Privacy Strength:
A Quest to Identity
For this project, my team was tasked with taking an existing native app (Identity Force) and treating them like a client of ours. To prevent running into any possible legal issues upon completing our re-design, we changed the name from Identity Force to Privacy Strength. The hypothetical problem Privacy Strength was experiencing was that their customers were not taking proactive steps in protecting their personal information, and in fact only relying on Privacy Strength to step into action once their identity had been compromised.
The lack of customers taking their own precautionary steps created extra work and overhead for Privacy Strength staff, something that could be easily avoided if only the customer practiced a few good habits. We wanted to understand both the business and customer relationship and how we could create more cohesion between the two. Our journey started by researching the real Identity Force and understanding just how they wanted their customers to be more proactive.
Myself speaking during our redesign presentation.
““As I get older and technology advances,
protecting my sensitive information is becoming more of a priority””
Meet the Team
The team consisted of two designers (Vin Bertolli & Emily Slater) and myself. For this project, I acted as the UX Program Manager to provide leadership throughout our design process. Ways in which I executed this role included increasing communication between designers, validating design decisions using UX fundamentals, and streamlining the overall design process. Although we were not working directly with Privacy Strength (Identity Force), we treated our design process with respect and consideration to the company’s attitude, tone, and color ways.
Project Methods
• Business Analysis | Competitive/Comparative Analysis
• Survey | Affinity Mapping | Design Studio
• Sketching | Wire-framing | Low to Hi-Fidelity Prototyping
• Tools included Sketch | Adobe Photoshop & Illustrator
The Problem
To be or not to be proactive…?
So many of us are not taking the necessary steps needed to protect our personal information, even though we understand the implications of someone unknown to us obtaining access to our credit card, bank, tax, and/or social security details. How can we be so tech-savvy, willing to lock and unlock our devices every time we use them, yet fail to “err on the side of caution” when protecting our personal information? Through research we found out that…
We’re Overconfident!
Oh…and lazy too.
After surveying and synthesizing our participant’s responses, we discovered that people are inherently overconfident and lazy. In regard to identity protection, this is due to the lack of incentive for them to take action in protecting their personal information. Unfortunately, no one will pay us to protect our own information. So what IS in it for them? While not being a victim of identity theft is a great perk, it’s just not enough. Clearly our job was to figure how to incentivize people on protecting their identities…and keep them doing it! Ahoy, the Hook Model for the win!!
The Hook Model
For more information on the Hook Model, CHECK THIS OUT.
Nir Eyal, creator and author of The Hook Model, explains how it works:
“At its core, the Hook Model is designed to build products that create habit-forming behavior in users via a looping cycle that consists of trigger, an action, a variable reward, and continued investment.”
This is the driving force behind us what keeps us loyal to all the major companies we support. Something triggers our introduction to a product/service, some action drives us with excitement of a reward, the reward is worth what action we need to execute, and some form of investment keeps us coming back for good. Rinse and repeat. Seems legit right? Well, there is one other thing to keep in mind here. There are both external and internal factors that can trigger the user from the jump. In our case, we were missing the internal push needed for users to be self-proactive in guarding their personal information. This got us thinking, how can we make protecting one’s identity fun?
Then it hit us…make a game out it!
The Fogg Behavior Model demonstrates how Motivation, Ability, and Prompts combined define how someone takes a certain action. In our case, the user’s motivation is low so we need to give them an “Easy To Do” ability to achieve success.
Once pushed, this big red button leads the user to begin their Privacy Quest. It acts as the external push to encourage users in building a stronger skill set for protecting their personal information.
Throughout their quest, players learn various techniques they can practice on their own to protect their identity. In this level, we teach them how to create strong passwords and use a password manager.
The Wonders of Gamification
Our friends at Nielson Norman Group describe gamification as “…the usage of game mechanics in non-game contexts…” (www.nngroup.com/videos/gamification-user-experience/). Pretty much, they’re saying that we can use the mechanical construct of “a game” to make the mundane things in life more fun. So, what if we create experiences using gamification that focus on incentivizing users for protecting their identity? Will this be the gateway to getting people to be more proactive in protecting their personal information? We hoped so, therefore our design led us to gamification to help solve our problem. Now, in order for one to remain proactive in any sense, we must understand that there are two types of behaviors changes needed: short and long term. This concept was crucial to creating an experience that actually altered people’s behavior for good.
Introducing…Privacy Quest!
Here is a video walk through of our prototype showing the first level of Privacy Quest. A sneaky raccoon is trying to steal your passwords, protect yourself!
Privacy Quest is a nostalgic, 8-Bit inspired adventure game that takes the user on a journey through different levels, pitting them against thematic villains and testing their abilities on real life identity protection tactics. The game works as a way to not only educate users on how to take protecting their identity into their own hands, but rewards them for it. In terms of short and long term behavior, we were able to incorporate two different and equally important methods to keep the user well-practiced. A large red button acts as the “internal push” mentioned earlier (Hook Model) to get them intrigued. Upon pushing the button, the user is compelled to conquer a quest of defending their identity against villains (short term) and gain experience in learning various techniques to protect their identity. Another option the user has is called the “Daily Challenge.” Here the user can practice skills on a daily basis (long term) that they’ve learned through the various levels (such as checking their credit card report or bank statement) and continue to get experience points for their shield or even trophies and badges. You may be asking yourself “how does a game teach you to be more proactive in protecting your personal identity?” Great question. Let me explain…
After researching the many different ways our identity is jeopardized, we narrowed down the most common ways people’s information is compromised. This includes using weak passwords, failing to thoroughly check bank statements, having social security information hacked, and scammers sending “phishy” emails. Upon coming to this conclusion, we built levels and villains to represent a “situation” in which the character will encounters these issues. As the user’s character battles each villain through these levels, the game teaches them how to identify these situations and guard themselves from a similar potential situation in real life using proper techniques.
During our two-week sprint we only had so much time to conceptualize each level and villain. That being said, we fully created the first level which is premised on a sneaky (and very cute) raccoon trying to hack your personal identity by stealing your passwords. The purpose of this level is to teach users how to create stronger passwords, and even inform them of password managers. For those who don’t know, a password manager is an application that generates an extremely complex password that is unique to a particular website or app we use and stores it for future use. This alleviates the age old “I know I wrote that password/username down somewhere” issue. We decided to make this the first level because the easiest and most efficient way to keep your personal information private is by using extremely strong passwords. From here, each level challenges the character more and more, exploiting scammer and hacker techniques and how to properly safeguard yourself from becoming the next victim.
Different levels include a:
•RACCOON trying to steal an important password of yours
•WOLF impersonating you to gain access to your credit cards
•SNAKE trying to hack your social security information
•SHARK trying to send you phishing emails
•DRAGON who is guarding your bank account “treasures”
Results, Reflections, and Iterations
Working along side Vin and Emily was an incredible experience! We learned so much about each others strengths and weaknesses, not just as designers but as people. Together we crafted a harmonious environment to work in, taking each step in unison and working diligently day and night to find the best solution for the problem we faced. Considering we only crafted the first level of Privacy Quest, our further iterations would be to continue mapping and designing the rest of the levels and villains to battle. It goes without saying that none of us want to take time out of our busy schedules to check our credit score, read our bank accounts line-for-line, or even simply download a password manager. But playing a game with cute characters with trophies and badges that actually teach you how? We couldn’t have come up with a better idea. Privacy Quest…let the adventure to a safer future begin!