Design / Engineering

How we transformed the world of digital communication by building the most secure smartphone on the planet

Design / Engineering

How we transformed the world of digital communication by building the most secure smartphone on the planet

In the world of data security, Phil Zimmermann is a legend. The co-founder of Silent Circle created the widely used encryption software PGP and his team are regarded as some of the most experienced experts on secure digital communication worldwide.
The Brief
Silent Circle approached Novoda to partner with the release of the all new Blackphone 2 — a business phone that encrypts all communication, making it the most secure smartphone on the planet. Novoda was called to design and build one of the core experiences of the new Blackphone: the device setup wizard.
The Blackphone 2 is a mobile device that allows its owner to secure all communication. It encrypts voice codes, messages, wi-fi connections, and anything that involves location tracking. Whether you’re a journalist preserving sensitive information, a businessman who routinely handles valuable client data, or simply someone who values personal security, the Blackphone ensures that all your data is stored and transfered securely.
What we did
Novoda was presented with the task of creating a setup wizard that configures the device the first time the phone is started. It allows users to select a language, configure the network configuration, and install updates. The user can add both a Google and a Silent Circle account. If they already have credentials, they can log in, otherwise they can register immediately. The phone is encrypted from the start, but during configuration, a user may add a security PIN or password to lock the screen while in standby as an additional security measure.
The older version of the Blackphone also had a setup wizard, of course. Consensus was that it worked well, but for the Blackphone 2, the aim was to ensure that the new setup process was flawless.
First impressions count. The first challenge for any person with a new device is setting it up and, for a device entrusted with your secure data, the stakes are even higher. A bug in those first screens could crash the setup wizard, potentially even leaving the phone unable to boot. Would trust that your phone’s data was secure if the first thing it did when starting up was crash?
Research & Review
Research is crucial when creating the user-experience of great software. Initial questions we addressed were: how do you set up your phone? Which parameters does the setup require to make it usable? What are the mental models of various users during configuration? How do you create a flawless setup experience that feels professional and secure?
Expert reviews on the user experience and a thorough knowledge of AOSP, along with an evaluation of prior code, helped us to get an understanding of the tasks at hand.

Novoda are Android experts with high skills on development but also a UI- and design-oriented mind. I think this is the project with the least issues we’ve ever had.

Collaboration, Design and Development
The one aspect that most notably influenced our collaboration with Silent Circle was, of course, security. Working with leaders in this field expanded our understanding of the field. Because this company lives and breathes security, they’re focused on it in their own daily communication. Although we spent periods of time during the project together, most of the time we worked remotely. Talking on Skype or Google Hangouts was out of the question. Using Silent Circle's own systems during the course of the project made the issue and complexities of security even more real to us.
An iterative development in all phases of the project ensured transparency of our processes. Despite working in different countries (UK, Germany, and Spain) there was constant communication, with remote pairing on problems happening frequently. Daily updates and quick feedback about what we delivered helped making sure we were always on track.
Design & User Experience
The visual design came from the brilliant people at  , who designed the product's packaging as well as components of the UI. They established a visual language as a foundation that we were then able to build and elaborate on.
With visual design well taken care of, we could fully concentrate on the question of how the setup wizard was going to work.
The most elaborate UX problem was setting up the account in the simplest manner possible while preserving the feeling of a professional experience. Another design task went hand-in-hand: the setup process needed to derive from Android principles, but with its own unique UI. So we had to transform the iconography from iOS to Android, not only for the Blackphone-specific apps, but also for third-party apps. While this was certainly a challenge, it was well worth it, since we were able to create a simple yet professional and, above all, consistent UI environment for the user.
Development
The setup wizard had the ability to influence every aspect of the phone, from simple date and time to the setup of wifi networks, security checks and even update third-party apps. All the while, we also had to ensure it was future-proof. With this in mind we decided to split the app in 2 different APKs that worked together. This allowed the applications to be updated independently, thus taking care of forward-compatibility issues. All users get an update if it is decided that new screens and theming are needed on the shipped devices.
Quality Assurance
Most users only see their initial setup wizard once. But when they do—during their first setup or after a system reset—their experience is crucial. The smallest bug or inconsistency can make this launcher unusable. Being able to work closely together with Silent Circle’s experienced internal Quality Assurance department turned out to be very valuable and ensured we could invest all our capacity into the development of the software.
Theming & AOSP
Theming an Android application, meaning applying a coherent design language to a set of screens, can be extremely complex and time-consuming. Doing this for the Blackphone was even more complex than for a “normal” Android device. In this case, it involved firmware modifications, AOSP-building, and changes in 6 different Android projects. We had to optimize the AOSP code for our purposes and then customize elements. As Silent Circle’s own engineering team built the ROM, we received an image of this to flash into our devices. Then, we mounted the ROM on top of the modified AOSP code. All this to test every design we created.
Codebase
We’re used to integrating our feature teams into our clients’ organizations. Working with Silent Circle’s codebase, rather than a fresh one, was a fascinating experience and gave us insights into how engineers with a complete devotion to security worked. For integrating with services from Google while still focusing on security, we dug deep into undocumented code to be able to build a great account manager.
The Results
The Blackphone setup wizard was not a typical software project and presented us with some big challenges: working with AOSP, customizing system themes, and then re-building ROM image for any change, to name a few. Complexity grew with every small building block we added.
The cycle of development was also not typical: in debugging, we often had to fake environments and commands to work effectively, because it’s not an app—it’s a launcher that starts once and is rarely seen again. Last but not least, time was tight and the nature of the work made speed difficult: we had to compile the AOSP every time we made a small change and then wait for minutes before we could continue.
But that’s exactly where our development can, and did, shine. We love complexity because we evolve in the process, and it’s infinitely more rewarding to find solutions to the really tricky problems than just churning out code. Working with Silent Circle, we delivered on time and provided a great experience that users of the new Blackphone 2 seem to love.