Salesforce Logo

Salesforce Authenticator

Authenticator offers proactive identity verification on your wrist or on your phone.

Role

Lead UX Designer

Contributions

UX Design, UI Design, Mobile Design, Wearable Design, Moderated Usability Testing

Project Overview

Security is one the most important factors when customers are making a decision on who they should trust with their data. When we were kicking off our Lightning redesign, we acquired a company called Toopher, which allows for a proactive, geo-based and automated second factor of verification for any action you can perform. The main application for this was for logging in, so if you’re authenticating from your office every day, you can automate your second factor of verification. It also has potential to be used as an extra approval step before moving large sums of money or deleting a user account.

Since we were merging an acquisition and integrating technologies that changes the way we think about authentication, we thought it would be an advantageous time to redesign the experience of our Authenticator app!

Problem Statement

It’s hard to get people to care about security, so making it as invisible and effortless as possible is key to wide scale adoption. Two-factor authentication improves the security of your accounts by requiring additional information after logging in before you can access your data. This way if someone steals or guesses your password, they still can’t get into your account without your second-factor of authentication. This has traditionally been a code that you have texted or emailed to you - think about logging into your bank - but that’s a proven security risk. You can also open up an app that generates random codes after you’ve paired your account, but this can be a clumsy and time consuming process, especially if you have two-factor enabled for many of your accounts.

Goals

Personas & Use Cases

# # # #

Salesforce Users

Sales Cloud Activities

Training reps, prepping for meetings, closing deals and answering inbound leads

Service Cloud Activities

Providing direct customer support, solving cases, creating and updating Knowledge articles

Admin Activities

Creating page layouts, custom fields, workflow rules and approval processes.

As a Salesforce user, I need a second form of authentication when logging into Salesforce so that I have higher confidence that my username isn't being used by anyone but myself.

Learn more about Salesforce personas on Trailhead.

Product Designs & Interactions

Onboarding

When a user first downloads and opens the app, they’re shown a tour that introduces them to features of the app.

#

Paired Accounts

When a user pairs their accounts, they can quickly identify their account by the service name or logo. A timer is displayed to show how much time is left for that specific code, and uses color to communicate the stage of the timer countdown.

#

Approve or Deny

For Salesforce users and certain customers, they can choose to use the new push-based approval process instead of asking for the six-digit code shown on the home screen. When a user enters their username and password, a notification is pushed to their app that asks the user to approve an action. They find the type of request, username, service, device type and location of the action so that it’s clear what’s being approved.

The coolest part of all of this? Automate your approval or denial based on your location. So if you’re logging into Salesforce from the same coffee shop every day, we’ll verify your location and automatically log you in without asking you for anything else.

#

Easy to Reorder

For accounts that don’t have push-based notifications enabled, codes are still the best option. For the services you log into most, you can drag and drop those accounts to be in whatever order you want. Just press and hold and reorder to fit your needs.

#

Wearable Authentication

A really fun part of this project was designing for the wearable experience. This was right when Apple Watch was being released, and after a host of Android Wear watches were making it to the market. I used the form factor to our advantage and tried new things like using the bezel to show the timer progress.

#

Notifications at a Glance

A benefit of using a wearable device is not needing to pull your phone out of your pocket throughout the day to check the time, your notifications or to compulsively check your social media accounts. Now you don’t need a phone at all. Notifications give users at-a-glance capabilities to check inbound messages quickly and effortlessly.

#