Airbnb is a community marketplace of travelers and hosts. Travelers discover and book unique homes from other members called "hosts". Hosts offer their homes at all price points in more than 191 countries around the world. This sharing economy phenomenon is changing how people around the world travel and it is disrupting the accommodations industry.
At Airbnb, I am a Product Designer on the Trust team focusing on mitigating risks on the product at scale. I am the design lead for Account Integrity and Financial Fraud. For this project, I worked with a Product Manager, Researcher, Content Strategist, Engineers, and users.
Airbnb, like all all well-known websites, are targeted by hackers all around the world. Airbnb has very strong security and continues to evolve as hackers change their tactics, but a small percentage of accounts do get compromised. The main goal of hackers is typically financial related. Once an account is hacked, they make a variety of changes to the accounts, leaving them damaged and unrecognizable to the account owner.
In order to scale to a hyper-growth business, we set out to build a product that will empower the user to recover their account and undo any unauthorized changes.
Recent security breaches
Breaching user accounts on any website has been much easier recently. Username and password dumps from the many security breaches are sold on the dark web. Yahoo’s breach was the largest in history. A whopping 1 billion Yahoo accounts were compromised in 2013. Hackers also breached 360 million MySpace accounts, 165 million Linkedin accounts, 68 million Dropbox accounts, 65 million Tumblr accounts and many more.
Users recycle passwords all the time and often use the same password on all websites. Hackers are able to breach accounts on Airbnb by using the username and password dumps purchased on the dark web.
This was one of my first projects at Airbnb, and my main challenge was getting into the mindset of our hackers. I need to understand what are their intentions and behaviors were. And what are they doing with compromised accounts and why? Of course, it wasn’t possible to conduct user interviews with our hackers. Instead, I relied heavily on our talented Data Science team. Together, we looked for patterns to understand our hackers were doing on these compromised accounts.
The next challenge is get an understanding how the entire Airbnb platform works. This was difficult because the platform is really large and the feature set kept growing and growing. For instance, last year we launched new hosting tools, resolution center, the experience platform and much more. I had to do an audit of the platform to identify where our data and security vulnerabilities.
In a two-sided marketplace, there is a level of complexity. Our guests and hosts have two different sets of features that support their different needs. While most users are either guests or hosts, some users are both guests and hosts. This adds a level of complexity.
To start the project, I gathered all my information from various sources. I looked to other products for inspiration and found Google’s security check up and Facebook’s secure your account flows. I interviewed Airbnb customer service agents that are responsible for taking care of compromised accounts. My data scientist helped pull logs of data and we identified the top actions hackers perform on breached accounts.
Using all the information i gathered with my team, we prioritized the most sensitive data. When we audited the platform and looked at the data, I identified the most affected data are phone number, email address, payment and listings.
One simple interaction
Having empathy for users have had their account compromised is important for this project. This experience can be scary, stressful and leave users feeling violated. It is magnified for hosts who rely on Airbnb as a source of income.
Hackers can do extreme damage to an account. They typically change everything to lock out the account owner and to accomplish their goal. Their goal which is usually financially driven, can also try to make the account and listing more attractive. This includes changing profile picture to a beautiful woman, making this listing look like a beautiful multi-million-dollar penthouse for an unbelievable rate of $150 a night.
This flow would be multiple steps so each step can be highly focused on a set of information. I wanted the interaction to be the same for each step to keep it simple and quick. In the first iteration, we started with a remove action.
Listings are what hosts create for each home they list on Airbnb. These listings have a ton of information like titles, photos, descriptions, house rules and more. In many cases, hackers would change everything on a listing making it hard to recognize.
We didn’t want to recreate the edit listing toolset and allow users to edit their listings. Instead, we wanted the simple interaction to remove unauthorized changes to the listing. The first iteration I designed an activity log with the one interaction – remove any activity. During user testing, we quickly realized how intense this is for hosts. Hackers usually make extensive changes to a listing completely removing all the old data and inputting their own fake data. This is even multiplied for property managers and entrepreneurs with multiple properties.
We decided to restore the listings for the users which supports hosts with just one listing and property managers with many. I came up with this solution by partnering with Data Science, Operations and Engineers. We know that activity from hackers come from different devices than the good user. So I added a review devices step in the work flow so the user can identify the devices they don’t recognize. The activity associated with those devices will be automatically reverted and the user will only need to review the listing in its restored state.
One of our goals with this project is to reduce the amount of customer service resources in reviewing and restoring compromised accounts. In any company that scales, it is important to build products that are allow users to accomplish their tasks independently.
Users with compromised accounts are in an emotional state that is extremely concerning and stressful. In our user testing, we found users wanting to contact customer service because they were panicking. The feedback given wasn’t just that the flow needed to be simpler and easier, but that we need to do a better job of reassuring the user.
We focused on the tone to be more assuring and compassionate. We also made sure it was directional and clear what needed to happen. It wasn’t necessary for us to explain everything that happened, but only communicate what was necessary for the user to understand what has happened and what they need to do to fix their account.
After two rounds of large iterations and user testing, we landed on a version we were happy to experiment with. At Airbnb, experiments are a strategic way to test our products and learn from them before releasing it to the masses. The user tests we did do not use real situations or real accounts, so we are interested to learn from it. Our next steps are to take the learnings to iterate and add additional features and support of other parts of the platform.