Incentivizing Identity Security

Identity Security Rewards

Helping customers protect their identity through incentives


Disclaimer: This is a student project completed at General Assembly in 2018. I am not an employee of IdentityForce and this work is in no way representative of their services.


A major identity protection company wants to find a better way to communicate with customers and encourage them to take actions to improve their personal identity security.



2 weeks


Sketch, Invision


My team collaborated on all aspects of the research and design process. I was responsible for the site’s heuristic evaluation, survey design, user interviews, design strategy, prototyping, testing, and UI design.



  • Competitive and comparative analysis

  • User research through surveys and interviews

  • Design strategy and concept design

  • Iterative prototyping

  • Usability testing

  • UI design adhering to company brand guidelines


The Problem

Customers are not taking simple steps to protect their own data that could help them prevent identity theft.


The Solution

Create a rewards program to encourage customers to take actions that will increase their identity security in exchange for discounts on their identity protection services.

How this will benefit customers:

  • A greater sense of security once they take proactive steps to protect themselves

  • Cost savings for their identity protection coverage

How this will benefit the company:

  • Increased customer engagement with their product and services

  • Reduced customer risk saves on the costs related to a breach, such as restoring stolen data

The inspiration for this concept came from car insurance companies, who reward customers with good driving records with lower premiums.



Understanding the security landscape

48% of respondents never change their passwords

We conducted surveys and looked at existing data to learn about current consumer knowledge and attitudes. We discovered that many people are misinformed about privacy best practices and apathetic about their own security, largely because they do not fully understand the risks involved:

Has your personal data ever been stolen or breached?

survey 1.png

How often do you change your passwords?

survey 2.png

Conclusion: users in the general public have a lack of understanding of security best practices and aren’t taking the steps they need to stay safe.


Understanding user behavior

Fear and apathy

We interviewed several current users of identity protection service products such as Lifelock, True Identity, and Equifax.

Two recurring themes came up in interviews:

  • Most users signed up for identity protection because they or someone close to them had suffered from identity theft. People were terrified that some

  • Most users have little to no interaction with the product they are paying for, outside of a monthly newsletter or an occasional alert notification. Many users expressed the sense that if they don’t hear anything, then they don’t need to do anything.

We developed two different archetypes based on our feedback:

Archetype 2.png

Goal: Help this user feel safe and in control of their information.


Archetype 1.png

Goal: Get this user more engaged.


Understanding motivation

Motivation + Prompts + Ability = Behavior

How can you influence behavior and get customers to act? The answer is a combination of incentives and convenience. We used the Fogg Behavior Model to inform our design decisions. We linked directly to users’ accounts in order to make the actions as convenient as possible, while the financial incentives give them an immediate reward for their efforts.



prototype Iteration 1

Action and communication

We used the insights from our research to develop a solution that would make identity protection both convenient and enticing to users. For the first version of this application, we created a system of incentives that would include prompts to take actions to improve personal security, and a learning center where users could read articles.

Iteration 1.png

Testing results: The functionality was not difficult for users to understand. but users indicated that they were unlikely to use the app to read articles. Referring back to our original business goals, we decided to narrow our focus to a solution based on action rather than communication.


prototype iteration 2

Prioritize and cut

The next version of the application stripped down the incentives program to focus on actions that lead to immediate rewards.

Iteration 2.png

Final Product

The Security Rewards Program

The newly designed homepage includes a prominent link to the Security Rewards page, as well as clearer security alerts, and user credit score.

Case study: Before After.png

harnessing motivation

Prompts send users directly to the place where they need to take action, such as their email homepage or their bank account login page. The next time they visit the mobile app, they see a modal pop-up congratulating them on their action to reinforce their good behavior.

Case study: Rewards.png

visual brand guidelines

I started with the established visual style for the company’s desktop website and built upon it with elements for the new security rewards pages and features.



Users of the new version of the application were able to understand and successfully complete tasks to earn points, which indicates that this program has the potential to successfully motivate users to increase their security protection.


Next Steps

We plan to develop this feature for the desktop version of the website.