Making AGL login easier and more secure for customers

Making AGL login easier and more secure for customers

Making AGL login easier and more secure for customers

Services

Product Strategy & Innovation
UX + UI Design
UX Research
Team Augmentation
Design Ops

Company size

3000+ employees

Overview

Australia’s oldest energy company services around 4.3 million residential and business accounts. Exo Digital was engaged to provide UX consultancy to the AGL Digital Identity team responsible for providing login and authentication functionality, and management of customer personal data, across all of AGL’s digital platforms.

Exo Digital embedded a consultant within AGL for a year to work closely with Identity team stakeholders, provide UX leadership within the space and to work across various initiatives focused on bringing new features to users.

Exo Digital provided consultancy on login and authentication experience across AGL’s digital platforms.

> 1.3M

Unique users with digital accounts*

> 4.8M

Authenticated visits per month^

>10

Digital authenticated platforms

Various

User types, security categories and edge cases to consider

*June 2024 My Account & native mobile apps = 1.291M. ^June 2024 My Account logins + native mobile app visits. 

Actual audience also includes enterprise users and is higher.

Our solutions

  • Minimising login friction

    Login needs to be easy so as to not frustrate customers or discourage engagement with digital platforms. Minimising login friction was a key UX goal for Identity feature initiatives.

  • Improving user security

    Failure to maintain security can have dire consequences for users and cause huge repetitional damage to a brand. Making login easier shouldn’t be at the expense of security.

  • Increasing feature speed to market

    AGL utilised a mixture of custom and Auth0 implementations. In order to quickly and reliably adopt new Auth0 features customisation would need to be reduced - a challenge in itself.

  • Regulatory compliance

    As a telecommunications service provider, AGL has to comply with stringent security regulations. Our work often required collaboration and negotiation with AGL’s legal team.

  • Minimising login friction

    Login needs to be easy so as to not frustrate customers or discourage engagement with digital platforms. Minimising login friction was a key UX goal for Identity feature initiatives.

  • Improving user security

    Failure to maintain security can have dire consequences for users and cause huge repetitional damage to a brand. Making login easier shouldn’t be at the expense of security.

  • Increasing feature speed to market

    AGL utilised a mixture of custom and Auth0 implementations. In order to quickly and reliably adopt new Auth0 features customisation would need to be reduced - a challenge in itself.

  • Regulatory compliance

    As a telecommunications service provider, AGL has to comply with stringent security regulations. Our work often required collaboration and negotiation with AGL’s legal team.

  • Minimising login friction

    Login needs to be easy so as to not frustrate customers or discourage engagement with digital platforms. Minimising login friction was a key UX goal for Identity feature initiatives.

  • Improving user security

    Failure to maintain security can have dire consequences for users and cause huge repetitional damage to a brand. Making login easier shouldn’t be at the expense of security.

  • Increasing feature speed to market

    AGL utilised a mixture of custom and Auth0 implementations. In order to quickly and reliably adopt new Auth0 features customisation would need to be reduced - a challenge in itself.

  • Regulatory compliance

    As a telecommunications service provider, AGL has to comply with stringent security regulations. Our work often required collaboration and negotiation with AGL’s legal team.

Security uplift initiatives

Multi-Factor Authentication

Protecting users with
an extra layer of security

Protecting users with an extra layer of security

In Multi-Factor Authentication (MFA) login security is strengthened by sending users a One Time Code (OTC) via SMS or email. A mandatory feature for higher risk users and opt-in for others.

MFA now protects certain AGL customer types every time they log in.

Adaptive Multi-Factor Authentication

Protecting users when
login seems unusual

Protecting users when login seems unusual

Adaptive Multi-Factor Authentication (AMFA) strengthens login security for users opted-out of MFA when their login seems unusual - for example from a new device or unexpected location.

AMFA protected AGL customers 2600 times in June 2024.

Credential Guard

Proactive protection
from data breaches

Proactive protection from data breaches

A proactive security feature where the Dark Web is scanned for username/password combinations included in third party data breaches. Users with compromised credentials are then alerted.

Credential Guard protected AGL customers 2700 times in June 2024.

Consumer Data Right

Design

Consumer Data Right (CDR) is a government initiative granting consumers more control over their data and enabling them to share it with third parties such as comparison websites. AGL’s CDR implementation was designed in phases by Exo Digital consultants. Starting with a white-label product we customised UX to improve usability and re-skinned UI to promote user confidence.

Regulatory compliance

Achieving CDR compliance by understanding and adhering to specified UX standards set within CDR regulations was an important factor which the Exo Digital consultant had to manage for success.

Acceptance testing

AGL’s CDR implementation was being built by a 3rd party developer. The Exo Digital consultant played an important role in acceptance testing, raising and tracking defects to ensure quality.

Future of login

Universal Login

Paving the way for
advanced login features

Protecting users with an extra layer of security

AGL’s roadmap sought to make login easier with features such as Biometric Login. Migration of core login to Auth0 ‘Universal Login’ was a prerequisite for this. We mapped user impact holistically and designed end-to-end UX improvements.

Biometrics and passkeys

Making login easier with
fingerprint and face ID

Protecting users when login seems unusual

Biometric Login and Passkeys use fingerprint and face recognition to replace traditional authentication factors such as OTC, making login easier and quicker. We conducted a UX review of each, contrasting them and providing recommendations for AGL implementation.

Profile management

Making login setup
feasy to understand

Proactive protection from data breaches

Clear communication of login options and settings makes login predictable, reduces cognitive load and promotes confidence and trust. We provided recommendations and wireframes to improve settings screens within AGL’s digital platforms.

Explore case studies

Work with us

We love to work with businesses who have problems we can help solve. Find out how we can help you achieve your business goals.

Get in touch today