Leading UX for Webroot Total Protection — a cross-platform security suite serving millions of consumers — through a period of acquisitions, product consolidation, and the introduction of an AI-powered scam detection assistant.
Webroot, a flagship OpenText cybersecurity product, had grown through acquisition into a multi-product suite spanning antivirus, VPN, password management, cloud backup, and identity protection — distributed across Windows, macOS, iOS, and Android under multiple partner brands including Allstate Identity Protection.
The product had strong market trust but fragmented UX: each feature section had evolved independently, creating inconsistent interaction patterns, mismatched terminology, and a visual language that varied between platforms. Meanwhile, the threat landscape was shifting — scam calls, phishing attempts, and AI-generated fraud were outpacing consumer awareness. Leadership identified an opportunity to lead the market with a contextual, AI-powered scam detection feature built on responsible design principles.
Windows, macOS, iOS, and Android had diverged in interaction models, component structures, and terminology — raising development costs and confusing users moving between devices.
Research surfaced that elderly relatives and lower-tech users were primary scam targets — but even tech-savvy users admitted to false confidence. Existing tools offered no real-time assistance during suspicious interactions.
Generative AI could power a contextual scam detection assistant — but rushing to market risked false positives, fear-based UX, and eroded trust. A principled design strategy was needed before a single line of production code was written.
Multiple M&A cycles had left the product suite without a shared design language or component library, making it expensive to ship consistently and nearly impossible to maintain accessibility standards at scale.
Working as UX Lead across product, engineering, privacy, and go-to-market stakeholders, the mandate covered three interconnected challenges — each requiring both strategic direction and hands-on delivery.
Define component architecture, design tokens, interaction patterns, and a shared visual language that could scale across Windows, macOS, iOS, and Android — while remaining flexible enough to accommodate partner brand skins like Allstate Identity Protection.
Lead the product design strategy and UX framework for a new AI-powered scam detection assistant — from research and personas through wireframes and conversation design — anchored in responsible AI principles that avoided fear-based patterns and preserved user agency.
Guide the design team to integrate generative AI into research and design workflows — compressing delivery timelines by 10× while raising the accessibility floor and maintaining design quality standards throughout an active acquisition period.
The team conducted generative research and comparative analysis across three core personas representing the product's real customer base — from security-savvy professionals to overwhelmed parents to cost-conscious students. Research outputs included interview synthesis, behavioral analysis, and a bias/risk review to ensure the AI assistant design would not exploit user anxiety.
"I think we all have this false sense of security until something actually happens to us."
— Amanda Murphy, Working Professional persona · Webroot UX Research, 2023
A recurring theme across all three personas was the gap between perceived and actual risk — users felt protected without understanding what protection meant in practice. This shaped a core design principle for the scam detection assistant: verdicts, not lectures. The product needed to deliver immediate clarity (safe / suspicious / blocked) without requiring users to learn cybersecurity concepts first.
Research also surfaced strong resistance to fear-based interfaces. Participants across cohorts described abandoning tools that felt alarmist or that used technical jargon to upsell. This directly informed the emotional tone of the AI assistant's conversational design — calm, factual, and action-oriented — and the notification system's threshold logic.
One of the most concrete AI deliverables was SupportBot: a conversational support agent embedded directly in the Webroot + Carbonite account portal, surfaced on the Downloads and Features page where users are most likely to have setup questions or need product guidance. Rather than routing users through a support ticket queue or a static FAQ, the assistant offered immediate, context-aware help — product onboarding, account changes, and troubleshooting — in natural language.
Designing the assistant required resolving a recurring tension in AI product design: how to make the interface feel capable and trustworthy without overclaiming. The disclosure — "AI-generated responses might vary" — was surfaced prominently at the top of the chat panel, directly below the assistant's name and role label. Suggested prompts reduced the blank-slate anxiety of an empty text field, anchoring users to real tasks before they'd typed a word.
SupportBot surfaced on the Downloads and Features page — the highest-friction moment in the account experience — rather than buried in a support section users only find after they're already frustrated.
The "AI-generated responses might vary" notice appeared immediately below the panel header — not hidden in a footer or terms page. Transparency about AI limitations was a design requirement, not a legal afterthought.
Three pre-written task starters addressed the blank-slate problem — users could tap to begin rather than formulate a question from scratch. Each prompt mapped to a real high-frequency support scenario.
The assistant was explicitly scoped to Webroot and Carbonite products and account tasks — a deliberate constraint that kept responses reliable and prevented the hallucination surface area that comes with open-ended AI assistants.
The Windows application served as the primary design reference and the first platform to receive the unified pattern library. Key design decisions included a navigation architecture that surfaced all eight protection modules from a single home screen, a status system with three distinct states (protected, attention, warning), and a notification queue that consolidated multiple alerts without overwhelming users.
The status system became the backbone of the entire experience. Three semantic states — green (protected), amber (attention needed), red (blocked/critical) — mapped consistently across every feature module and the home screen dashboard. This let users develop an intuitive mental model: color alone conveyed urgency, with words and actions providing specifics.
The notification queue addressed a longstanding complaint surfaced in research: multiple simultaneous alerts fragmented attention. The new system collapsed all pending messages into a single expandable card with a message count, allowing users to review at their own pace rather than being interrupted by sequential popups.
Protected (green), Attention (amber), and Critical (red) applied consistently across all eight modules and the home screen — building a reliable user mental model through repetition.
Batched multiple alerts into a single expandable card with message count — eliminating sequential popup interruptions while keeping all actions accessible and dismissible.
The design token system allowed the same component library to render under Webroot's green brand or Allstate Identity Protection's navy and blue palette — without forking the codebase or the design files.
Every component in the pattern library shipped with WCAG 2.1 AA requirements mandated — keyboard navigation, screen reader labels, and color contrast ratios built in from the start rather than retrofitted.
The scam detection assistant represented Webroot's most significant product innovation in years — and its highest-risk UX surface. Unlike passive protection (antivirus, VPN), this feature required active user participation: choosing what to submit, interpreting AI verdicts, and deciding whether to act on recommendations.
Leading the product design strategy meant resolving a fundamental tension: the assistant needed to be helpful enough to feel like a trusted expert, but restrained enough to avoid false confidence, fear exploitation, or over-dependence. The design strategy document — developed collaboratively across UX, engineering, privacy, and sales stakeholders — defined four non-negotiable principles before wireframes began.
Research consistently showed that asking users to decide whether something needed checking was itself a barrier. The assistant defaulted to a SmartScan approach — users should not need to know whether something was suspicious before submitting it. A URL, screenshot, or message could be pasted or uploaded, and the assistant handled classification.
Conversation flows led with the verdict (safe / suspicious / blocked), followed by the reasoning, followed by the recommended action. This inverted the typical AI assistant pattern of building to a conclusion — security decisions require immediate clarity, not narrative arc. Designed to avoid Lovable.dev-style UI patterns that bury the result in excessive prose.
Every alert, warning, and verdict went through a bias/risk review before production. Language that implied catastrophe, exaggerated risk, or pushed toward upsell was flagged and revised. The assistant's voice was designed to read like a knowledgeable friend, not a threat dashboard. This was codified in a responsible AI copy guide distributed to the content and engineering teams.
The AI assistant design worked through privacy review before any technical architecture was finalized — ensuring that submitted content (URLs, screenshots, messages) was handled with appropriate data minimization, clear consent flows, and transparent retention policies. Privacy was a design constraint, not an afterthought.
Alongside the product work, the team was challenged to dramatically accelerate research synthesis, design iteration, and handoff documentation. As the design lead responsible for guiding the team's AI adoption, the approach balanced speed with quality gates: generative AI handled volume tasks (persona synthesis, variant generation, copy first drafts) while human judgment governed final decisions, especially on accessibility and ethical review.
The result was a research-to-prototype cycle that previously took 6–8 weeks completing in under a week — without reducing interview quality or design rigor. Accessibility requirements were maintained through a mandatory review checklist applied to every shipped component, regardless of how quickly it was generated.
+38.5% new product revenue and +23% year-over-year high-value feature adoption following the standardization of interface patterns that made complex security workflows intuitive and accessible across platforms.
5× improvement in trial-to-paid conversion achieved by applying behavioral analytics and systematically removing friction from account creation and checkout flows — replacing ad-hoc pattern fixes with a principled conversion framework.
10× faster design and research delivery after guiding the team to integrate generative AI into core workflows — while maintaining WCAG 2.1 AA compliance and a mandatory bias/risk review for all AI-adjacent product surfaces.
End-to-end design system ownership through a period of major M&A activity — defining component architecture, design direction, and pattern standards that survived multiple brand pivots and continued to ship across all four platforms without forking.
Responsible AI framework established as a template for all future AI-powered features — including formal bias/risk review, ethical copywriting standards, and a privacy-first design protocol that predated legal requirements and positioned the product for regulatory compliance.