URSA

UX DESIGN

RESEARCH

INTERACTION

Overview

Overview

Overview

Overview

Ursa is a desktop security tool designed for small businesses, offering protection against phishing attacks. It screens incoming emails, educates employees on recognizing phishing attempts, and streamlines the reporting process. This ensures a secure email communication environment, boosting employee confidence in their digital safety.

Specifications

Role: Team lead, UX Research

Duration: 10 Weeks

Team: group of 5

Tools: Figma, Illustrator

🖱️ Hover on the image to stop the slideshow!

Problem Discovery

In an age of evolving technology and AI, personal information security is paramount. Phishing attacks exploit vulnerabilities with psychological tactics. Ursa was developed to counter this threat, securing our digital world.


Targeting small businesses, often vulnerable despite cybersecurity, due to their sensitivity to resource loss, making them prime for phishing attacks.

Research

Research

Research

Research

The first step was to began with secondary research to understand the scope of the problem space we were entering. It was crucial to identify which groups face phishing attacks daily, as well as the market and strategies employed by phishers.

25% of the phishing attack is towards the small businesses

more than 70% of the small businesses are not prepared against the phishing attacks

Over $1 million is lost from phishing attack in 2023, and it is rising.

It is clear that small businesses constantly face challenges with phishing emails, struggling to secure their data and resources daily. Even with security measures in place, phishing attacks target people directly, making complete protection difficult.

Target Audience

For small businesses, even a minor loss of information or resources can be critical, which is why we prioritized them for our efforts.


Our target audience consists of inquisitive, tech-savvy small businesses facing challenges in securing their networks due to limited resources for in-house cybersecurity specialists. Our platform is specifically designed for those deeply concerned with cybersecurity, offering a solution to bolster their defenses against digital threats.

Expert Interviews

25 Survey Responses

60% of employees have some form of cybersecurity program. However, only 40% of those with programs are satisfied with them.

User Interview

Gathered over 100 insights, Their experience with the phishing emails validated that them and their connections have been impacted by the phishing emails in someway or another.

Expert Interview

Experts highlighted that the current phishing email training programs facilitated by companies are both ineffective and time-consuming.

Turns out, current cybersecurity tools aren't cutting it. Our interviews shed light on how people fall for phishing scams. The experts pointed out some solid protection strategies, which are scattered across different platforms that we could bring them together and improve.

Persona POV

Created the persona POV and empathy map to illustrate the scenario where we can fully satisfy the people who are involved with the phishing email situations.

Ideation

Ideation

Ideation

Ideation

Idea Dump

The purpose of this activity is to provide the team a little break from the pressure of thinking the right things every time and making the "correct" decisions every time. It was done in a new environment, with no time constraint, and we drew fun features as we talked about topics outside of the project.

Feature Feasibility

Mapped out the Feasibility map to support which features to focus on.


Mapped out the Feasibility map to support which features to focus on.

Mapped out the Feasibility map to support which features to focus on.

Lo-Fi Sketching

Once the features were listed out, each team member drew out the set of lo-fis, visualized the mid-fi by choosing the strongest visualization of informations.

Navigation Bar

From the expert interviews, the challenges identified include employees being able to predict the timing of phishing emails sent for training purposes. Additionally, the lack of diversity in the email contexts makes it easier for employees to recognize and identify these test emails.

The employer navigation bar prioritize the monitoring the phishing emails and progress of reporting of the business. Based on the progress, the employer can send out the campaign with randomness, which will provide more realistic data on identifying the phishing emails.

The employee navigation bar has been streamlined to exclude unnecessary complexity, creating a less intimidating experience. This design helps employees quickly access what they need, complete their tasks efficiently, and return to work without distractions.

Userflow: Email Widget

The real impact needed to be where the actual communication happens, right in the email interface itself. The email widget will stay within the peripheral vision, allowing employees to engage with the widget at anytime.

Interface Developing

In order to successfully inform extensive amount of data, following three factors were essential in our interface.

Simple Design

Clear Userflow

Intuitive Information Architecture

Usability Testing

We've reached an exciting milestone with our functional prototype now ready for user testing. Usability testing and expert evaluations have been conducted to ensure a seamless experience for both employees and employers, and the feedback has been effectively implemented.

Conducted 15 of A/B Testing

6 Usability Testing

2 Expert Evaluation

Final Design

Final Design

Final Design

Final Design

Brand Development

Hi-Fi

Hi-Fi

Hi-Fi

Hi-Fi

Employee Interface

We recognize employees' time constraints regarding security matters. Consequently, we've implemented concise, strategically placed information across the platform. Our email reporting education campaign is designed for high visibility and easy engagement.

Employer Interface

Displayed crucial information for employers, ensuring that they are well aware of the cybersecurity situation in their business. Tracking the amount of phishing emails as well as the progress of employees will provide enough information to keep the business safe.

Email Widget

The monitoring of phishing emails becomes ineffective if malicious messages go unreported. To address this, we have implemented an email widget that ensures a consistently visible and intuitive method for reporting suspicious communications.

Vision Video

Vision Video

Vision Video

Vision Video