Data Breach Response

UX solutions as a relief for current and future data theft issues.

TEAM

TEAM project, 4 UX designers, time frame FOUR weeks

End-to-end UX Process

User Interviews ⎮ Surveys ⎮ Affinity Mapping ⎮ Defining User Archetype ⎮ User Flows ⎮ Competitive/ Comparative Analysis ⎮ Sketching ⎮ Wireframing ⎮ UX Prototyping ⎮ Usability Testing

TOOLS

CHALLENGE

We assumed if the Australian Government was a client, how would they have helped to respond to a recent data breach? The data of almost 10 million Australians were stolen, resulting in criminals gaining access to customers’ private information, such as driver’s licence numbers and Medicare card details.

TASK

To help affected people by assisting them through the whole process of understanding if their data was breached, what to do next, and, if needed, help customers to apply for replacement documentation.

SOLUTION

Successfully achieved project objective by enabling users to quickly identify and apply for the documents that need replacing as well as providing a learning hub where they can learn how to recognise and act on any data breaches that may happen in the future.

MY ROLE

UX/UI Design and strategy influence

  • Conducted qualitative and quantitative research, incorporating surveys and user interviews.

  • Performed competitive/comparative analysis to understand better how other platforms talk about data breaches. I was also looking for UI inspiration to present the information simply and concisely.

  • Contributed to drafting a User Persona Archytipe.

  • Drafted User Flows to ideate and visualise concepts.

  • Designed a low-fidelity prototype and tested it with real users.

  • Contributed to designing a high-fidelity prototype, its iteration and further development.

  • Time management, suggesting the best way to run the project within team availability and time constraints.

My team followed a user-centric approach, deciding collaboratively on the most suitable UX methods.

01 DISCOVERY

To understand the scope and complexity of the issue, my team started the project with 15 user interviews and contextual enquiry in-store.

We wanted to find out:

  1. How did people receive news about the data breach?

  2. What their initial reaction, thought, and feelings were?

  3. What actions did they take next?

02 PROBLEM DEFINITION

Interview insights showed that people care the most about

My team drew out pain points, needs and opportunities that could be addressed in our solutions.

Why did we decide to use the User Journey method?

Analysing data through the process of Affinity Mapping also showed that customers experienced disappointment, abandonment, stress, and anxiety.

We wanted to follow the path of peoples’ emotions to identify points along the journey of a data breach and understand where they were impacted the most. We now knew the main problems and were able to rank them by their importance:

‘It is difficult to find out wich document has been exposed’

‘It takes too long to update the information and replace the documents’

‘Not enough information on how to protect personal information from theft’

Who are the impacted profiles, and what kind of solutions do they need?

Personas-01.jpg
Personas-02.jpg

PROBLEM STATEMENTS

01 People need simple ways to find which documents were affected by the data breach so that they can get a replacement urgently.

HMW reduce anxiety levels for people who need to find out which personal documents were affected

Hypothesis: Provide various points of contact, i.e. phone, online, in person

02 People need quick ways to replace their documents affected by data breaches so that they prevent identity theft with the least effort.

HMW provide a simple and quick way to replace affected documents.

Hypothesis: Provide all necessary links to different services (e.g. VicRoads/Service NSW, Medicare, Australian Passport Office) in one place.

03 People need ways to learn how to protect their personal information to feel safe now and in the future.

HMW help customers learn more about protecting personal data.

Hypothesis: Implement a learning hub that includes various kinds of educational material.

Which one of the three problems is the most important for people?

We conducted a User Survey with 12 affected customers.

LEARNINGS

  • The project’s main focus was to provide simple ways to determine which of the customer’s documents were affected by the data breach.

  • To quickly replace the affected documents and learn more about protecting yourself from identity theft was also important and could be addressed with similar attention to the solutions.

Why Competitive/Comparative Analysis?

To get inspired for our future ideation, we looked into how other platforms presented the information about the data breach and features that would be useful to incorporate within our solution. Collaboratively we decided to include the following:

  1. Videos — to give the information in a simple and more accessible way

  2. Assistance/Live chat feature — to help users with answering their questions

  3. Three bullet points — as another way of presenting information in a very concise way that is easy to remember

Why was User Flow needed?

My Team wanted to understand better the journey users would take throughout the app from start to finish. We wanted to visualise the decisions, and paths people would take to get to the end of each task, from the beginning of the journey to the solution.

User Flow image

03 IDEATION

Sketching to validate our ideas in a short time

I sketched low-fidelity wireframes using my knowledge about the user, their goals and needs, the architecture and the different flows needed to accomplish each task we identified earlier. At this point, the idea emerged to incorporate our ‘Data Breach Hub’ within one of the already existing Government websites, the Australian Government website, the Australian Cyber Security website or MyGov.

After discussing this further, we placed our solution within the MyGov application.

You may ask ‘why?’.

This is a reputable source of information, a secure environment that provides a secure Login process; it already has a few services under its umbrella.

04 UX PROTOTYPING AND TESTING

Continuing with Wireframing and Prototyping to narrow the scope and solutions

Without focusing too much on the detail, we wanted to know if our application was functional.

  1. Is our prototype solving customers’ problems?

  2. Can people navigate through with ease?

  3. Can they find the information they need?

We designed mid-fidelity wireframes, and the clickable prototype was made.

INSIGHTS

After two rounds of usability testing, we learnt that further improvements were needed as people struggled to

1. Track the document

2. Information on protecting people from data theft must be more relevant to understand how to recognise and act on it

OUR SOLUTION

P3_Solution_Allpgs-01.png
P3_Solution_Allpgs-02.png
P3_Solution_Allpgs-03.png
P3_Solution_Allpgs-06.png
P3_Solution_Allpgs-04.png
P3_Solution_Allpgs-05.png

FINAL PROTOTYPE

We incorporated all our findings from Usability Testing into our final prototype…

CONCLUSION

Learnings

Start usability testing as early as the low-fidelity prototype to implement changes earlier in the project and save time in amending the prototype in the later stage of development.

Next Steps

  • It has been recommended that additional user testing be carried out to improve the accessibility of the 'document status flow' feature and make it more intuitive. 

  • To better suit the needs of individuals with disabilities and different demographics, further research should be conducted on government accessibility requirements.

  •  The user interface (UI) requires improvement to decrease cognitive load and enhance the accessibility of the presented information.

Scroll to the top