© 2018 by Shatabdi Biswas

Paytm Login and Secure Access

Building trust between users and digital payments

My Role

  • Study User Login Flow on Paytm Android App

  • Improve User experience of Login Flow

  • Reduced login failure and attempts to re-login

  • Reduced customer tickets

  • Proposed new login flow 

  • Introduced lock to access wallet

Login Experience

Old Login Screens

Design Highlight

New experience of displaying/instructing password hint to help users in creating passwords that follow Paytm guideline. Since a lot of paytm users are from semi-literate backgrounds, helping in creating a password proved essential.

Result:

Lesser errors in creating passwords

Reduced time and effort

Better learning

Trust is the key

Mobile payments, has disrupted the Indian markets in the recent times. Indian government is encouraging the common man to go digital. But adoption to mobile payments has a major roadblock, security. Consumers have not wholeheartedly accepted the payment technology. Widespread adoption of mobile payments can only be achieved when there is trust in the system.

 

Creating a system which is parallel level of real world security in the virtual world is a challenge. We proposed a strong authentication mechanism that binds the identity of the user to the authorization of the transaction. Even if one looses their mobile phone, their authorization to transact can never be stolen.

Introducing 3 level authentication

Phone numbers are truly becoming a user’s identity. All bank transactions, Aadhaar Number are all linked a person’s phone number. Thus, it becomes vital for the users to be able to secure their account created via a phone number with their banks.

What we are proposing takes into consideration the fact that users do forget their passwords, and they should be able to easily and securely be able to modify their passwords.

 

Creating a secure login for first time users

User will be asked to verify their active phone numbers by verifying it via OTP. Thereafter the user would be able to create a password, choose a pattern, complete the profile. This is a one-time step that the user has to go through for ensuring maximum security.

3Ps for security

As humans, we are forgetful.

Understanding the fact, that we are forgetful, one goal that the product tries to achieve is to simplify retrieving accounts without compromising the safety and keeping the identity of the user intact.

Case 1:

User forgets their password, remembers pattern. User is unable to login to the app.

The phone number becomes the first identifier for the user, OTP will be sent,, auto filled and verified by the system. The second authentication will happen when the user is asked to put their unique pattern. Once both of them match a user is able to login and proceed with the app task. The user is also asked to change their password.

Case 2:

User forgets their pattern, remembers password:

User is able to login but unable to make transactions

To ensure that the mobile number is not being misused, the user will be sent an OTP to the registered mobile number and enter their password again. Users will then be asked to create unique pattern.

Case 1 and Case 2 will also help users to retrieve accounts on new devices with the help of their phone number and a combination of pattern or password.

Case 3: User forgets their password, pattern

Introducing Trusted Contact:

A trusted contact is set up by the user by adding ONE important contacts from their contact lists where OTP will be sent the user then will have to take the OTP from their trusted contacts, use OTP sent to their retrieve their account.

Implementation

The first release in a quick startup environment is MVP. In this case, the idea was implemented in a week by building the pattern lock feature on top of Android device lock.

Way Forward

There are two major modes of payments that are catching up in the Indian and global market, one UPI another blockchain. UPI is a fairly new but with apps like Tez and PhonePe users are getting used to the simplicity and fast functionality.

 

Blockchain has disrupted the global market, eyebrows are raised but the potential of Trust is not overlooked. Blockchain is based on cryptographics thus reduces cyber fraud to a great extent.

 

India has seen rise in blockchain transaction and RBI has also successfully tested transactions using blockchain. Blockchain is the way forward and can change the way we deal with digital money, it may create a world that we may call “Internet of Trust”

View more Projects