Authentication (who are you?) and authorization (what are you allowed to do?) challenges are core pillars of the security architecture that interacts with end-users.
Service providers can do a large amount of work on their own to secure their services, but at the end of the day, there is a shared responsibility between service providers and end-users to realize effective security. A technical implementation is the first step towards addressing those challenges, but the security user experience also needs to be a first class citizen. If user's don't enable security features, then those features don't provide any security value.
We help services make sure that they are following the technical best practices when it comes to authentication and authorization and also audit their security UX to help increase adoption rates of security features and make them easier to use.
Think your service could use some security UX improvements? Get in touch at firstname.lastname@example.org!
Conor Gilsenan is a software engineer with 8 years of experience focusing on security. He has worn many hats: application programmer, DevOps engineer, architect, and author to name a few. He provides the technical expertise.
Ray Gonzales is a designer who has spent over a decade focusing on delighting users and has worked in the security space for 5+ years. He provides the UX expertise.