You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 7 Next »

Design

Our application is designed to look like a familiar mobile chat application, with the pertinent details about secure communication highlighted and most of the technical details abstracted away. We felt that most of the existing solutions available were not usable by the vast majority of the population, and wanted to design something that would be secure while making encrypted communication more accessible. Thematically, we went for a very minimalist UI to further emphasize our goal to simplify encrypted communication. At a high level, the application is broken into 4 tabs, each of which provides essential functionality to the application.

GUI Section

Screenshot

Design Commentary

Login

 

The login screen was designed to ensure the application preserves security. It appears any time the application loses focus, to ensure that anytime the phone changes state, turns off, or otherwise may potentially enter an unsecure state, a password must be entered. The screen was kept simple with just the essential fields and allows the user to quickly enter their password to get into the application.

Inbox

 

The Inbox screen is where the user can view and send messages from other users.

The inbox is designed to look and feel like a traditional text message/chat mobile application so that learnability is made easier. We designed a number of visual cues to help the user quickly assess the security level of particular conversations and messages -- the icon suggests the number of participants and whether the users are verified by color. Individual messages and also marked in the appropriate color, and an icon further reinforces whether the person who they are communicating with has been verified. We decided to leave multiple indicators in after noticing numerous mentions in the heuristic evaluation about how different users may not be able to perceive some of these essential security indicators (such as colorblind people).

Efficiency was also considered to streamline some of the verification process when having conversations. Unknown users can directly be added to the contacts list and their verification process updates all existing messages.

Contacts

 

The Contacts screen is where users can browse and edit the users to whom they expect to communicate securely with.

This screen is designed to look and feel much like existing contacts applications to enhance learnability.  A sorted list of known users is displayed, and can be paged through and data modified. What is unique is that the data stored includes a secure key which identifies that person (required for secure communication), and a flag to denote whether that person is known to the user. These data elements simplify the transactional needs of encrypted communication, the first of which can also be passed physically with a barcode (see My Identity below). There were debates on how much data to allow the user to see/mess around with in terms of contact data, and we settled on trying to keep things simple and uncluttered with lots of contact data.

Efficiency was taken into account when creating the delete contact feature, which can optionally also automatically remove past messages from that user so that the user doesn't have to delete them manually. In addition, we allow the user to add new contacts in two ways -- one is manually entering in their secure key, while the second uses the built in camera on the phone to take a photo of a 2d barcode. This is a vast improvement in efficiency for passing secure keys in person.

Security is also emphasized as any non-reversible tasks require a confirmation before they will execute.

My Identity

 

'My Identity' is a simple screen that shows the user's profile data, and a large 2d barcode that can be used to physically share their encryption key with another user of the application.

Heuristic feedback suggested that users were not entirely who's identity this page was meant for, so we added a new title to signify that it was their personal identity.

Settings

 

This is a basic settings screen with gives a place for the user to modify application settings. This is designed much like any typical settings screen, and as of now only allows the user to edit their password.

Implementation

Evaluation

Three user tests were performed in order to investigate the effectiveness of our interface. One developer acted as both facilitator and observer for each test. We located users who we thought we be good targets for the application -- users who were interested in securely communicating with others, but not necessarily those who understood the technicalities of encrypted communication.

We introduced our application briefly, and the asked each user to perform the following tasks:

  1. Log into the Application
  2. Add the Facilitator as a new Contact via Barcode
  3. Initiate a Conversation with the Facilitator
  4. Receive a Message from an Unknown Contact and Add that person as a new Contact
  5. Remove the newly added contact and all messages they sent

Reflection

  • No labels