank employee rather than the client. We mapped out the user journeys for both the client and employee. As the journeys became finalized, we added wireframes and then skinned them. Something we learnt from the previous project, that the stakeholders would be continuously coming in with new requirements and changes. As a result, we ensured the product was modular enough to adapt.
Solution
The solution takes 2 forms; client and employee. Employees would use our new secure messaging app to initiate conversations. Similar to other messaging apps, the employees would have a list of contacts and conversations. The employee would be able to invite clients (who they have not already conversed with yet) to chat securely by selecting the contact from the particular app they were conversing in. The result would take the form of a link sent to the client. The link would explain what it is to the user. Tapping the link would open up the secure conversation between the two.
When a client receives the secure link via their messaging app. If the client does not have the secure app, the link will route them to download and onboard on to the secure app. However, the client would have a slimmed down version of the app. Essentially it would run in the background and primarily accessed via secure links. Clients can access any secure conversation from which ever messaging app they receive it from. It is a new messaging app which our research showed people were hesitant to adopt but because it is accessed in their primary messaging method, it reaches a happy medium between accessible and secure while staying within regulations. Clients can share any information they wish (card numbers, photos, documents) via the secure chat screen. Clients can easily get back to their primary messaging app via the back buttons on both iOS and Android. It is an easy drop in and drop out.
The onboarding for both the client and employee are short and easy. If a client accessed the onboarding process from a secure link, when complete the client will be brought directly to the conversation they tried to access. The point of the onboarding is to get the user to their destination as quickly as possible. This is also exemplified during authentication; the app would determine whether the user was an employee or not instead of making the onboarding process any longer.
The biggest challenge with any security application is generate trust (as illustrated in the previous project “Secure File Sharing”) The application was made for 3rd parties, while we could not influence a user’s trust with that party, we needed to do it through our aesthetic and messaging. We emulated particular aesthetics of other messaging apps our users already use and trust. We needed to be sure our user was comfortable approaching this new product so giving them something that resembles a product they already use made it more approachable. It was also key to be transparent with our messaging and content. Always tell the user what is happening or will happen in plain language. For example; many people don’t like to be recorded without them knowing. Our app is meant to be invisible but transparent. We let the user know that the conversations are recorded similar to when someone talks to customer service or support else where.
The onboarding for both the client and employee are short and easy. If a client accessed the onboarding process from a secure link, when complete the client will be brought directly to the conversation they tried to access. The point of the onboarding is to get the user to their destination as quickly as possible. This is also exemplified during authentication; the app would determine whether the user was an employee or not instead of making the onboarding process any longer.
The biggest challenge with any security application is generate trust (as illustrated in the previous project “Secure File Sharing”) The application was made for 3rd parties, while we could not influence a user’s trust with that party, we needed to do it through our aesthetic and messaging. We emulated particular aesthetics of other messaging apps our users already use and trust. We needed to be sure our user was comfortable approaching this new product so giving them something that resembles a product they already use made it more approachable. It was also key to be transparent with our messaging and content. Always tell the user what is happening or will happen in plain language. For example; many people don’t like to be recorded without them knowing. Our app is meant to be invisible but transparent. We let the user know that the conversations are recorded similar to when someone talks to customer service or support else where.
Future
This project is still in-progress and is evolving with each day. What is currently shown is simply a snapshot in a place in time during the development.