CONFIDENTIAL • ONEPASS

Q2 2026

Redesigning access and credential management for a global financial institution
93% self-service completion for the redesigned quick actions in a 12,000-employee pilot's first month

Confidential work, shown responsibly

To respect confidentiality, all screens shown are representative recreations with fictional data. The shipped designs, internal metrics, and research artifacts remain proprietary.

Role: Senior Product Designer — discovery, personas, journey mapping, IA, and end-to-end design for internal and external experiences
Timeframe: November 2025 – June 2026 · shipped, in staged rollout
Scale: A workforce of 500,000+ current and former members; ~121,000 internal users active monthly
Team: Solo designer, partnering with two product owners, a business analyst, a researcher, and the development team

The strongest security controls in banking weren't getting used. Card lock adoption was flat. Engagement on the Security & Privacy Center was low. And 58% of users were abandoning their CCPA data requests mid-flow, blocked by legal jargon and no visibility into status. Meanwhile, third-party apps like Rocket Money and Aura were building entire businesses out of the privacy and security experiences that Chase had buried inside the banking app. I led design across the Privacy Products initiative — reframing the Security & Privacy Center around a single principle: control should feel like a choice, not a confrontation.


Role: Senior Product Designer, Privacy Products • Team: 1 Senior Designer, 1 Associate Designer,

1 APO, 2 Researchers, Digital Titans Dev Team • Timeline: 8 months, Q4 2024 launch


What is OnePass?

OnePass is one global financial institution's answer: a single hub for the full life of a workforce credential — getting access, managing it, and recovering it when it breaks — designed around a simple observation that took real evidence to earn: people don't visit a credential portal to browse. They visit because they're stuck, or because they want to know they won't be soon.


The Problem

Every locked out employee is a stopped employee

A locked account at a global bank isn't an inconvenience. It's a trader who can't trade, an analyst who can't open the model, a new hire spending their first morning on hold. Multiply that by a workforce of hundreds of thousands — each person carrying passwords, tokens, PINs, security questions, and registered devices, every one of them capable of expiring, locking, or failing at exactly the wrong moment — and credential management stops being an IT utility. It becomes infrastructure for whether work happens today.

Research

What the data told us

The analytics told me what users came for: a handful of urgent moments — unlocking an account, resetting a password or PIN, requesting a token. They also told me users were failing. Site-wide, only 67.7% of visits ended in successful self-service; the rest ended in abandonment or a help desk call.

The average hid the worst of it. On the most urgent task — unlocking a locked account — only 52% succeeded without help, because unlocking was the only task that required reaching another person. The problem wasn't how the portal looked. It was what the system required.

The interviews said the same thing in human terms: users weren't just failing, they were failing scared.

The Decision

Fix the experience, not just the interface

The original scope was reasonable: a visual reskin, aligning OnePass with the firm's new design system. Fast, low-risk, already planned. But the research showed the abandonment driver lived below the interface — a reskin would put a calmer surface on the same trap.

So I built the case, and my product owner and I brought it to engineering — not as a critique, but as evidence. Together we expanded the scope on both ends: an interface redesigned for high-stress moments, and a system redesigned to recognize a user's account status and initiate identity verification automatically. No more waiting on another person.

The Solution

Calm on the surface, intelligence underneath

The interface was rebuilt around how people behave under stress: four plain-language quick actions where a locked-out user lands first, account state — password expiration, token status — surfaced before any decision is asked of them, and every entry point named in the user's language instead of the system's.

Behind the surface, the firm opened additional verification methods, giving users ways to prove their identity and self-serve immediately — no more waiting on another person — while maintaining the institution's identity verification protocols. I've kept the system detail deliberately incomplete here: authentication architecture at a financial institution stays confidential, even anonymized. I'm happy to go deeper in conversation.

The Redesign

The shipped design, with the principles marked where they landed. A locked-out user meets four plain-language actions instead of twenty menu options. The system speaks first — password expiration, token status — before asking anything of the user. And the page assembles itself around the individual: credentials you hold, devices you've registered, nothing you don't.

What the calm surface doesn't show is the point: behind it, the system now recognizes a locked account and opens verification paths that need no one's permission but your own.

Impact

EARLY SIGNAL • PILOT, FIRST MONTH

93%

12,000

Quick action tasks completed through self-service, no help desk required

Employees in the pilot line of business - the first stage of a firm-wide rollout

Reflection

OnePass began as a visual refresh and became a systems project — because the research wouldn't support anything smaller. The lesson I carry forward: when users are failing, look below the surface before polishing it. The interface is only as calm as the system behind it.

What's next

Currently I am working on Privileged Access Global Secrets Management, to reduce dependencies on human access and create automated systems to remove all standing access within the firm.