Digital identity & security UXUX & product design2015–2022

Freja eID

Designing trusted authentication for Verisec / Freja eID — turning security, regulation, and identity assurance into experiences that make people feel safe, not just kept safe.

1st

Sweden's first mobile-based electronic ID (government use case)

eIDAS

Designed for EU high-assurance identity standards

GDPR

Privacy-by-design authentication flows

01 — The business challenge

Identity people can trust, at government assurance levels

Freja eID (by Verisec) set out to deliver a mobile-based electronic identity trusted enough for government use — including experiences tied to Sweden's first mobile-based electronic identity. That means higher assurance levels: identity, authentication, and signing flows that must pass regulatory and certification review, not just a usability bar.

The hard part is that security and usability usually pull in opposite directions. Add too little friction and you erode trust and compliance; add too much and people abandon the flow. The product had to satisfy regulators, security architects, and legal teams while still feeling calm and clear to an ordinary person authenticating on their phone.

02 — Strategic design solution

Security UX: make people feel safe, not just be safe

The guiding framework was that security UX is not only about making systems safe — it's about making people feel safe. Friction, when it's understood, can be desirable: a well-placed confirmation step signals that something important is happening and builds confidence rather than doubt.

Design translated identity, authentication, regulation, and assurance concepts into flows an ordinary person could complete without a manual — clear states, legible steps, and honest signals about what was being verified and why. Each moment of friction was intentional and explained, so it read as protection instead of obstruction.

03 — Working across disciplines

Designing at the intersection of legal, security, and product

Delivering a certifiable identity product meant collaborating across backend, security, legal, and compliance teams, executives, and external authorities — grounded in a working understanding of GDPR and eIDAS. Design decisions had to hold up to certification review as much as user testing.

The experience shaped a lasting point of view on trust, later distilled in the Toptal article "Necessary Friction: The Theatrics of UX Security." It's the same instinct — protect the user's trust — carried forward into every platform since.

Quantifiable results

1st

Sweden's first mobile-based electronic ID (gov use case)

eIDAS

Flows designed for EU high-assurance identity

GDPR

Privacy-by-design authentication

Toptal

Published "Necessary Friction" on security UX

Let's talk

Have a product worth building right?