Scam Protection: Designing clearer decisions in high-risk flows

OCBC Bank • 2022 – 2023

Digital scams were rising. Some users didn't see it coming, but many did and still got caught. Users were too comfortable with familiar banking UI, and scammers knew it. We had to break that autopilot.

iMPACT

SGD $12M

Losses prevented

1.3M

Users

47

Markets

MY ROLE

Primary designer on the fraud prevention initiative

End-to-end risk intervention design, from intervention strategy to UI execution. Led stakeholder alignment across engineering, risk and compliance, and legal teams.

Collaborated with UX researchers on discovery, and with product owners on intervention approach, particularly around compliance constraints and rollout sequencing.

TEAM

Product, engineering, legal, editorial, UX research.

CONSTRAINTS

Regulatory limits restricted how aggressively transactions could be blocked.

Over-intervention risked disrupting legitimate transactions and eroding trust.

Rapidly evolving scam patterns required adaptive, not rule-based solutions

Key Insights

1

Familiar UI patterns created false trust

Users relied on familiar flows (OTP, confirmations), assuming legitimacy.

Implication: We couldn’t rely on standard UI signals to communicate risk

2

Users completed risky actions with high confidence

Even when signals existed, users dismissed them under social pressure.

Implication: Awareness ≠ behavior change

3

Risk is recognized too late in the flow

By the time users hesitate, they are already committed.

Implication: Intervention must happen earlier and repeatedly

KEY STRATEGIES

Designing for safer decisions in real time

Shifting from informing users → guiding decisions

01.

Disrupt autopilot actions

Not all actions should be easy. We introduced cooling periods before new payees could be added and before limits could be raised: small pauses designed to interrupt autopilot right before the point of no return.

02.

Reduce reliance on user judgment

Instead of trusting users to catch suspicious activity themselves, manual intervention validates transaction intent and flags anything that looks off.

03.

Reduce blind trust

More verification barriers, including email-based authentication and two-factor reinforcement, to close the gaps that overconfidence tends to leave open.

Trade-offs & Challenges

Designing for fraud prevention required balancing speed, trust and safety.

  • Speed vs safety: Introducing friction reduced risk but slowed legitimate transactions

  • Awareness vs fatigue: Too many warnings led to dismissal and reduced effectiveness

  • Trust vs skepticism: Challenging familiar UI patterns risked confusing and annoying users

Key decision: Prioritizing targeted, contextual friction over seamless speed and blanket warnings

IMPACT

Over S$12M in customer losses were prevented

  • Contributed to preventing >$12M SGD in scam losses as part of a broader anti-fraud initiative

  • Increased user hesitation at risky moments

  • Scaled across all payment flows, expanding into cross-border transfers

Beyond metrics:

  • Established a framework for risk-based UX interventions

  • Influenced future fraud prevention design patterns across the organization

REFLECTIONS

Friction can be a feature

I'm trained to optimise for speed and ease. This project asked me to do the opposite, and that was genuinely uncomfortable. But having clarity in the design intent matters more than following convention.

Transparency earns trust

Users frustrated by added steps changed their minds immediately once the rationale was clear. The design didn't change, the explanation did. Communicating the why isn't an afterthought. It's part of the design.

It needs to work for everyone

Volunteering with older customers through OCBC's Digital Silvers Programme made this real. What feels like sensible friction for confident users can be completely overwhelming for others. You can't design protection that only works for the assumed user.

Sometimes the harder push is the product mindset

Redesigning the screens wasn't the hard part. Shifting a deeply held belief that fast and seamless is always the goal, was. Meaningful design sometimes means challenging what the team has been optimising for.