Back to Work

Leading US Bank · Business Access & Tools

SecureAccess: AI-Powered User Permission Management

Designed an AI assistant for small business owners to simplify the complexity of user permission management within the bank's Access & Security Manager — delivering guided setup, smart suggestions, and proactive security controls while keeping business owners firmly in charge.

AI Product Design UX Strategy Enterprise FinTech Research & Discovery
Client Leading US Bank
Role UX Strategy Lead
Scope Research · Concept · UX Design
Platform Web · Enterprise SaaS

Overview

The Opportunity: Simplify Permission Management for 8.7M SBOs

Business owners managing user access within the bank's Access & Security Manager face a high-stakes, low-guidance experience. Assigning the right permissions to the right employees is complex — and the consequences of getting it wrong range from operational inefficiency to serious security risk.

SecureAccess is an AI-powered assistant concept designed to transform this experience: offering step-by-step guided setup, role-based AI recommendations, real-time security alerts, and proactive error checks — while ensuring business owners retain full control and transparency over every decision.

30%
AI Adoption Growth in Banking
AI adoption in financial services has accelerated by ~30% over two years, creating a clear opportunity for AI-driven UX in access management.
50%
Reduction in Fraud Risk
AI security systems have reduced fraudulent activities by up to 50% — the direct impact of proactive permission monitoring at scale.

The Problem

Managing Access Is Overwhelming and Opaque

"As a business owner, I need a streamlined and intuitive way to assign permissions to my employees that align with my business needs while maintaining robust security. The current process is often overwhelming and lacks clear guidance, leaving me uncertain about making the right choices. I either grant excessive permissions or handle tasks myself — leading to inefficiencies and increased workload."

The current ASM experience was built for operational completeness, not customer clarity. For a small business owner who isn't a security expert, the friction was real and the stakes were high.

Core Pain Points

Complex Permissions Management

Overwhelming processes and lack of clear guidance left owners uncertain they were assigning the right access levels.

Inadequate Security Notifications

Notifications failed to provide timely, actionable information — leading to excessive access grants or undetected security gaps.

No Intelligent Guidance

No system helped owners understand what permissions were appropriate for a given role — decisions were made by trial and error.

Cognitive Overload

The mental load of managing access — particularly across multiple employees and accounts — caused owners to either over-delegate or avoid the task altogether.

Current-State ASM — The Before
Add a screenshot of the existing ASM interface showing the overwhelming permissions table, unclear labels, and dense layout. A before/after comparison works well here if available from your slides.

Current state of the bank's Access & Security Manager — the dense, guidance-free experience that SecureAccess was designed to replace.

Market Context

AI Is Transforming Financial Services — Permission Management Is Next

AI adoption in banking has accelerated dramatically, with institutions leveraging AI to enhance account access, security, user experience, and overall productivity. The data showed a clear case for bringing AI-driven assistance into the permission management workflow.

25%
Streamlining Operations
AI tools cut operational costs by automating tasks and optimizing processes, reducing administrative work and boosting productivity.
50%
Elevating Security
AI systems have reduced fraudulent activities by up to 50%, highlighting their effectiveness in preventing unauthorized access.
30%
Enhancing User Experience
AI chatbots and virtual assistants have increased service efficiency by 30%, leading to faster responses and higher customer satisfaction.

User Research

Five Insights That Shaped the Design Direction

Research with small business owners surfaced consistent, actionable themes. These findings directly informed every design decision — from the AI suggestion model to the transparency and control mechanisms built into SecureAccess.

1
Need for Simpler Guidance

Users wanted easier, step-by-step help when setting up permissions — with clearer explanations and suggestions tailored to their business type and employee roles.

2
Desire for Control

Users were open to AI assistance but wanted to retain final decision-making authority — especially concerning financial access levels. AI must advise, not decide.

3
AI for Error Checking & Alerts

Users were comfortable with AI helping to spot problems, suggest improvements, and send security alerts — but not for making final permission decisions autonomously.

4
Security as a Top Priority

Business owners prioritized data protection above all. AI-driven features needed to feel secure, transparent, and easy to understand — or they would be distrusted.

5
Frustration with Existing Bank Processes

Users found adding users to bank accounts confusing and time-consuming. The process lacked feedback, confirmation, and any form of guidance — indicating a clear need for simpler, more user-friendly systems. Many resorted to calling support just to complete basic access changes.

Research Synthesis — Insights Affinity Map
Add a screenshot of your research synthesis output — affinity map, insight clusters, or the slide summarizing the 5 key findings from your PNG deck. Shows the evidence that directly shaped the design decisions.

Research synthesis from SBO interviews and usability sessions — five recurring themes that defined the SecureAccess design brief.

The Solution

SecureAccess: Smart, Secure, and Simple

SecureAccess is an AI assistant embedded in the bank's Access & Security Manager that guides business owners through every step of user permission management. It combines personalized AI recommendations with full user control — making the right choice the easy choice, without removing the owner from the driver's seat.

Guided Setup
Step-by-step recommendations tailored to the business type and typical role-based access needs — eliminating uncertainty at every decision point.
Smart Suggestions
AI-driven insights based on industry patterns and business type to prevent over-permissioning — ensuring employees get only the access they need.
Security Alerts & Error Checks
Proactively flags risky permissions, unusual access patterns, and potential security gaps — surfacing concerns before they become incidents.
Clear & Timely Notifications
Real-time updates on permission changes and alerts that owners to critical issues — actionable, not just informational.
Full Control, No Surprises
AI assists with suggestions and checks, but the final decision always stays with the business owner. Every recommendation can be overridden, and every action is fully transparent — AI serves as a supportive tool, not an authoritative one.

Interface Design

Access & Security Dashboard

The dashboard provides business owners with a complete overview of user management and access control. Real-time alerts surface security concerns immediately. AI Assistant is always accessible for in-context guidance. Account activity is actionable, not just informational.

Search...
Unusual login activity detected from 2 accounts in the past 24 hours. View All Alerts →
JA
John Anderson
j.anderson@mybusiness.com · Business Owner
Edit Profile →
Quick Actions
Add New UserGuided AI setup
AuthenticationEnhance security
View ActivityMonitor actions
Dual ControlExtra protection
User Role Permission Security Last Login Status
JSJohn Smith Administrator Full Access Token ID Mar 30, 9:14 AM ● Active
SJSarah Johnson Manager Limited Access 2FA Mar 28, 3:42 PM Inactive
MCMichael Chen Analyst View Only Token ID Mar 30, 8:01 AM ● Active
EDEmily Davis Supervisor Standard Access 2FA Mar 29, 11:55 AM ● Active
Account Activity
JS
John Smith was added as an Authorized user by John Doe · 5 min ago View Request →
SJ
Sarah Johnson modified permission settings for Marketing team · 2 hrs ago View Request →
MC
Michael Chen enabled two-factor authentication · 4 hrs ago View Request →
Enhance Your Security
Set up additional authentication layers to protect your business accounts.
Set Up Now
Help & Support
FAQs
User Guides
Contact Support
SecureAccess AI
Hello! I'm your AI assistant. How can I help you manage access today?
Ask SecureAccess for help →
© 2024 SecureAccess Business. All rights reserved. Provide Feedback
SecureAccess Dashboard — High-Fidelity Mockup
Add your full-fidelity Figma dashboard screenshot here. This is the centrepiece of the design — showing the AI alert banner, user management table, quick action buttons, and the AI assistant panel. Desktop view preferred; mobile view can go alongside if available.

High-fidelity SecureAccess dashboard — real-time alerts, AI-assisted user management, and at-a-glance access control for small business owners.

User Flow

A Four-Step Guided Experience

The AI-assisted flow breaks the complex task of adding a new user into four clear, manageable steps — with AI suggestions available at every stage and full user override at any point. The goal: make the right choice obvious, not just possible.

1
AI Active
Add a User
Collect basic user details and let AI suggest the best role based on job description and business type.
  • User information form
  • AI role suggestion panel
  • Option to turn off AI suggestions
2
AI Active
Select Accounts
Choose which accounts the user will have access to, with AI-driven recommendations based on role and industry best practices.
  • AI account recommendations
  • "Why this?" transparency feature
  • Manual override available
  • Proactive security tips
3
AI Active
Set Permissions
Define role and permissions with AI highlighting potential security risks and explaining what each permission entails.
  • Predefined role templates
  • AI-suggested permissions
  • Permission risk detection
  • Scenario-based guidance
4
AI Active
Review & Confirm
Full summary view with AI security insights before confirmation — and the option to edit any step before finalizing.
  • Complete access summary
  • AI security assessment
  • Edit at any prior step
  • Confirmation email sent
Steps 1 & 2 — Add User + Select Accounts
Screenshots of the first two steps in the guided flow — the user info form with AI role suggestion panel, and the account selection screen with AI recommendations.

Steps 1–2: AI role suggestion and account selection with "Why this?" transparency.

Steps 3 & 4 — Set Permissions + Review
Screenshots of the permissions screen with AI risk detection highlights, and the final review/confirm screen showing the AI security assessment summary.

Steps 3–4: Permission risk detection and AI-assisted confirmation before finalising access.

Expected Outcomes

What SecureAccess Delivers

The design targets four measurable outcomes — each directly mapped to the research findings that revealed where business owners were most frustrated, most at risk, and most in need of support.

Enhanced Security
SecureAccess proactively identifies and flags security risks — ensuring robust protection against unauthorized access through continuous, AI-driven monitoring of permission patterns.
Streamlined Operations
Guided setup and smart suggestions simplify permission management — reducing administrative workload and the time required to onboard, modify, or offboard users.
User Empowerment
Maintains business owner control with AI-driven insights — allowing confident, informed decisions without requiring deep knowledge of security protocols or access control frameworks.
Transparency & Trust
Clear explanations for every AI recommendation foster trust and understanding — so business owners know why a suggestion is being made and can confidently accept, edit, or decline it.

Responsible Design

Ethical Considerations Built Into the Design

Deploying AI in financial decision-making introduces meaningful ethical obligations. Each concern was addressed through deliberate design choices — not treated as an afterthought, but woven into the product architecture from the start.

User Autonomy & Control
Users may feel that AI-driven suggestions undermine their autonomy, especially in financial decision-making.
Mitigation
  • Final decisions always remain with the business owner
  • AI suggestions are clearly labeled as optional and overridable
  • Scenario-based guidance helps users make informed choices
Transparency & Trust
Users distrust AI systems when they don't understand how decisions are made or when the system lacks clear explanation.
Mitigation
  • "Why this?" feature explains the logic behind every suggestion
  • Visual diagrams show the full access picture
  • Regular updates communicated through the notification system
Security & Privacy
Users may worry about the security of their financial data and the privacy of their interactions with the AI assistant.
Mitigation
  • Robust encryption and secure authentication protocols
  • Clear communication of data protection measures
  • Proactive security tips to enhance user confidence
Algorithm Aversion & Over-Reliance
Users may either distrust AI suggestions entirely or become over-reliant without applying critical judgment.
Mitigation
  • AI balanced with full manual override at every step
  • Explanations encourage critical evaluation of suggestions
  • Education resources accessible throughout the flow
Bias & Fairness
AI systems may inadvertently introduce bias — leading to unfair or inappropriate permission recommendations for certain business types.
Mitigation
  • Regular audits of AI algorithms for bias and accuracy
  • Diverse training data across business types and industries
  • User feedback loop to continuously improve fairness
Human Support Access
Some users will prefer human support for high-stakes access decisions — and AI should never replace that option.
Mitigation
  • Seamless escalation path to client services
  • Hybrid model: AI assistance + human support co-exist
  • Clear pathways for escalating complex issues
Responsible AI Design Framework
Add the slide or diagram from your PNG deck that visualises the ethical framework — the four considerations (autonomy, transparency, security, bias) as a visual model. A framework diagram or 2×2 matrix from your presentation works well here.

Ethical design framework built into SecureAccess — ensuring AI recommendations are transparent, overridable, and free from demographic bias.

Strategic Roadmap

Define → Design → Deliver

SecureAccess follows a phased rollout strategy designed to validate assumptions with real users before full deployment — ensuring the AI recommendations are trusted, accurate, and aligned with how business owners actually work.

Define
Design
Deliver
2025
Stakeholder Engagement
Engage key stakeholders to build support and ensure alignment with organizational goals, compliance requirements, and security standards.
2026
Pilot Testing
Conduct a pilot test with a select group of small business customers to evaluate SecureAccess functionality, gather initial feedback, and validate AI recommendation accuracy.
2026
Feedback Collection
Collect and analyze feedback from pilot participants to identify areas for improvement — particularly around AI transparency, suggestion relevance, and trust signals.
2027
Implementation Planning
Develop a comprehensive plan for full rollout of SecureAccess, including timelines, resource allocation, and phased deployment across business banking segments.
2027
Training & Support
Prepare training materials and support resources to facilitate user adoption and ensure effective use of SecureAccess — including in-app help, FAQs, and client service briefings.
Ongoing
Continuous Improvement
Regular algorithm audits for bias, privacy and security enhancements, and iterative improvements based on user feedback to stay ahead in the financial services landscape.

Strategic Impact

Simplifying Access, Strengthening Trust

SecureAccess demonstrates that AI-driven design can transform one of the most anxiety-inducing tasks in small business banking into a confident, guided experience — without removing human judgment from the equation.

By emphasizing user-centric design, personalized AI solutions, and robust security, the product positions the bank as a trusted partner for small business owners managing the complexity of employee access — enhancing operational efficiency, security, and user experience simultaneously.

The design also establishes a reusable pattern for AI-assisted decision-making within the bank's broader product suite: guided recommendations, transparent reasoning, full override capability, and seamless escalation to human support.

8.7M
Business Customers Served
Small and commercial business owners who manage user access across the bank's products — the primary beneficiaries of SecureAccess.
25%
Projected Operational Savings
AI-automated permission guidance reduces administrative overhead and support call volume — compounding across millions of access events.
Reduced Support Call Volume
Guided flows and in-context AI assistance reduce the need for customers to call client service to complete basic access management tasks.
Prev: Access & Security Manager Next: Novartis PSS Leap