MFA Implementation

Led the UX design for implementing Multi-Factor Authentication (MFA) across three financial service brands, improving account security and strengthening user trust in a highly sensitive industry.

Role: Lead Product Designer. Collaborated with Marketing, Engineering, Legal and Compliance teams.

M-verification type-email selected.png
M-verify email.png
M-verification type-email selected.png
M-verify email.png
M-verify email SUCCESS.png
Group 140724.png

The challenge

Design a unified MFA experience that could work seamlessly across three distinct financial brands. The goal was to create a core flow that required no major functional changes while allowing easy adaptation to each brand’s unique style—balancing consistency, security, and usability.

The problem faced

“How might we design a secure and adaptable MFA experience that is easy for users to navigate every time they log in/sign up, while allowing seamless customization across three distinct financial brands?”

  • Integrate Smoothly: MFA had to fit naturally within the existing UI of all three brands without major redesigns.

  • Adapt to User Flows: Design a consistent experience for both sign-up and log-in entry points.

  • Support Credential Recovery: Ensure users who’ve lost login info can still complete MFA securely.

  • Handle Contact Updates: Seamlessly manage changes to emails or phone numbers used for MFA, keeping the flow frictionless.

Business Impact

Regulatory Compliance

MFA implementation was critical to meet credit bureau regulations and maintain our key relationship with TransUnion.

Fraud Reduction

By requiring additional verification, we decreased the risk of fraud and misuse of the platform for identity validation.

Risk Mitigation

Timely rollout ensured the business avoided penalties or damage to trust with partners.

User-Centered Wins

Enhanced Security

Users now benefit from a safer experience, protecting their personal and financial information.

Clear Verification Flow

The MFA process reduces confusion during login and sign-up while giving users confidence in account security.

The Solutions

Seamless Multi-Brand Integration

Seamless Multi-Brand Integration

Problem:
The MFA step needed to integrate seamlessly across three distinct financial brands, each with different sign-up flows, recent updates, and external partner flows. Without careful design, MFA risked feeling disjointed or disrupting the user journey.

Solution:
Created highly flexible and adaptable MFA screens that aligned with each brand’s identity while maintaining visual consistency across all internal and external flows. Designed the step to feel natural and non-disruptive, no matter the entry point or product.

Impact:
Delivered a cohesive MFA experience across all brands, ensuring users encountered a familiar and frictionless interface that reinforced trust and usability.

Problem:
Existing users risked being blocked by MFA if they lost access to their verification device or forgot their login credentials, potentially causing frustration and abandonment.

Solution:
Designed robust alternative pathways that allowed users to securely regain access and complete sign-in, even if they faced device or credential issues.

Impact:
Enabled uninterrupted access for existing users, reducing friction and ensuring MFA strengthened security without harming the user experience.

Comprehensive Security Beyond Login

Problem:
Changes to critical account information, like email or phone number, could allow fraudulent access if left unverified, putting users and the business at risk.

Solution:
Extended MFA to verify email and phone updates at the point of change, ensuring these contact methods truly belong to the user.

Impact:
Strengthened overall account security, increased user confidence in the platform, and ensured MFA remained a trusted and effective safeguard for all sensitive actions.

The Outcome

  • Launched Phase 1 MFA across 3 financial brands on time, meeting regulatory requirements

  • Built a flexible, brand-agnostic framework for seamless integration with existing flows

  • Enabled Phase 2 enhancements: users can choose MFA every login or every 30 days

  • Increased user trust and security without disrupting the experience

The Takeaways

  1. Prioritize Access & Recovery
    Security should never block users. Robust recovery flows (lost devices, forgotten credentials) keep MFA protective and user-friendly.

  2. Design for Flexibility & Consistency
    A single adaptable framework ensured MFA fit seamlessly into three brands and varied flows without disrupting the experience.

  3. Build with the Future in Mind
    Designing for scalability enabled smoother Phase 2 rollouts and reduced rework, aligning today’s solutions with long-term goals.

Previous project: Lie detector

Next project: FinTech Exploration