OVERVIEW
CLIENT
LOCATION
- Mountain View, CA / Silicon Valley
- San Francisco, CA
INDUSTRY
- Enterprise security software
company PROFILE
- $6.3B company
- World's 3rd largest software developer
TECHNOLOGIES
- Information security
- Two-factor authentication
- Multi-factor authentication
- Strong authentication
PRODUCT(S)
- Symantec VIP
- Symantec VIP Access
PROJECTS / FEATURES / DELIVERABLES
- VIP Access two-factor push notifications
- VIP Access visual redesign
- VIP Manager push-notification administration
- VIP documentation and training
brief
background
This case study highlights the design and development of VIP Access Push, a feature in the VIP Access smartphone app, as well as ancillary work related to this feature.
Symantec VIP (Validation and ID Protection Service) is a cloud-based, strong-authentication service. It is designed to secure access to enterprise networks and applications while preventing network attacks. VIP is an integrated suite of software and hardware products designed to offer seamless, custom, enterprise-security solutions.
VIP offers two-factor and risk-based, token-less authentication. These technologies are most recognizable in their practical applications. Most people recognize two-factor authentication as the security token enterprise users employ to gain access to VPN networks; tokens generate random security codes for users. Risk-based, token-less authentication includes security pictures and recognized computers, which are authentication methods frequently employed by banking sites.
VIP is a mature product that originated in the mid 2000s at Verisign before the Symantec acquisition in 2011.
problem
VIP offers several token options. Traditional, hardware tokens commonly referred to as key fobs are available. Users may also opt for a software token called VIP Access, a native smartphone app available for iOS or Android.
While two-factor security works extremely well, generating and transposing a randomly generated security code from a key fob or smartphone to a separate computer is a repetitive and tedious process, one that often introduces human error.
The VIP Access app also had a dated design aesthetic, with major vestiges of VeriSign branding. When Symantec acquired VeriSign, Symantec logos and minor branding changeds had been overlayed in VeriSign software interfaces.
solution
The VIP Access Push feature allows users to forgo use of randomly generated security codes from a token. Instead, upon login to a secure and recognized website, users confirm their identity through a push notification sent to the VIP Access mobile app. With a button push on their smartphone, users confirm their identity, and gain network access. The feature was billed internally as "the end of the password."
Since the new push notifications involved significant interaction and visual re-work the project was also used as an opportunity to modernize the visual design in the app. The new design followed the Symantec Northstar UX style guidelines, which was another project in which I participated.
Challenges
VIP ran on three-month release cycles. There was always pressure to include more work than was reasonable in any given release, which made for a consistently high-pressure and fast-paced work environment.
VIP Access Push was a new, major feature, making it a more difficult project. The new functionality touched different software products across the VIP product suite, meaning that development occurred across the platform, not just in the app itself. The administration console, VIP Manager, also required significant development work. The new feature was also foreign to both administrator and end-user audiences, necessitating significant work in technical documentation and instructional-design collateral.
The depth of change and complexity with the feature required initial development of UX concepts followed by negotiations with the engineering group. This was an ongoing process throughout the release.
In spite of major obstacles and because of its high strategic sales priority, the feature had to be completed very late in a release. Work only began one month into a three-month release cycle.
Outcome
The feature was kept on schedule and successfully included in the release. VIP Push provided the VIP platform with a competitive edge in the security software market, as no other major vendors at the time of release offered the same functionality. After its release, major analyst firms, such as Gartner and IDC, reported favorably on the new feature and future trajectory of VIP.
PROCESS
*select image for lightbox view
REQUIREMENTS
Once feature sets and engineering specifications were defined for the release, they were handed off to the UX team. We immediately began to evaluate features to create plans and scope work.
DESIGN FLOWS
Once features were prioritized, VIP Access Push was designated a top priority. We immediately began developing design flows to represent the new feature. The flows were then used as a common point of reference between UX and engineering to collaborate and coordinate respective efforts.
CONTENT AND WIREFRAMES
Once the flows were finalized, we immediately began developing wireframes for interface work, in this case entailing both modifications to existing UIs, as well as new interface design. This work touched a number of areas in the product: the administrative console, the VIP Access mobile app, and new sign-in pages. At the same time the wireframes were in development, content development began. Integrated and early efforts between infodev and interaction design resulted in better user experience design.
VISUAL DESIGN
When wireframes were finalized in Axure, visual design began. At this time, I began technical documentation: inline Help or tool tips, online Help, user guides, and release notes, among other deliverables. The bulk of VIP documentation is for IT administrators, but there is also an abbreviated Help system for end users within the VIP Access app.
DEVELOPMENT
A prototype and specification were delivered to the front-end developer. UX work at this stage would typically have been more fully vetted. But given the pace of the project, it was pushed to development early and resulted in several extra iterations when the spec changed. The front-end developer began coordinating his work with the back-end engineering teams.
DEMO AND RELEASE
At Symantec, a release culminates in a broad demo meeting, in which upper management and major stakeholders meet for formal presentation of the new features in the release. Core VIP teams sit in Mountain View and San Francisco, but there are also team members in India, Japan, and Europe. The demo is a major, coordinated teleconference that typically lasts two or more hours and is attended by hundreds of people. Someone from our UX team always led a major portion of a demo fielded tough questions from the audience, typically coming from executives and upper management in attendance.
deliverables
* SELECT IMAGE TO ENTER LIGHTBOX VIEW OR PROJECT GALLERY
VIP ACCESS SMARTPHONE APP
MOBILE COMPS
These final Photoshop comps represented both the visual redesign of the entire app using Northstar UX Guidelines, as well as the introduction of the new mobile, push-notification feature.
TOP
VIP MANAGER ADMINISTRATION CONSOLE
DESKTOP SCREENSHOTS
VIP Manager is the administration console and a separate software product in the VIP suite, used to configure and deploy all components in the system, including the VIP Access smartphone app highlighted in this case study. To allow configuration and administration of the new, push-notification feature required UX design and front- and back-end development in VIP Manager during the same release. However, this design had to adhere to the previous UX style standard, called Highlander. The screenshots below show the differing aesthetics at this point between VIP Manager and the redesigned VIP Access smartphone app in the previous gallery.
TOP
VIP DOCUMENTATION
In addition to design and development of the new feature, I had to ensure that all supporting infodev assets reflected changes and updates in the software. People often forget that content of any sort is a part of the user experience. This required updates to UI strings, tool tips, Help systems, user guides, knowledge bases, and release notes, among others. Download a PDF of the partial documentation set.
videos
VIP TWO-FACTOR AUTHENTICATION (2:00)
This video provides an overview of second-factor technology and push notifications in the VIP Access smartphone app. Since completing the work in this case study, the push-notification feature has been enhanced with biometric fingerprint recognition, a feature highlighted in the video.
Select center Arrow icon to play video. Select Full screen icon for enhanced viewing.
Select center Arrow icon to play video. Select Full screen icon for enhanced viewing.
TOP
VIP ACCESS mobile push prototype demo (1:29)
This demo shows the late-stage, engineering prototype of VIP Access Push in action approaching release. The end functionality is in place, but the UX design has yet to be implemented. It still provides a simple overview of how the feature works. In this example, an imaginary employee of Colossal Corporation attempts to log on to the corporate network, using a push notification as the second factor for authentication.
Select center Arrow icon to play video. Select Full screen icon for enhanced viewing.
TOP
VIP ACCESS FOR ANDROID AND IOS
Select either image to download the VIP Access app in the Apple iTunes or Google Play stores. You can see and test basic functionality without any configuration.
