A secure, blockchain-encrypted file transfer ecosystem for Veritx/QUDefense — spanning user portal, admin dashboard, and marketing site. Designed to handle complex permission hierarchies with zero friction.
Overview
FortisTransfer is a secure file transfer ecosystem built for Veritx/QUDefense — a defense technology company operating in high-stakes environments where data sovereignty is non-negotiable. The platform comprises three interconnected surfaces: a user-facing file transfer portal, an admin management dashboard, and a public marketing site.
I led end-to-end UX design across all three surfaces over 12 months, from initial discovery workshops with defense contractors through to final developer handoff with a 200+ component Figma design system.
The Problem
Defense contractors needed to share sensitive classified documents across organizational boundaries without relying on mainstream cloud providers like Dropbox or Google Drive — tools perceived as security risks in government-adjacent contexts.
Existing internal tooling required users to understand blockchain transaction IDs, wallet addresses, and cryptographic hashes — technical concepts that created cognitive friction and slowed file sharing to a crawl during time-sensitive operations.
Research
Working with defense clients presented a unique research challenge: users couldn't share specific details about the files they transferred or the nature of their work. I adapted standard UX research methods to focus on behavioral patterns rather than content.
4 workshops with Veritx product leads to map permission hierarchies, user roles, and compliance requirements across the three platforms.
Observed 6 current file transfer sessions to identify friction points, workarounds, and moments of confusion without asking users to reveal sensitive context.
Analysed 8 enterprise file transfer tools — from SecureShare to ShareFile — identifying patterns in how they exposed or hid technical complexity.
Ran card sorting exercises to understand how users conceptualized "secure transfer" — revealing that users think in terms of actions, not technology.
The core insight: users don't need to understand blockchain. They need to feel confident that what they sent arrived intact and only to the right person.
Design Process
Mapped the full permission hierarchy — organization admins, group managers, individual users — and designed role-based navigation that surfaced only what each user needed. No technical jargon anywhere in the IA.
Reduced every blockchain interaction to three user-facing actions: Upload, Verify, Transfer. All cryptographic operations happened invisibly behind friendly progress states with plain-English status messages.
Designed a visual org-tree permission system for the admin portal — bulk controls, real-time status indicators, and an audit log that reads like a timeline rather than a database table.
Built a 200+ component Figma library covering all three surfaces — tokens for color, spacing, and type; interactive component variants; detailed annotation pages for each flow for developer handoff.
3 rounds of moderated usability testing with 4 users each. Key finding: the "transfer receipt" confirmation flow needed to be far more prominent — users wanted proof-of-delivery before they felt the task was complete.
Outcome
The platform launched across all three surfaces within the 12-month timeline. The admin portal's bulk permission controls reduced organization management overhead significantly. The audit log — designed as a human-readable timeline — became a standout feature, praised by admins for making compliance review intuitive.
Most significantly: zero security UX regressions were reported post-launch. Users were able to complete secure file transfers without any training, which was the primary design success metric set at project kickoff.