Serena is a digital designer at the Bank of New Zealand. Currently she's crafting design frameworks and building a living styleguide. She's on a mission to create a web that is accessible, performant and secure. Her background is in theoretical physics, where she specialised in both quantum mechanics and general relativity. As a hacker at heart, she loves reverse engineering puzzles and breaking things in her spare time.
When she's not organising the next Rails Girls Wellington or running HVNGRY, the inclusive teen magazine she founded, Serena hosts a podcast that covers every topic from artificial intelligence, to political extremism, to the pay gap.
She's secretly very good at foosball.
In the day and age where we share personal information with every website and app we touch, security has never been more crucial. Yet it's a rare topic outside of security teams and hackers. And in design, it seems to be completely missing.
This is a mistake.
There's a misconception — perpetuated by green lines of incomprehensible code in movies — that security is a niche for masterminds. But in the real world, most security breaches don't come from 0days or neat hacks. In fact, most errors are human. Simple scams that have worked since the internet began.
This is where design fills a missed opportunity.
Good user experience design is necessary for good security. We can craft paths of least resistance that match paths of most security. We can educate our users on what is good practice and what is security theatre. We can design secure flows that are usable, not obstructive or annoying.
In this talk, we'll pinpoint which security practices actually work. We'll separate them from those that are misleading, and those that are downright detrimental. We'll cover perceived security: how we can make our users feel safer as well as be safer. And to round it off, we'll walk through some common flows, and dissect how design decisions affect the personal security of our users.