Amazon Prime
EU-MFA: Designing for Trust in a Regulated World
My role: Senior UX Designer, Prime
The Challenge:
When the European Union rolled out the PSD2.0 mandate requiring banks to confirm a customer’s identity before completing certain transactions, Amazon found itself in a new design puzzle. On the surface, it sounded simple: make multifactor authentication (MFA) both legally compliant and customer-friendly.
In reality, it was like rewiring a plane mid-flight: decades of entrenched business logic, more than 20 Amazon teams in play, and a requirement to create patterns that would work not just for Prime, but for every subscription product Amazon offered. And the potential business impact? We projected a loss of 25% of Prime’s EU business if we got this wrong. Our goal wasn’t just to check the legal box. We had to create something customers would trust, understand, and ideally, not resent.
No pressure.
April 2018 – The First Steps
The regulations were still drying on the page, and every week brought new interpretations of what was “allowed.” Five days after I was assigned to lead Prime’s UX efforts, a curveball arrived: run early tests in France in just 10 days.
We didn’t have final requirements. We didn’t have polished designs. We had paper prototypes, a lot of caffeine, and a willingness to improvise.
We tested two trial options that weren’t really free trials:
Money Back Guarantee: pay upfront, cancel within 30 days for a full refund.
Charge and Refund: pay now, get refunded within 5 business days.
Customers picked the “lesser of two evils” (CAR) but still disliked both. Many thought they were getting a free trial and felt misled. Others figured out they could game the system by signing up, canceling, and repeating endlessly.
In short: the first cake was a little burnt.
Screenshots of the mocks-turned-paper-prototype
The Real Beginning
The breakthrough came when we realized we could run an authorization hold instead of charging outright. This was instantly friendlier for customers and far easier to explain as pre-autos were common.
From there, the work became methodical: mapping the biggest Prime use cases, sketching wireframes, refining into high-fidelity designs, and testing again and again.
One of many user flows created
Wireframes of an proposed ideal scenario based on the information at the time
September 2018 – Expanding the Research
Next stop: the UK, Spain, Germany, and Italy. We ran scenarios for both Prime members and non-members.
Patterns emerged quickly: incentives made people suspicious, inline MFA in checkout caused confusion, and minimal compliance might have satisfied the law, but it wouldn’t win hearts.
Mocks used for one of the UK non-member prototype.
October 2018 – The Big Map
By now we had identified 75+ unique Prime use cases for MFA. Some were straightforward; others felt like solving a Rubik’s Cube in the dark.
We appointed “use case leaders” to guard consistency across Audible, Amazon Music, Twitch, and beyond. Weekly stand-ups, shared docs, and even a dedicated Chime room became our connective tissue keeping dozens of designers and PMs moving toward a single, unified set of patterns.
My role grew beyond Prime into leading MFA patterns for subscriptions company-wide. This was the first time Amazon had pulled so many businesses into a single design framework. I even completed designs for teams that did not have the resources to meet the dates, such as Amazon Fresh.
Screenshots of quip docs for tracking collaboration and patterns across 20+ teams at Amazon.
March–April 2019 – Testing, Refining, Aligning
We circled back for another round of usability studies in all five countries. Then, working with the Amazon Shopping design team, we embedded our MFA patterns into the Amazon User Interface (AUI) guidelines, putting them in the hands of every team going forward.
By April we had something solid: a clear, documented set of patterns, a visual language for trust, and research to back every decision.
Record of patterns based on use case
Final designs based showing generic ingresses and confirmation screens utilizing the final patterns for EUMFA subscriptions.
The Outcome
By September 19, 2019, Prime’s MFA flows were live, beating most banks to the finish line. When enforcement was delayed, we used the breathing room to fine-tune. Our patterns went global as MFA experiences rolled out across other countries, appearing in markets from the UAE to Egypt, with more on the horizon.
%
Prime MFA Success rate at launch
basis points drop in free trial abandonment
%
increase in trust based on feedback
Why It Mattered
Regulatory work isn’t glamorous, it’s more like plumbing: invisible when it works, glaring when it doesn’t. But this project proved something important. With empathy, tight collaboration, and a steady hand under pressure, you can turn a compliance burden into a trust signal.
For me it was a masterclass in orchestrating large-scale design across a sprawling organization, with just enough chaos to keep it interesting. It also introduced me to my love of digital payments and clinched my Principal Designer promotion moving me from the pool of over a thousand Senior UX Designers into the very selective pool of under 50 Principals company-wide.