Enhancing user security in digital wallets through thoughtfully designed frictions

Role

UX Researcher & Designer

Duration

June 2023 - September 2023

Summary

This project, part of my MSc in Human-Computer Interaction coursework, explores the use of designed frictions across different domains, with a particular focus on digital payments. It examines how strategically implemented frictions in payment applications such as digital wallets can encourage mindful interactions, disrupting mindless behaviors while enhancing user security and maintaining a positive user experience. The study involved user interviews with 11 participants that explored perceptions of designed frictions in digital payment services. The five themes were developed from the user interviews, addressing various aspects of users’ perceptions of friction within digital payment platforms. These themes served as the basis for a set of design guidelines to embed frictions that bolster user security while still delivering user-friendly digital wallet applications. Finally, new designs based on the Google Wallet application were created which addresses user preferences and security concerns and adapts to different payment contexts.

Brief Introduction

This research aimed to explore a novel approach to enhance user security in digital wallet applications through the strategic incorporation of what is termed 'frictions,' with a specific focus on microboundaries. In the field of human-computer interaction (HCI), designed frictions are disruptions intentionally introduced into user interactions with technologies. A 'microboundary' represents a small barrier deliberately placed before an interaction, serving as a momentary pause or reflection point in the user's journey (Cox et al., 2016). These disruptions act as obstacles, momentarily slowing down user actions and prompting reflection. The rationale for exploring frictions in digital wallets is rooted in the idea that carefully designed frictions, such as microboundaries, can potentially enhance security without significantly compromising the user experience. By briefly interrupting user actions and prompting reflection, these frictions have the potential to encourage secure behaviours and decision-making without causing undue inconvenience.

METHODOLOGY

Desk research

For secondary research, aside from the literature review focusing on design frictions, an evaluation of the features in the top five downloaded digital wallet applications was conducted. Three applications were personally downloaded and used, while the remaining two were assessed on friends' phones. Additionally, pertinent information was gathered from videos, screenshots, official websites, and user reviews associated with these applications.

User Interviews

A series of 11 semi-structured interviews were conducted to better understand people's experiences, perceptions, and behaviours when utilising digital payment services. Semi-structured interviews were used to allow for flexibility in participant responses and topics discussed. The questions were designed to learn about users' attitudes, actions, and experiences with digital payment systems. The average age of the participants was 25.818 (SD= 3.7) and the participants’ age range was between 18-35. Prior to the interview, a consent form and information sheet were issued to each participant via email. The interview questions, information sheet, and consent form were approved by the University of York Ethics Committee for Computer Sciences. Also, considerable effort was made to select a geographically diverse sample.

Participants' demographics information

Results

Participant responses underwent a reflective thematic analysis, following the procedure outlined by Braun and Clarke (2006). The decision to employ reflexive thematic analysis was driven by the exploratory nature of the interviews and the need to comprehensively explore participants' perceptions and responses to various instances of friction within digital payment applications.

The process of qualitative coding occurred in two iterative phases. Initially, all significant data pertaining to both design frictions and non-frictional aspects were categorized into three sets, using an inductive approach. The subsequent stage involved focused coding, which involved a deductive approach with an emphasis on codes primarily centered around security-related frictional elements. The following five distinct themes were developed from the 11 semi-structured interviews, each shedding light on different aspects of user preferences, concerns, and attitudes regarding security frictions.

Users' General Preference for Biometric Authentication in Digital Payments
Finding Security Amidst Concerns in Digital Payment Scenarios
Frictional Dynamics in Payment Contexts: Comparing In-Person and Online Perspectives
Strategies for Enhancing User Security Awareness through Communication Frictions
From Hesitation to Acceptance: Users' Evolving Stances on Frictions

A snippet of codes from the second phase of qualitative coding

Main Findings

Theme 1 “Users’ General Preference for Biometric Authentication in Digital Payments” highlights that most users greatly favor biometric authentication methods like fingerprint and face ID. These methods are perceived as both convenient and secure, aligning with the desire for seamless payment experiences.
Theme 2 “Finding Security Amidst Concerns in Digital Payment Scenarios” delved into users’ apprehensions regarding digital payment security. It unveiled concerns about the drawbacks of the existing security frictions, emphasizing the need for robust security measures, especially in online contexts.
Theme 3 “Friction Dynamics in Payment Contexts: Comparing In-Person and Online Perspectives” emphasized the importance of adapting security measures to the specific payment context. Users expressed the need for additional security layers in online transactions, recognizing the dynamic nature of security requirements.
Theme 4 “Strategies for Enhancing User Security Awareness through Communication Frictions” underscored the significance of clear communication and explanations when introducing security frictions. Users appreciated understanding the purpose and benefits of these measures, which contributed to their overall sense of security.
Theme 5 “From Hesitation to Acceptance: Users' Evolving Stances on Frictions” revealed that users initially hesitant about security frictions became more accepting as they recognized the security advantages. This evolution in user attitudes highlights the potential for positive user experiences with well-implemented frictions.

Design

The design guidelines were developed based on the themes for incorporating security frictions in digital payments collectively to provide a comprehensive framework to harmonize security and user experience. Redesign of the Google Wallet application, which is a well-known digital wallet among Android users was suggested based on all of the problems found and the themes developed in the user study. Incorporating insights from the thematic analysis and the design guidelines, a set of redesigned features and frictions were strategically introduced into the digital wallet application.

The redesign mainly included the following aspects which are made available on the stored card’s settings page:

Biometric Customization
Payment Password
Adaptive 2FA (Two-Factor Authentication)
Lock my card

When Making In-Store Payments Using the Digital Wallet: During in-person/shop payments, users can use their preferred biometric authentication method. If it fails after three attempts, they are prompted to enter their previously set payment password. This alternative option of entering a password is provided in case the user has any physical constraints. This is also in accordance with theme 3 of Friction Dynamics in Payment Contexts, as it strives to strike a balance between security and user convenience by dynamically adjusting friction levels based on the immediate context (in-shop payments) and user preferences, emphasizing a smooth experience.

When Employing Digital Wallets Within Apps or on the Web: For transactions within apps or on the web, users can authenticate using their payment password. Password authentication in online contexts is chosen to address user concerns about the potential misuse of biometrics during physical thefts or crimes, aligning with Theme 2's focus on finding security amidst these concerns. This option empowers users to proactively protect their digital assets, fostering a sense of security in potentially risky online environments. If the set limit is crossed, users are alerted via a push notification and prompted to verify the transaction. 2FA via push notification is a critical security measure that helps confirm the user's intent, protects against unauthorized access, and provides an additional layer of security for digital wallet transactions. It's a proactive approach to safeguarding financial transactions and user accounts. This option further aligns with the theme of promoting user security awareness through communication frictions and also with the theme of Friction Dynamics in the Payment Context. The presence of a payment password and the option to enable 2FA encourage users to take proactive steps to enhance their security awareness. It introduces an appropriate level of friction for online transactions, where additional security measures are often appreciated, contributing to a secure yet user-friendly digital payment experience.

Wireframes

High-Fidelity Mockups

Conclusions and Discussion

The study underscores the nuanced relationship between security and usability in digital wallet applications. Users prioritize convenience and security, necessitating a tailored approach to friction levels aligned with user preferences and payment contexts. The integration of frictions, including biometric customization, payment passwords, and adaptive two-factor authentication, reflects a delicate balance between security and usability. The study draws parallels with concepts like microboundaries and System 1/System 2 thinking, emphasizing the need for conscious user behavior and deliberate security measures. The strategic introduction of frictions aims to enhance user trust, satisfaction, and overall security standards in digital wallet applications.

Adaptive 2FA strategically prompts users to engage in deliberate decision-making (System 2 thinking) by introducing an obstacle—an additional push notification verification—when increasing the transaction limit. This mirrors the concept of microboundaries, fostering a moment of reflection to mitigate risky behavior. The feature also serves as a security-enhancing friction, encouraging users to set personalized security thresholds, preventing unauthorized access. The customization of security levels prioritizes user preferences, making secure actions more convenient than insecure alternatives.

In essence, this research, informed by user insights and rigorous thematic analysis centered on frictions in digital payment services, aspires to fortify the security and convenience of digital wallet applications. Through the strategic introduction of frictions, the study aimed to explore how to enhance user trust and satisfaction while upholding robust security standards.

Google Sites

Report abuse