User friendly Secure Software Design

  • We MUST agree and get a full list of client expectation from the system. What is should do and what shouldn't.
  • Make notes for important things they highlighted, and try to draw sample UIs on a paper and get client feedback at the moment.
  • If they already have a similar system, check how it works and why its not satisfying the users.
  • Meet often and deliver often, our design and interfaces.
  • It MUST be simple and easy to use. We MUST focus what we our software intend to do. The best example is Google home page and Medium. People use google to search for something, and Medium to read interesting stories .They always keep search and best stories highlighted. Following two screenshots will give you an idea about this.
Google.lk home page
Medium home page
  • Common features MUST be in their own unique places. Such as user profile, logout features. Those features are commonly in right top corner . Even above two screenshots they didnt change it. These kind of common places should not change in our design.
  • Always use user centric UI design, get user feedback about UIs, if it takes time to develop using a proper tool, at least draw UIs on papers and get feedback. Use dummy data in these interfaces often.
  • If users used to do similar tasks using another software, do not override those patterns. Keep them same places and same pattern. As an example, if old system uses User-Profile-> Notification -> Email to send an email to customer, we must not introduce try to override this.
  • Easy to remember steps to perform an action. Less number of things user to remember.
  • Try to get minimal user’s personal information to the system. If we develop a notification system to a client, we may not need to store our client’s date of birth, civil status, birth place etc. We just need their email and password. This will also help user privacy.
  • Meaningful Warnings. When a user tries to do something dangerous, user should give a Meaningful warning. Like what would happen if you take this action. It can not be undone etc. Also proper colors can be used here.
  • Passwords, one of the main part in software security. When we get user’s passwords, we must make sure user does not enter a common password pattern and also unique ,easy to remember password. No need to ask digit,special charactor, block letters in password. A simple “bla-bla-black-sheep” would take years to crack.
  • Verification : Are we building the product right?
  • Validation : Are we building the right product?
  • Right software stack for the development life cycle. Always get the best and secure software frameworks, libraries for the development.
  • Code reviews, this will be a key part in verification and security of the system.
  • A/B Testing, very important to UI testings, we can get an idea how users behave when same feature is presented in two way.
Source : https://en.wikipedia.org/wiki/A/B_testing#/media/File:A-B_testing_example.png
  • Starting with small number of real users and increment number of users based on user feedbacks. This will help to identify some edge cases we missed during development or even in design.

--

--

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store