Grab PIN & account recovery
Year
2021
My Role
Product Designer
Type
Consumer mobile app
Summary
As the lead designer, I led the end-to-end redesign of Grab’s PIN ecosystem to support the expansion of GrabPay into high-stakes payment flows. By standardizing UI components and introducing an intuitive recovery method, I transformed an outdated system into a scalable, secure solution for millions of users across Southeast Asia.
11% increase in PIN reset success rates through a new recovery flow
22% reduction in "forgot PIN" support tickets, lowering operational costs
Millions of users supported by a scaled security system across Grab ecosystem
Challenge | Scaling Security for the Fintech Expansion
As Grab evolved into a financial services leader, the legacy PIN system—originally designed only for simple logins—became a critical bottleneck. With the expansion of GrabPay, an outdated UI posed a risk to user trust. I was tasked with redesigning this core experience, align with a new global design system, and ensure that users could safely access their funds without friction.
The Solution | Modernizing the Core Security Experience
After defining the core challenges, I redesigned the PIN ecosystem that aligned with the new Grab branding. My focus was on creating a cohesive visual language that felt trustworthy and accessible for millions of users across the GrabPay ecosystem.
I transitioned the outdated legacy interface into a modern, system-aligned UI that improved scannability and accessibility.
Old vs New PIN set-up screen
Custom Illustrations
I designed a suite of custom illustrations for the new PIN experience based on the updated Grab design system, ensuring every interaction felt human and helpful.
Scan QR to Pay Experience
In partnership with the payment team, I designed the web-to-mobile payment flow. This demonstrates my ability to work across product teams, ensuring security feature remains a seamless part of the payment experience.
Challenge | the High Cost of Forgotten PINs
While the new UI improved the entry experience, the data showed that the existing recovery methods—email and manual support—were ineffective for the Southeast Asian market, where email adoption is low and manual verification is costly. I needed to design a recovery method that was both secure and native to our users' existing digital habits.
The solution | Leveraging Local Market Habits
I introduced Facebook as a new authentication method, leveraging its high adoption rates across Southeast Asia to provide a familiar and accessible security layer. Unlike email-based recovery, which often required users to leave the app, this method allows users to stay within Grab for a more seamless experience.
An Integrated, Privacy-First Setup
We streamlined the setup by making this method automatically available for users who log in via Facebook, removing the need for an extra linking step.
I focused on building trust by being upfront about data usage, communicating that we only access minimum required info and will never post on the user's behalf.
A Self-Serve Recovery Journey
By utilising the linked social account, this flow allows users to verify their identity and reset their PIN in seconds without needing to contact customer support.
This shift to a self-serve model was the primary driver behind the 22% reduction in support tickets and the 11% increase in successful PIN resets.
Design Details
I used microcopy to explicitly state that the app wouldn't post to Facebook, building user trust for the social authentication method.
To ensure a high completion rate, I added clear time-sensitive guidance that encourages users to finish their PIN setup without leaving the session.
I designed a proactive security lock-out screen that protects the user's wallet after multiple failed attempts while explaining the reason for the account restriction.
Key Takeaways
This project was about evolving a legacy security feature into a scalable system that could support Grab’s growth into financial services. By focusing on local user habits and automating the recovery process, we were able to protect millions of users while reducing the manual workload for support teams. It highlights how aligning design with business goals can solve both user friction and operational costs.