The current authentication process in the Security Profile (pdf) caused customer friction when answering questions. It included questions that were based on internal account information (i.e., Tell me about your recent activity.) rather than non-traditional, non-public questions (i.e., Who is your favorite author?).

Our goal was to provide a stronger authentication process and reduce customer friction while keeping the existing legacy design style of the Security Profile.

After conducting a competitive analysis (Apple, eBay, Microsoft, RSA) and stakeholder interviews with business and tech partners, we recommended moving away from the legacy design and creating a scalable and responsive solution using existing user tested TIAA components.