How to make an Onboarding and don’t die trying

A comprehensive guide to build a powerful user verification process simply and in a few minutes

What is an Onboarding? 🤔

Onboarding — Identity

User Onboarding has in its genre an analogy with the purchase of an airplane ticket and later a check in prior to boarding the trip.
When the date arrives, all that remains is to do the check-in, which is nothing more than the validation of the ticket data and your personal documents to be able to board the plane.

It is the identification process where users start the journey as customers. They go through a KYC process to sign up. “There are no second chances for a first impression” Oscar Wilde

The onboarding of an app is the journey through the initial experience of a product, it begins when the user downloads the app and creates their account and ends when they access the functionalities that we have to offer. However, it is common to see that not much time is invested in this for the first versions of the product.

What is the Objective?

That users can access financial services in a 100% digital way, avoiding the need for physical presence, speeding up times and doing everything from their cell phone in a self-managed way.

Authentication

WHY? 📌
Why are we doing this?
To create an Authentication process where users can perform the data registration and validation process by entering their credentials to enter the application and access the financial world.

WHAT? 📌
What are we looking for?
Solve the friction of users who register or enter with username and password, removing the responsibility from the user to remember username and password as a security method and transforming it into a registration or validation with passwordless where a magic link (OTP) is sent to enter the application only by entering your email.

1. Allow users to login with email
   It is very common for users to forget username or password. It is important that from our place we facilitate identity validation and allow them to do so with the data that is easier to remember. If we already ask for a strong password, save yourself an extra headache. Source: Google Cloud
2. Passwordless
   It consists of sending a Magic Link or Passwordless code (link or code by Email or SMS). It adds an additional level of authentication, since the created user can only be associated with a phone number. Beyond the fact that anyone can have more than one line, it is not
   more common.
3. Login social
   It is a level of authentication similar to that of username and password (with the same characteristics), but that minimizes friction with the user, since it avoids the sign up process or allows it to be reduced considerably.
4. Build a secure auth system
   For this we have different security protocols such as: blocking accounts after several failed login attempts, requiring two-factor authentication (2FA) for new devices or accounts that have been inactive for long periods.
5. Toggle masked password
   Allow users to see the password if they wish. This helps the user to correct if they misspelled their password. For security reasons, the password ID must be masked by default. Allow user a button to toggle password visibility. Avoid repeating password input to avoid unnecessary friction.

KYC — Know Your Customer

Our main validation method is automatic: we use an external service to validate the identity of users, through photos of their ID and their face.

Why it’s so important the KYC Process? “A user who does not complete their identity validation process is a user who does not know the products we have to offer.”

When we talk about user errors, communication matters. Initially we showed a generic error when the validation process failed.

Let’s start with some common mistakes 🛠

Not Readable Document
Blurred
Bad Quality
Glare
Document Reading
Missing back
Punched document
Fraud grounds
Digital Copy
Photocopy
Fake
Manipulated

Are we still talking about theory? 💭

“Bla bla bla” Let’s get to work

But what happens when the user fails in their KYC process? The main thing is to be able to generate error messages for those validations that are not successful due to some error.

Hypothesis 💡

If we generate different messages for errors in the validation process, we would reduce the average number of validations performed.
per user.

Take a look at those Customized messages by type of error. Better right? 😌

In the past we had a 71% conversion between Performed Validations > Approvals. Then we managed to increase them to 87%

When we implemented this improvement, we managed to increase the conversion of the flow by 20%.

Security vs Experience?

Let say that experience is the speed and how fluent you can do the onboarding process. But how does security influence that speed? Maybe the security of the application as PIN code, FaceID, or Fingerprint are some of the speed brakes that impact your experience on the app.

So let’s make the accounts with some math 🤓
(experience — security) = user experience

I have always tried to think of experience as user speed and a fluent app flow. But sometimes you have to use the brake to avoid hitting a wall!
(speed — brake) = safe app usage

Good Authentication and KYC Practices

Coming soon

How are we going to measure it?

Coming soon

Stay tuned

For more information on Product posts, read Ignacio Perez Roca:
https://ignacio-perezroca.medium.com/

Ignacio Perez Roca — Medium