Abstract by Devon Howard
Designing for Understanding: Helping Users of Signal to Understand the Authentication Ceremony
When designing a mobile application, developers tend to overlook the importance of usability, particularly as it applies to security. To demonstrate some of the blind spots that exist in the design process and certain techniques to fix them, we conducted a redesign of the Signal secure messaging application. To begin, we conducted a cognitive walkthrough of Signal’s warning process and found various obstacles that confused users and impeded their ability to mitigate the risk presented to them. Avoiding ad hoc improvements, we based our redesign on data-driven methods, focusing our attention on improving user understanding. We then verified our redesign through user studies, which showed favorable improvement on user comprehension of risk.