Good UX and Good Security - Is It Possible?

heather_reid · 8 February 2019 11:12

I read a blog post recently which, while specific to cybersecurity startups, really got me thinking about my own experiences.
https://uxdesign.cc/the-challenge-on-doing-good-ux-on-cybersecurity-startups-3b747079def1

So I’ve had 2 experiences that differ greatly!

The company I worked with was SUPER focused on security. This is great if you’re dealing with very sensitive information, security is consideration number 1 on almost every feature. The result: a super secure product with a terrible UX.
A different company I worked with had a UX designer. This was great from a UX perspective but this person really didn’t care about security. We had many debates about adding security features that they believed were not good for UX. I was always overruled.

So my question, in your experience is there the possibility to have good UX AND good security at the same time in an application?

AdyStokes · 8 February 2019 14:19

Hi @heather_reid, it sounds like the two companies had very different priorities and I also suspect that the former was quite inaccessible?

We work on a customer facing website with two factor secure login to access sensitive mortgage information. While not perfect it is a good UX and our VeraCode score is a pleasing 94. We are bringing on a UX designer to help improve the interactions as we increase features and there is an overall desire to improve the customer experience but no expectation of that decreasing our security.

I’ll post any appropriate updates.

I’ve also see bank apps struggle with this very thing but some are quite good. I’m sure there will be other examples

heather_reid · 8 February 2019 14:34

Hi @AdyStokes

Different priorities but both had to adhere to strict regulatory bodies (one financial and one pharmaceutical). The former didn’t score terribly in terms of accessibility but it definitely could have been better. The second project had a dev who was (and still is) an accessibility advocate, every bit of work proposed was checked by them for accessibility. Granted that wasn’t a magic wand as many things were pushed just to get out the door.

It’s rare to find a banking app that ticks either box here in Ireland Not unheard of but certainly rare

rob_diamond · 8 February 2019 14:40

Hi @heather_reid it is possible but it’s got to be planned in from the start. Good user experience and security is not mutually exclusive

From my experience you need the UX framework up front with the back end security PKI, 2FA etc in place as early as possible. Trying to do this on a mature product is hard and expensive and you would usually be better off starting from fresh

Topic		Replies	Views
Is there any demand for a specifically crafted guide on web cybersecurity for QA and Testers? 🙋 Questions learning , security	5	225	24 April 2024
Live Blog Testbash Germany: Dude, Why You Don't Test UX? By Greta Ruškienė 🗄️ Archive testbash-germany	0	794	13 September 2019
Nightmare UX (User Experience) Oracles 🙋 Questions ux , risks , heuristics , oracles	8	1085	2 May 2025
Anyone want to give me feedback on a security testing idea? 🗄️ Archive security	11	1313	23 February 2021
Discussion: Security Testing 🗓️ Events security , panel , discussions	4	978	3 May 2023

Good UX and Good Security - Is It Possible?

Related topics