Redesigning UI - The Duo Mobile App, What’s New
In early 2019, we embarked on a project to improve the Duo Mobile user authentication experience. It was a daunting task, considering we haven’t changed the Duo Mobile application in over seven years.
We had a few simple principles:
Make it easier for users to enroll and authenticate
Help users self-remediate, rather than call the help desk
Make Duo Mobile accessible for all users
I’m excited to announce we’re ready to allow all users to start testing the redesigned application with us in a public preview. Before we do that, I wanted to take some time to share with you exactly how we’re making it easier for users to authenticate using Duo Mobile. As part of the redesign we are:
Educating First-Time Users
For users new to Duo or the idea of 2FA in general, understanding exactly why your employer is asking you to put Duo on your phone is often a burden. Users are concerned about an invasion of their personal space and what a corporate app might do to impact performance on their device.
In order to help users better understand what Duo is really doing, we’ve introduced the concept of inline education in our enrollment flow. We’ve made it simpler to understand how Duo works, what purpose Duo serves and a variety of changes that help ensure end users successfully complete enrollment.
We found this to be incredibly successful in testing these flows with real users. One existing Duo user went as far as to tell us:
“Prior to seeing this, I thought Duo was just an app my employer put on my phone to spy on me. Now I understand it’s actually there to protect my identity.”
Fighting Fraud by Humanizing the Push Screen
Authentication is hard! Users are asked to constantly be on the alert — scrutinizing URLs and email attachments, ensuring they don’t do the wrong thing.
During our research, we found that we can improve the readability of contextual information that was displayed at the time of authentication, and help end users make the right decision.
These findings have been incorporated into the new Duo Push screen. We are shifting to human-readable language, reminding users to verify that they are actually logging in as they receive the notification. Simple iconography and removal of technical information (eg: ip addresses) helps users understand at a glance whether or not they are receiving a legitimate request.
Finally, you’ll notice we’re repositioning the Approve and Deny buttons. We’re doing this in order to align with best-practices in UI design when it comes to placement of approval buttons. Every other app end users have to interact with uses a pattern of having the approve button on the right, and we can make it easier by aligning with this common practice.
(For administrators who are worried about this generating a lot of tickets or denied Pushes, we’ve done extensive testing on this internally at Duo and with real end users and have found users adjust very quickly, with no significant increase in denied pushes).
Reducing Help Desk Tickets by Enabling Self-Remediation
Any customer that has had to roll out quickly has dealt with the challenge of end user education. Mobile apps can be invasive and users are rightfully wary of granting new apps permissions on their phone. Help desks commonly had to help users remediate when they accidentally denied notification or camera permission for the mobile application.
Our new Call-to-Action area will guide users to self-remediate when they are in a known error state. For example, if we detect a user has notifications disabled, Duo Mobile will alert them at the top of the app, and guide them to enable notifications so they can successfully authenticate.
To start with, the Duo Mobile app will alert a user if they have notifications disabled or have no cellular or wifi connection. We plan to continue adding use cases over the coming months.
Simplifying Account Management
In our user research, we found that many users had trouble performing simple tasks without education. This makes sense! Users just want to ‘do Duo’ and get on with the work, not stop to learn about how to do things in an application.
We realized we need to make it as easy as possible for users to perform day-to-day activities they might want to do. Moving to a new card-based UI allowed us the freedom to expose functionality many users didn’t even know existed, such as the ability to add/edit and remove accounts.
The card-based UI also made it easier to show first-time users how to use passcodes, without relying on documentation or training from the help desk.
There are a host of other changes we added as well, all aimed at simplifying the end user experience.
Made it easier for end users to add a new account
Improved navigation by adding an easier-to-access slide-out menu
Decluttered the settings menu so it’s easier for end user to find help information and discover new features
Empowering Advanced Duo Users
Research showed that the majority of our users only ever use Duo for work. They have one account (their employers) and they use the Duo Mobile app to simply authenticate once or twice a day.
However, a significant portion of our users are advanced. They are protecting work and personal accounts, with some users protecting upwards of 40 accounts! Duo Mobile is an important part of their own personal security and we needed to make sure the app works equally as well for them.
In order to do this, we introduced a new view — if a user has more than two accounts, they will switch from the card-based layout to a stacked view, allowing you to quickly scroll and find the account you are looking for. We made this even easier by aligning the color bar for the account with the color of the logo, so you can visually differentiate and find accounts.
We also are doing a better job exposing the ability to reorder accounts — something we know many advanced users rely on to build muscle memory to quickly locate the right account.
This was a really important change! Now that we’ve stopped treating all users equally in our UI, we can continue to think about adding additional features aimed at supporting power users in the future, like the ability to search within your accounts or to add custom account icons.
Speeding Up the New Phone Migration Process
Finally, we know one of the biggest points of friction can come when a user gets that new phone over the holidays. In all of their excitement, they forget about Duo right up until they need to access their work email after vacation ends.
We introduced Instant Restore in order to make it easier than ever for users to seamlessly restore their Duo Accounts over to a new phone. With the new UI, we’re introducing a few improvements to make it easier for users to successfully complete the restore flow, such as more explicitly guiding users to use their old phone on Android.
We also are making it easier for users to back up and restore their personal accounts. While we enable users to restore their personal accounts, we found that a significant portion of users were not taking advantage of this feature, causing them to be locked out when they got a new phone.
In the new UI, we highlight this feature to users, right when they add a personal account and have seen a significant uptick in the number of users enabling restore.
Making Duo Mobile Accessible for Everyone
Last, the new design considers everyone. We've made it so Duo Mobile will be easier to use for people with disabilities, going beyond AA compliant with the Web Content Accessibility Guidelines.
Updates include:
Support for dynamic text, so users can change the text size to be whatever size is most readable, and the app will adapt its layout accordingly.
Adding landscape views across the app, so it can be used regardless of orientation. This is excellent for users with phones hard mounted to wheelchairs or anyone who finds landscape orientation more convenient.
Revamping how our screen readers follow content and actions to be as efficient as possible.
We're just getting started, and updates will continue to come as we go to improve accessibility for all users.
This Looks Awesome!!! How Do I Test This?
We’re going into public preview with the new UI starting at the end of June. Anyone (administrator or end user) is welcome to test the new UI.
Simply sign up here and we’ll automatically sign you up to participate in the preview program going forward.
We’re looking forward to testing this with you and are really excited to make these changes a reality for all Duo customers come this fall. This newly redesigned application will continue to make Duo the easiest authentication product on the market for your users.
Try Duo for Free
Want to test it out before you buy? Try Duo for free using our 30-day trial and get used to being secure from anywhere at any time.