NowSecure MASVS Compliance Feature: Case Study

Securing the Future: Crafting an Intuitive MASVS Compliance Experience

Role:

Lead UX Designer

Team:

Collaborated with product owner, sales engineer, developers, CEO

Impact:

The MASVS compliance feature delivered a user-friendly, scalable solution that boosted trust and usability for both executives and mobile application developers

Problem Framing

NowSecure, a mobile security platform, undertook a major product overhaul to address technical debt by integrating MASVS (Mobile Application Security Verification Standard) compliance testing. The challenge was to create a user-centric, scalable solution that delivered clear, actionable insights into security vulnerabilities, met the needs of both executives and developers, and aligned with industry-recognized security standards. Key issues included presenting complex MASVS data intuitively, balancing simplicity with technical depth, and resolving usability challenges from information overload.

Design Process and Decision Making

As Lead Product Designer, I collaborated with a lean team (CEO, Product Owner, Sales Engineer, and Developers) to rebuild the product, leveraging a Figma-based design system for consistency and scalability. The process unfolded in four phases:

1. Laying the Foundations (Weeks 1–2)

Objective: Define requirements and deliver an MVP for MASVS integration.
Actions: Conducted stakeholder interviews, including with an MASVS contributor, to define requirements: a high-level compliance overview, detailed issue drill-downs, and support for diverse app portfolios. Collaborated with engineering to ensure scalability and data security. Designed an MVP with a single-page MASVS report, detailed test cases, and tooltips linking to fixes.
Decisions: Prioritized a modular Figma design system to ensure UI consistency and scalability, aligning design with engineering constraints.

2. Alpha Launch and Feedback (Weeks 3–4)

Objective: Validate the MVP with alpha users (enterprise clients and internal teams).
Actions: Gathered feedback via video calls and surveys, revealing user struggles with MASVS jargon, differing executive vs. developer needs, and a preference for immediate fix suggestions.
Decisions: Redesigned for the Beta release with tiered explanations: an executive summary with pass/fail status, detailed control insights with drill-down functionality, and inline plain-language explanations to demystify MASVS categories.

3. Post-Launch Iteration (Weeks 5–6)

Objective: Address dashboard usability issues, including information overload and conflicting risk indicators.
Actions: Analyzed user interactions, identifying that users missed critical vulnerabilities due to dense layouts. Explored solutions like prioritizing high-risk items, adding a “Top 3 Actions” banner, and introducing a single compliance score.
Decisions: Implemented a simplified compliance score (e.g., “Your app meets 70% of MASVS requirements”), prioritized critical vulnerabilities at the top of the dashboard, and added collapsible sections for detailed insights, balancing executive and developer needs.

4. Product Distribution (Week 6+)

Objective: Launch the feature to all customers and position NowSecure as a thought leader.
Actions: Rolled out the feature with a focus on a clear compliance score and actionable insights. Expanded the Figma design system to support new features like automated alerts. Collaborated with sales to highlight ease of use and differentiation in demos.
Decisions: Emphasized a single compliance score and top issues list to streamline user understanding and drive adoption.

Impact

User-Centric Design: The simplified compliance score and prioritized vulnerabilities reduced information overload, improving usability for both executives and developers.

Adoption and Efficiency: Achieved 80% adoption among enterprise customers within three months, with over 200 apps scanned in the first quarter. The Figma design system reduced design turnaround time by 40%.

Enhanced Trust and Value: Tiered explanations and actionable insights built user confidence, positioning NowSecure as a leader in mobile security compliance. Scalable Foundation: The design system and iterative feedback loop enabled rapid feature expansion, ensuring long-term scalability.

Key Learnings

Early collaboration with subject matter experts ensured accuracy and credibility.
Layering information (executive summaries vs. detailed views) addressed diverse user needs.
A unified design system accelerated iteration and maintained UI consistency.
Continuous user feedback loops were critical for identifying and resolving usability issues early.

Conclusion

This project transformed NowSecure’s platform into a user-friendly, industry-aligned solution, delivering immediate value and laying a foundation for future innovation. The iterative design process, informed by user feedback and a scalable design system, ensured the MASVS compliance feature met diverse user needs while driving significant adoption and trust.