Freja eID
Designing trusted authentication for Verisec / Freja eID — turning security, regulation, and identity assurance into experiences that make people feel safe, not just kept safe.
1st
Sweden's first mobile-based electronic ID (government use case)
eIDAS
Designed for EU high-assurance identity standards
GDPR
Privacy-by-design authentication flows
01 — The business challenge
Identity people can trust, at government assurance levels
Freja eID (by Verisec) set out to deliver a mobile-based electronic identity trusted enough for government use — including experiences tied to Sweden's first mobile-based electronic identity. That means higher assurance levels: identity, authentication, and signing flows that must pass regulatory and certification review, not just a usability bar.
The hard part is that security and usability usually pull in opposite directions. Add too little friction and you erode trust and compliance; add too much and people abandon the flow. The product had to satisfy regulators, security architects, and legal teams while still feeling calm and clear to an ordinary person authenticating on their phone.
02 — Strategic design solution
Security UX: make people feel safe, not just be safe
The guiding framework was that security UX is not only about making systems safe — it's about making people feel safe. Friction, when it's understood, can be desirable: a well-placed confirmation step signals that something important is happening and builds confidence rather than doubt.
Design translated identity, authentication, regulation, and assurance concepts into flows an ordinary person could complete without a manual — clear states, legible steps, and honest signals about what was being verified and why. Each moment of friction was intentional and explained, so it read as protection instead of obstruction.
03 — Working across disciplines
Designing at the intersection of legal, security, and product
Delivering a certifiable identity product meant collaborating across backend, security, legal, and compliance teams, executives, and external authorities — grounded in a working understanding of GDPR and eIDAS. Design decisions had to hold up to certification review as much as user testing.
The experience shaped a lasting point of view on trust, later distilled in the Toptal article "Necessary Friction: The Theatrics of UX Security." It's the same instinct — protect the user's trust — carried forward into every platform since.
Quantifiable results
1st
Sweden's first mobile-based electronic ID (gov use case)
eIDAS
Flows designed for EU high-assurance identity
GDPR
Privacy-by-design authentication
Toptal
Published "Necessary Friction" on security UX