2026
Mangopay is a fintech infrastructure that enables platforms and marketplaces to securely manage payments, wallets, and compliance, without building complex financial systems from scratch.
Problem
Mangopay was not compliant with EBA regulations for Strong Customer Authentication, covering high-risk actions including initiating electronic payment transactions, accessing payment accounts online, and carrying out actions through remote channels. Without an SCA flow in place, the platform carried both regulatory risk with the CSSF and direct fraud exposure.
See prototype
Smooth and compliant authentication
Platform
Desktop, Mobile
Team
1 PM, 1 EM, 2 BE, 2 FE, Legal & Compliance
Role
Lead Designer
My Role
I led the end-to-end design of Mangopay's SCA experience, from defining the authentication framework to shipping the final flows. I partnered with Risk, Compliance, and Engineering throughout, running workshops to surface engineering constraints, map unexpected flow scenarios, and remove unnecessary friction. I also worked directly with the PM to interpret CSSF communications and translate regulatory requirements into design decisions.
Understanding the challenge
SCA design sits at an unusual intersection: every decision has to satisfy three competing pressures simultaneously — regulatory compliance, fraud reduction, and user friction. Getting any one of those wrong has real consequences. Over-challenging legitimate users creates abandoned transactions and support burden. Under-challenging creates regulatory and fraud risk. The goal was to find the combination of authentication factors that minimised friction for legitimate users while meeting the letter of the regulation.
Together with the PM, I worked through EBA guidelines and CSSF communications to define the right factor combinations. We deliberately avoided passcodes and step-heavy flows given the risk of over-challenging users, and prioritised SMS OTP, behavioural biometrics, WebAuthn device binding, and email-based fallback — a framework that balanced cognitive load against compliance requirements.
Impact
Authentication became faster, retries dropped on the most error-prone steps, and legitimate users were challenged less often. Improvements to fallback and recovery flows correlated with fewer lockouts and reduced support tickets — the design reduced regulatory and fraud risk without adding friction or operational burden.
Design process
The design process was structured around a core question: where is friction coming from, and is it necessary? I ran workshops with Risk, Compliance, and Engineering to identify the scenarios where the flow would behave unexpectedly — edge cases, fallback triggers, device-switching — and designed for those explicitly rather than treating them as exceptions.
A new design system
One of the significant early decisions was the visual framework. Because SCA surfaces inside a merchant's product as a white-label experience, the design system had to feel as unobtrusive as possible, minimising visual disruption while still conveying trust and reliability. That meant building a system that was deliberately neutral, flexible enough to sit inside any product without creating a jarring context switch for the end user.
The white-label design system built for SCA extended well beyond its original scope, becoming the foundation for other hosted experiences across Mangopay's platform, including recipient creation flows. Reusing the system significantly reduced the time to design and build each subsequent experience, compounding the value of the original investment, and established a foundation that continues to inform how new hosted surfaces are being approached.
How metrics drove design decisions
We instrumented the flow end-to-end from the start — measuring time to authenticate, step-level retries and errors, false-positive challenge rates, and SCA-related support tickets. These weren't vanity metrics; they were direct inputs into design decisions.
When authentication times were long or retry rates were high on specific steps, I simplified step ordering, clarified copy, and adjusted the default factor sequence. When false-positive challenge rates were elevated, I worked with Risk and Engineering to introduce behavioural biometrics and device binding earlier in the flow — reducing unnecessary OTP prompts for users whose devices and behaviour already indicated low risk.
This feedback loop between instrumentation and design iteration is what made the outcomes meaningful rather than coincidental.
⏵ Prototype
Below two prototypes showing the low-friction enrolment experience across desktop and mobile — email verification and passkey registration as part of the SCA onboarding. Designed to minimise cognitive load while meeting EBA compliance requirements.
❖ Play on Protopie
Instructions to play: insert an email address, open a new tab, open the email, select Portugal country code and add phone number, enter code 007-123 to successfully move forward or other codes to see the error message. Continue using the passkey to finish the authentication.
The interactive prototype is an earlier exploration used in workshops with developers and senior stakeholders to validate factor selection and identify where friction could be reduced. It represents the process behind the final flow, not the shipped experience.
Play in Protopie
