top of page

Multi-Factor Authentication

To comply with new government regulations and enhance account security, we introduced Multi-Factor Authentication (MFA) for our online lottery platform. The feature allows players to enable MFA during sign-in and manage their preferences within their profile, all while ensuring clarity and ease of use without referencing specific third-party apps.

​

Role: Sr. Product Designer

Tools: Figma, Miro, Buisnessmap

Problem

Players lacked an additional layer of security when accessing their accounts. With increasing concerns around account safety and a government mandate requiring MFA, we needed to implement a secure, user-friendly solution that could be toggled on or off by the player.

Problem Statement - How Might We...

How might we introduce Multi-Factor Authentication in a way that meets regulatory requirements, enhances security, and empowers players to manage their preferences without overwhelming or confusing them?

Exploration

We explored:

  • Regulatory requirements to understand the scope and flexibility of MFA implementation.

  • User expectations around security and control through surveys and support feedback.

  • Competitive analysis of MFA flows in similar platforms.

  • Technical constraints around integrating MFA without naming or partnering with specific authenticator apps.

Key insights:

  • Users value security but want control over their experience.

  • Many were unfamiliar with MFA and needed guidance.

  • Legal constraints prevented us from naming apps like Google Authenticator.

image 2.png
image 3.png

Feasibility

Collaborated with:

  • Legal & Compliance to ensure messaging and implementation met government standards.

  • Engineering to build a secure, scalable MFA system.

  • Customer Support to prepare for user education and troubleshooting.

Validated feasibility through:

  • Security audits

  • UX prototyping

  • Stakeholder alignment sessions

Solution

We designed:

  • A toggleable MFA feature in the player profile, allowing users to opt in or out.

  • A guided setup flow with clear instructions and visual cues.

  • Generic language to describe compatible authenticator apps without naming them.

  • Contextual help and tooltips to support users unfamiliar with MFA.

Impact

  • 100% compliance with government regulations.

  • Increased trust among users, reflected in positive feedback and reduced support tickets.

  • High adoption rate: 70% of users enabled MFA within the first month.

  • Improved account security with fewer unauthorized access incidents reported.

Takeaways

  • Clarity is key: Even technical features like MFA can be user-friendly with the right design.

  • Legal constraints can inspire creativity: We found ways to guide users without naming apps.

  • Empowering users with control builds trust and engagement.

  • Cross-functional collaboration is essential for secure, compliant, and usable solutions.

  • LinkedIn

©2022 by Raltz Supan. Proudly created with Wix.com

bottom of page