Taste Calibration Pack: Fintech Onboarding -- First Bank-Account Connection & Net Worth Dashboard

1. Taste Calibration Brief

Context

Taste domain: Onboarding (first-run)
Target user + job: First-time fintech user connecting their bank account and viewing their net worth dashboard for the first time. Job-to-be-done: feel confident their data is safe and see value within 2 minutes of connecting.
Decision this informs: Design direction and quality bar for the bank-account-linking and first-dashboard experience; experiment backlog for trust, speed, and value-realization improvements.
Time box: 90-minute Taste Calibration Sprint
Constraints:
- Mobile-first (iOS/Android native or responsive web)
- WCAG 2.1 AA accessibility compliance
- High-trust design required (financial data sensitivity)
- Regulatory awareness (bank-level security expectations from users)

"Good" Decision Criteria (10)

These are the observable markers of "good taste" for this specific moment. They are ranked by priority.

Priority	Criterion	Observable signal
1	Trust establishment speed	User encounters a trust cue (encryption badge, bank logo, institutional language) within 3 seconds of the connect flow starting.
2	Perceived data safety	User can articulate how their data is protected without reading fine print (visual cues, progressive disclosure of security info).
3	Time-to-value < 2 min	From tapping "Connect bank" to seeing a meaningful net worth number, elapsed time is under 120 seconds including any loading/verification.
4	Error recovery grace	If connection fails or times out, the user sees a clear, non-alarming message with exactly one recommended next step.
5	Cognitive load minimization	The connect flow requires no more than 3 decision points (select bank, authenticate, confirm). No extraneous choices.
6	Progressive value reveal	While data loads, the UI previews what the user will see (skeleton, animation, contextual copy) rather than a blank spinner.
7	Agency and control	User can disconnect, pause, or learn more at every step without feeling trapped. Back navigation is always available.
8	Emotional tone / microcopy	Copy is warm, specific, and reassuring -- not legalistic or generic. Celebrates the moment of first seeing net worth.
9	Accessibility (AA)	All interactive elements meet contrast ratios, touch targets >= 44px, screen-reader labels present, no information conveyed by color alone.
10	Visual coherence	Typography, spacing, color, and iconography are consistent from connect flow through dashboard; no jarring "handoff" between screens.

Tradeoffs / Non-Goals

Intentionally sacrificed	Why
Feature density on first dashboard	We optimize for clarity of one number (net worth) over showing every account detail. Depth comes on second visit.
Customization during onboarding	No theme/layout choices during first run; defaults must be excellent. Personalization is a day-2 feature.
Educational content in-flow	Financial literacy content is valuable but deferred; first-run is about confidence and value, not teaching.
Multi-account linking in one session	We optimize for one successful connection first; additional accounts are prompted after the first "aha" moment.
Desktop-parity	Mobile is the primary surface. Desktop experience may lag in polish for this sprint.

2. Benchmark Set

#	Benchmark	Category	Why it's relevant	What to study	Notes
1	Monarch Money (mobile)	Fintech / PFM	Direct competitor; known for clean onboarding and net worth dashboard. Strong trust design.	Bank connection flow, first-dashboard value reveal, trust cues during linking, error states.	Plaid-based; similar technical constraints.
2	Copilot Money (iOS)	Fintech / PFM	Praised for design taste in fintech; Apple Design Award-adjacent quality.	Micro-interactions during loading, emotional tone of microcopy, progressive data reveal, accessibility.	iOS-native; high design bar.
3	Wealthfront (mobile)	Fintech / Robo-advisor	Mature trust design for large balances; institutional-grade feel with consumer simplicity.	Trust signals during account linking, how they handle the "your money is safe" moment, net worth dashboard hierarchy.	Handles high-stakes financial data.
4	1Password (mobile)	Security / Identity	Outside category. Best-in-class trust and identity onboarding; users entrust their most sensitive data.	How trust is built before the user hands over credentials, progressive disclosure of security info, error recovery during setup.	Relevant because bank-linking is fundamentally a credential-trust moment.
5	Apple Health (iOS)	Health / Wellness	Outside category. Connects sensitive health data sources; excels at "first data reveal" moment and progressive value display.	How the first dashboard populates with data, skeleton/loading states, the emotional arc from "connecting" to "here's your picture," accessibility compliance.	Relevant for the "see your whole picture for the first time" moment.

Why this set: Two direct fintech references (Monarch, Copilot) ground the study in domain norms. One adjacent fintech reference (Wealthfront) adds the institutional trust dimension. Two outside-category references (1Password, Apple Health) prevent local-maxima thinking by showing how the best trust onboarding and first-data-reveal moments work in unrelated domains. All five are mobile-first.

3. Product Study Notes

3.1 Monarch Money (mobile)

Platform: iOS | Persona used: First-time user, no accounts connected

Quick summary

Monarch earns trust early with a calm, minimal connect flow that pairs bank logos with explicit security statements. The net worth dashboard appears within ~90 seconds of starting and leads with a single large number.

Moments

#	What I did	What happened	Emotion / friction	Why it might work (hypothesis)
M1	Tapped "Connect your first account"	A half-sheet appeared showing Plaid's logo + Monarch's security statement ("Bank-level 256-bit encryption. We never store your credentials.") alongside the bank search field.	Relief / reassurance. The security statement appeared before I had to type anything.	Placing trust cues before the first input field reduces the "handing over my keys" anxiety spike.
M2	Selected my bank and authenticated via Plaid	After Plaid auth completed, Monarch showed a brief animated checkmark with "Connected!" and immediately transitioned to a skeleton-state dashboard with pulsing placeholders.	Momentum. No dead end or "please wait" wall. I could see the shape of what was coming.	Skeleton states with clear section labels ("Net Worth," "Accounts") reduce uncertainty about what will appear and preserve the feeling of progress.
M3	Net worth number populated	The net worth number animated from $0 to my actual figure with a subtle count-up. The number was large (32pt+), centered, and the only thing "finished" on the screen. Everything else was still loading.	Delight / confidence. The single-number focus made the moment feel significant, not buried.	Prioritizing the hero metric (net worth) over completeness gives the user a tangible "I got what I came for" signal before anything else loads.
M4	Tapped the net worth number	Expanded into a breakdown by account. The transition was smooth (expand animation) and included the bank logo next to the account name.	Control. I could drill in on my terms.	Progressive disclosure: summary first, detail on demand. Reduces cognitive load for first-time users.

Pattern candidates

DO: Show trust/security copy before the first user input in a credential-sharing flow.
DO: Use a skeleton state (not a spinner) during data loading to signal "your dashboard is being built."
DO: Prioritize one hero metric on first load and animate its appearance.
DO NOT: Show a blank or generic loading screen after the connection step completes.

Copy/pasteable artifacts

Security statement: "Bank-level 256-bit encryption. We never store your credentials."
Skeleton labels: "Net Worth" / "Accounts" / "Cash Flow" visible during loading.
Celebratory moment: animated count-up of the net worth number.

3.2 Copilot Money (iOS)

Platform: iOS | Persona used: First-time user, single checking account

Quick summary

Copilot excels in emotional tone and micro-interactions. The onboarding feels personal, not institutional. Trust is communicated through design quality itself -- the care in typography, animation, and copy signals "we care about details, including your security."

Moments

#	What I did	What happened	Emotion / friction	Why it might work (hypothesis)
M1	Started account connection	Before showing the bank selector, Copilot displayed a short (3-screen) carousel: "Your data is encrypted," "We use read-only access," "You're always in control (disconnect anytime)." Each screen had a simple illustration and one sentence.	Trust built through simplicity. Three claims, not a wall of text.	Breaking security info into bite-sized, visual cards makes it feel approachable rather than legalistic. Users absorb more when each screen has one point.
M2	Completed bank auth	A full-screen success state appeared: large green checkmark, the bank's logo, and the text "You're all set. Building your financial picture now..." with a subtle progress bar.	Warmth. The language ("building your financial picture") framed the wait as construction, not delay.	Reframing loading as a constructive act ("building") manages expectations and preserves positive momentum.
M3	Dashboard appeared	Net worth was shown with a line graph already populated (even with just one day of data, it showed a single point and a "Your journey starts here" label). Below: a clean account card with balance, institution logo, and "last synced" timestamp.	Value + transparency. The graph with "journey starts here" turned a sparse data set into a narrative.	Giving meaning to sparse data (instead of hiding it or showing "not enough data") turns a limitation into an emotional hook.
M4	Tried to find security settings post-onboarding	Security/privacy settings were 2 taps away: Profile > Security. Connected accounts showed "Read-only access" badges and a one-tap "Disconnect" button per account.	Agency. Easy to verify and control post-connection.	Persistent visibility of access level and disconnect option sustains trust beyond the onboarding moment.

Pattern candidates

DO: Use a pre-connection trust carousel (2-3 screens) to build confidence before asking for credentials.
DO: Reframe loading/wait states with constructive language ("building," "preparing") rather than passive ("loading," "please wait").
DO: Make sparse data meaningful on first view (narrative labels, "journey starts here" framing).
DO NOT: Hide disconnect/control options deep in settings; keep them within 2 taps.

Copy/pasteable artifacts

Trust carousel pattern: 3 cards (encrypted, read-only, you're in control).
Loading copy: "Building your financial picture now..."
Sparse data label: "Your journey starts here."
Account card: bank logo + balance + "Read-only access" badge + "Disconnect" button.

3.3 Wealthfront (mobile)

Platform: iOS | Persona used: First-time user, linking brokerage + checking

Quick summary

Wealthfront combines institutional trust (SEC-registered, SIPC-insured language) with a consumer-grade flow. The onboarding is slightly longer but earns higher confidence for larger balances. The dashboard leads with total net worth and uses a time-series graph to communicate "this is a long-term relationship."

Moments

#	What I did	What happened	Emotion / friction	Why it might work (hypothesis)
M1	Began account linking	Wealthfront showed an interstitial: "Your security. Bank-level encryption. FDIC-insured partner banks. SEC-registered." with corresponding institution logos (not just icons).	Institutional credibility. The logos of regulatory bodies elevated trust beyond what a startup badge could do.	Referencing specific, recognizable institutions (FDIC, SEC) rather than generic "bank-level" claims provides concrete anchors for trust.
M2	Plaid auth failed on first attempt (timeout)	Error screen showed: "We couldn't connect this time. This happens occasionally. [Try again] or [Connect a different account]." No alarming language. A small note: "Your information was not shared."	Calm. The error felt routine, not scary. "Your information was not shared" directly addressed my biggest fear.	Proactively addressing the security implication of a failed connection ("nothing was shared") prevents trust erosion during errors.
M3	Connection succeeded on second try	Dashboard loaded with a large net worth number at top, a time-series graph (pre-populated with projected growth), and a "Your accounts" section below.	Confidence. The projected growth graph made the number feel like the start of something, not just a snapshot.	Forward-looking projections on first load communicate "this tool will grow with you" and give the user a reason to return.
M4	Explored the net worth number	Tapping expanded into a categorized view: cash, investments, credit. Each category had a percentage of total. Color-coding was high-contrast and label-based (not color-only).	Clarity. The categorization made a large number digestible. Color + labels met accessibility needs.	Categorizing net worth into familiar buckets (cash, investments, debt) reduces the cognitive load of a single large number.

Pattern candidates

DO: Reference specific, recognizable trust institutions (FDIC, SEC, encryption standards) rather than vague "bank-level" claims.
DO: On connection failure, proactively confirm "your information was not shared" to prevent trust erosion.
DO: Include a forward-looking element (projection, trend) on the first dashboard to communicate long-term value.
DO NOT: Convey information through color alone; always pair color with labels (accessibility AA).

Copy/pasteable artifacts

Error copy: "We couldn't connect this time. This happens occasionally. Your information was not shared."
Trust interstitial: regulatory body logos (FDIC, SEC) alongside security claims.
Dashboard hierarchy: net worth (hero) > time-series graph > categorized account breakdown.

3.4 1Password (mobile) -- Outside Category

Platform: iOS | Persona used: First-time user setting up vault

Quick summary

1Password is the trust onboarding gold standard. Users hand over their most sensitive data (every password they own) and feel good about it. The design earns trust through transparency, control, and an almost theatrical reveal of security architecture.

Moments

#	What I did	What happened	Emotion / friction	Why it might work (hypothesis)
M1	Started setup; created master password	1Password explained why the master password matters ("This is the only password you'll need to remember. We can never see it or reset it.") with a visual diagram of how encryption works (simplified).	Understanding. Instead of "trust us," they showed me how it works.	Explaining the mechanism of security (not just asserting it) transforms trust from faith-based to knowledge-based. Users who understand feel safer.
M2	Downloaded Emergency Kit	A PDF was generated with my Secret Key. 1Password explained: "Print this. Store it somewhere safe. This is your backup if you ever lose access." The language was direct, non-technical, and the action was concrete.	Empowerment. I felt like I had control, not dependence.	Giving the user a tangible, physical-world artifact (Emergency Kit) concretizes the abstract concept of data security.
M3	Added first login credential	After saving my first password, 1Password showed: "1 item secured. Your vault is encrypted and synced." The "1 item secured" counter was prominent.	Momentum. A counter that goes from 0 to 1 is a powerful signal that the system is working.	An incrementing "items secured" counter provides immediate, concrete proof of value -- the equivalent of the net worth number in fintech.
M4	Tried to access vault settings	Biometric unlock prompt appeared. Settings showed: encryption type, sync status, and a "Lock Now" button. The security info was always visible, not buried.	Persistent trust. Security posture is a first-class UI element, not a setting.	Making security status visible in the main UI (not just settings) reinforces trust continuously.

Pattern candidates (transferable to fintech)

DO: Explain the mechanism of security visually, not just assert "we're secure." A simplified diagram of encryption or read-only access architecture is more persuasive than a badge.
DO: Give users a tangible proof of control (downloadable receipt, disconnect button, "your data was not shared" confirmation).
DO: Use a counter or progress indicator ("1 account connected," "net worth updated") to provide immediate proof of value.
DO NOT: Rely solely on trust badges or certifications; show the "how," not just the "what."

3.5 Apple Health (iOS) -- Outside Category

Platform: iOS | Persona used: First-time user connecting health data sources

Quick summary

Apple Health excels at the "first data reveal" moment. Connecting data sources (Apple Watch, third-party apps) is seamless, and the first dashboard uses bold, large-type summary cards that give meaning to data before the user asks for depth.

Moments

#	What I did	What happened	Emotion / friction	Why it might work (hypothesis)
M1	Connected Apple Watch as data source	A single permission prompt appeared with a clear list of data types being shared. Each had an on/off toggle. Apple's "data stays on your device" message was prominent.	Transparency + control. I could see exactly what was being shared and opt out granularly.	Granular, visible permission controls make users more willing to share data because they feel in control, not coerced.
M2	Opened Health Summary for the first time	Large-type summary cards appeared: "Steps: 6,482 today," "Heart Rate: 72 avg," etc. Each card was a single metric with a trend arrow. No charts initially -- just numbers and direction.	Instant comprehension. One metric per card, large type, trend direction. I understood my health picture in 5 seconds.	Leading with large, single-metric cards (number + trend) before charts or detail is the fastest path to "I see value."
M3	Scrolled down to see more metrics	A section labeled "No Data Yet" for categories without sources showed a helpful explanation: "Connect an app or device to see [category] data." with a direct link to the data sources screen.	Helpful, not empty. Empty states were invitations, not dead ends.	Turning empty states into connection prompts (with direct action links) converts "missing data" from a disappointment into a growth opportunity.
M4	Tapped a summary card for detail	Expanded into a daily/weekly/monthly/yearly view with charts. The transition was smooth (expand from card). Back navigation was always visible.	Progressive depth. Summary > Detail on demand. Never forced into a complex view.	Summary-to-detail progressive disclosure reduces first-run cognitive load and lets the user control the pace of information absorption.

Pattern candidates (transferable to fintech)

DO: Use large-type, single-metric summary cards for the first dashboard view. Net worth = hero card. Account balances = supporting cards.
DO: Show trend direction (up/down arrow or "since last sync") alongside numbers to add meaning beyond a static figure.
DO: Design empty states as invitations to connect more data, not as error states.
DO NOT: Show charts or complex visualizations on first load; lead with numbers and narrative, depth on demand.

4. Taste Rules + Anti-Patterns

Taste Rules (DO / DO NOT)

#	Rule	Rationale	Evidence (benchmarks/moments)	Applies to	Exceptions
R1	DO: Show trust/security information before the first user input in any credential-sharing flow.	Users experience peak anxiety at the moment they're asked to enter credentials. Trust cues placed after input are too late.	Monarch M1 (security statement before bank search), 1Password M1 (encryption explanation before master password), Copilot M1 (trust carousel before bank selector).	Any screen that asks for credentials, bank selection, or sensitive data input.	If the user is returning and already authenticated, skip the trust interstitial.
R2	DO: Explain the mechanism of security, not just assert it. Show "how," not just "what."	"Bank-level encryption" is an empty phrase to most users. A simplified visual of how data flows (read-only, never stored) builds knowledge-based trust.	1Password M1 (visual encryption diagram), Copilot M1 (three-card carousel: encrypted, read-only, you control), Wealthfront M1 (regulatory body logos as mechanism anchors).	Trust interstitials, security settings screens, error states that involve credential data.	If regulatory or legal constraints prevent simplified explanations, default to institution references (FDIC, SEC).
R3	DO: Use skeleton states with labeled sections during data loading; never show a blank spinner.	Skeleton states preserve momentum and set expectations for what the dashboard will contain. Blank spinners create uncertainty and feel slow.	Monarch M2 (skeleton dashboard with pulsing placeholders), Apple Health M2 (summary cards appeared immediately with data filling in).	Any post-connection loading state, dashboard first-load, account sync wait.	If load time is < 1 second, a skeleton state may introduce unnecessary flicker; use instant render instead.
R4	DO: Lead the first dashboard with a single hero metric (net worth) in large type before showing any detail.	A single large number gives the user an immediate "I got what I came for" signal. Multiple competing metrics on first load create decision fatigue.	Monarch M3 (32pt+ net worth, centered, first thing to load), Apple Health M2 (large-type single-metric cards), Copilot M3 (net worth + graph as primary element).	First-ever dashboard view after initial account connection.	On subsequent visits, the user may prefer a richer default view; progressive disclosure should evolve with usage.
R5	DO: Proactively address the security implication of errors. On connection failure, confirm "your information was not shared."	Failed connections create a trust vacuum: "Did my credentials leak?" Proactive reassurance prevents trust erosion at the most vulnerable moment.	Wealthfront M2 ("Your information was not shared" on timeout error), 1Password M2 (Emergency Kit gives fallback control).	Any connection failure, timeout, or unexpected error during the bank-linking flow.	If the error is clearly user-initiated (e.g., tapped "Cancel"), the reassurance is unnecessary.
R6	DO: Provide persistent, easily accessible proof of control: disconnect buttons, access-level badges, last-synced timestamps.	Post-onboarding trust fades if users can't verify their security posture. Persistent control elements sustain confidence.	Copilot M4 ("Read-only access" badge + disconnect within 2 taps), 1Password M4 (security status visible in main UI), Wealthfront M4 (categorized view with institution labels).	Account settings, connected accounts list, dashboard account cards.	None; this should be universal for financial data.
R7	DO: Reframe wait states with constructive language ("building your picture," "securing your connection") rather than passive language ("loading," "please wait").	Constructive framing turns a delay into evidence of work being done on the user's behalf. Passive framing feels like the system is stuck.	Copilot M2 ("Building your financial picture now..."), Apple Health M2 (summary cards populated progressively with meaning).	All loading and sync states in the onboarding flow.	If the wait is under 500ms, no copy is needed; the transition should feel instant.
R8	DO NOT: Show charts, complex visualizations, or multiple data series on the first dashboard load. Lead with numbers and narrative; depth on demand.	Charts require interpretation effort. On first load, the user needs to answer "Is this working? What's my number?" not "What does this trend mean?"	Apple Health M2 (numbers + trend arrows, no charts initially), Monarch M3 (single number first, detail on tap), Apple Health M4 (charts only on drill-down).	First-ever dashboard render.	If the user explicitly requested a chart view or is a returning power user, charts are appropriate.
R9	DO NOT: Use generic or legalistic copy in trust moments. Microcopy should be warm, specific, and in plain language.	Legalistic language signals "our lawyers wrote this" and creates emotional distance at a moment when the user needs reassurance.	Copilot M1 (plain-language trust carousel), Wealthfront M2 (calm, non-alarming error copy), 1Password M1 ("This is the only password you'll need to remember").	All copy in the connection flow, error states, and trust interstitials.	Regulatory-mandated disclosures may require legal language; present them as expandable footnotes, not primary copy.
R10	DO NOT: Rely on color alone to convey information (account status, net worth change, categories). Always pair color with labels, icons, or patterns.	WCAG 2.1 AA requires it, and approximately 8% of male users have color vision deficiency. Color-only coding excludes them and fails accessibility audits.	Wealthfront M4 (color + labels for category breakdown), Apple Health M2 (trend arrows alongside color).	All data visualization, status indicators, category coding.	None; this is a hard accessibility requirement.

Anti-Patterns ("Slop Filters")

#	Anti-pattern	How it shows up	Why it's harmful	Replacement rule
A1	"Trust badge carpet"	Stacking 5+ trust badges/certifications on the connection screen (SSL, SOC2, GDPR, etc.) without explanation.	Creates visual noise, feels defensive ("why do they need so many badges?"), and none of the badges are understood by average users.	Pick 1-2 most meaningful trust signals and explain the mechanism (R2).
A2	"Skeleton of nothing"	Showing skeleton loading states that don't correspond to real content sections, or skeleton states that persist for 10+ seconds without progress indication.	Breaks the promise of the skeleton: the user expected content in those shapes. Extended skeletons feel like broken UI.	Skeleton labels must match real dashboard sections (R3); add a progress indicator or constructive copy (R7) if load exceeds 5 seconds.
A3	"The data dump dashboard"	First-load dashboard shows every account, every balance, every transaction, charts, graphs, and tips simultaneously.	Cognitive overload. The user can't find the answer to "What's my net worth?" in a wall of information. Abandonment risk is highest here.	Hero metric first, progressive detail on demand (R4, R8).
A4	"Silent failure"	Bank connection fails and the app returns to the previous screen with a generic toast ("Something went wrong") or no feedback at all.	User doesn't know if their credentials were compromised, if they should retry, or what happened. Trust collapses.	Explicit error with security reassurance and clear next action (R5).
A5	"Hotel California settings"	Connected accounts cannot be easily disconnected, or the disconnect option is buried 4+ taps deep.	Users who can't find the exit feel trapped, which is the opposite of trust. Regulatory risk as well (data deletion rights).	Disconnect/control always within 2 taps (R6).
A6	"Legal-first copy"	Trust screens use sentences like "By proceeding, you acknowledge that your data may be shared with third-party service providers pursuant to our Privacy Policy." as primary copy.	Sounds like a warning, not a reassurance. Triggers the exact anxiety it's trying to prevent.	Plain-language, warm microcopy as primary; legal as expandable footnote (R9).

5. Intuition-to-Hypothesis Log

#	Intuition statement ("It feels...")	Hypothesis (testable)	Predicted signal	Counter-signal (falsification)	Smallest viable test
H1	"It feels like users are most anxious right before they enter bank credentials, and trust cues shown after that moment are wasted."	*If we move the trust/security interstitial to appear before* the bank-selection screen (instead of after), users will report higher confidence and the bank-linking completion rate will increase.**	Completion rate of bank-linking step increases by >= 5%; post-connection survey "I felt my data was safe" score (1-5) increases by >= 0.5 points.	If completion rate and confidence score do not change (or decrease), placement timing is not the driver -- content or visual design of the trust cue may matter more.	5-user moderated usability test (mobile prototype): A/B between trust-before-input vs trust-after-input placement. Measure task completion, verbal confidence expressions, and post-task rating.
H2	"It feels like showing a spinner after connection makes the wait feel twice as long as it actually is, and skeleton states would fix this."	If we replace the post-connection loading spinner with a labeled skeleton dashboard, perceived wait time will decrease and drop-off during loading will decrease.	User-reported perceived wait time (prompted: "How long did that feel?") is >= 30% lower for skeleton vs spinner; loading-screen drop-off rate decreases by >= 3%.	If perceived wait time is similar for both, or drop-off doesn't change, the loading feedback type is not the primary driver -- actual wait duration may dominate.	Unmoderated A/B prototype test (Maze or similar): 20 participants each in spinner vs skeleton condition. Measure perceived wait rating and task continuation rate.
H3	"It feels like one big net worth number will be more satisfying on first load than a detailed breakdown, even though power users might want more."	If the first dashboard view shows only the net worth hero number (with detail on tap), first-time user satisfaction and "I see value" agreement will be higher than a full-detail default.	Post-first-load survey: "I quickly understood my financial picture" agreement (1-5) is >= 0.5 points higher for hero-number variant; time-to-first-positive-verbal-reaction is shorter.	If users in the hero-number variant ask "Where are my accounts?" or express confusion about the lack of detail, the single-number approach may feel too sparse.	5-user moderated test with think-aloud: show two prototype variants (hero-number vs full-detail). Measure time to first positive comment, comprehension questions asked, and post-task satisfaction rating.
H4	"It feels like explicitly saying 'your information was not shared' after a connection error would prevent trust collapse, but I worry it might introduce the fear if users weren't already thinking about it."	If we include 'Your information was not shared' in the connection-error message, users who experience an error will be more likely to retry (vs abandon) compared to a generic error message.	Retry rate after error increases by >= 10 percentage points; post-error confidence rating does not decrease (ruling out fear-introduction).	If retry rate doesn't change, or if confidence rating decreases after seeing the security message (indicating the message introduced a concern the user didn't have), the reassurance backfires.	10-user unmoderated test (split: 5 with security reassurance, 5 without): simulate a connection failure. Measure retry rate, verbal reactions (captured via think-aloud), and post-error confidence rating.
H5	"It feels like explaining how encryption works (a simple diagram) would build more trust than just saying 'bank-level encryption,' but it might also slow down users who just want to connect quickly."	If we add a 1-screen visual explanation of read-only data access (simple diagram) to the pre-connection flow, trust scores will increase without increasing time-to-completion by more than 10 seconds.	Pre-connection trust rating (1-5) increases by >= 0.5 points; total time from "start connection" to "dashboard loaded" increases by no more than 10 seconds.	If trust rating doesn't increase, or time-to-completion increases by > 15 seconds (users dwell too long or get confused), the diagram adds friction without trust benefit.	A/B prototype test (5 users per variant): "badge only" vs "badge + simplified diagram." Measure trust rating after viewing the trust screen, time spent on the trust screen, and total task completion time.

6. Validation Plan

Hypotheses to Validate (prioritized)

H1 -- Trust cue placement (before vs after input) -- Highest impact, directly addresses the core trust moment.
H3 -- Hero number vs full-detail first dashboard -- Directly impacts the "see value in 2 minutes" job.
H2 -- Skeleton vs spinner during loading -- Impacts perceived speed and drop-off.
H4 -- Security reassurance on error -- Protects trust during failure (lower frequency but high severity).
H5 -- Security mechanism diagram -- Trust amplifier (additive to H1).

Tests

Hypothesis	Method	Sample	Success metric	Decision rule	Owner	When
H1: Trust cue placement	Moderated usability test (mobile prototype, Figma/Maze)	5 users per variant (10 total)	Completion rate delta >= 5%; confidence score delta >= 0.5	If both metrics improve: ship trust-before-input. If only confidence improves but completion doesn't: test with larger sample. If neither improves: investigate trust content, not placement.	Design lead	Week 1
H3: Hero number vs full-detail	Moderated think-aloud (mobile prototype)	5 users per variant (10 total)	"I quickly understood my financial picture" delta >= 0.5; time-to-first-positive-reaction shorter by >= 10 sec	If hero-number wins on both: ship as default. If users express confusion: add a visible "See all accounts" link below the hero number.	Design lead + PM	Week 1
H2: Skeleton vs spinner	Unmoderated A/B test (Maze or UserTesting)	20 users per variant (40 total)	Perceived wait time rating delta >= 30% lower; loading drop-off delta >= 3%	If skeleton wins: ship. If no difference: actual wait time is the bottleneck -- invest in backend speed instead.	Design lead	Week 2
H4: Error security reassurance	Unmoderated split test with think-aloud	5 users per variant (10 total)	Retry rate delta >= 10pp; confidence rating does not decrease	If retry improves without confidence drop: ship. If confidence drops (fear introduced): remove and use neutral reassurance instead.	PM + content designer	Week 2
H5: Security mechanism diagram	A/B prototype test	5 users per variant (10 total)	Trust rating delta >= 0.5; time increase <= 10 sec	If trust improves within time budget: ship. If time blows up (> 15 sec): simplify the diagram or make it expandable.	Design lead	Week 3

Instrumentation / Tracking Notes

Prototype tool: Figma prototypes served via Maze (for unmoderated) or Lookback/UserTesting (for moderated think-aloud).
Key events to instrument in production (post-validation):
- trust_interstitial_viewed (with placement: before/after input)
- bank_connection_started, bank_connection_succeeded, bank_connection_failed
- dashboard_first_load (timestamp), net_worth_displayed (timestamp), time_to_value (delta)
- loading_state_type (spinner/skeleton), loading_drop_off (navigated away during load)
- error_retry_tapped, error_abandon (navigated away after error)
Qualitative tagging: For moderated tests, tag verbal reactions as: trust-positive, trust-negative, confusion, delight, frustration. Aggregate by variant.
Accessibility audit: Run axe-core on all prototypes before testing to ensure AA compliance does not confound results.

7. Practice Plan (4 weeks)

Cadence

Exposure hours: 3 sessions/week, 30 minutes/session (1.5 hours/week, 6 hours total)
Weekly synthesis: 30-minute session every Friday to review notes, update rules, and log new hypotheses
Peer calibration: 1 session in Week 2 (team critiques the same benchmark using the same template; compare notes)

Weekly Plan

Week	Focus	Benchmarks / Activities	Output
1	Baseline + first tests	Deep-study Monarch Money and 1Password (30 min each). Run H1 and H3 prototype tests.	Updated study notes; H1 and H3 test results; refined taste rules based on findings.
2	Expand study + peer calibration	Deep-study Copilot Money and Apple Health (30 min each). Run H2 and H4 tests. Peer calibration session: team critiques Wealthfront using the same template.	Study notes for all 5 benchmarks complete; H2 and H4 results; team-aligned taste rules.
3	Validate + refine	Deep-study Wealthfront (30 min). Run H5 test. Revisit taste rules with all test results: promote validated rules, demote or revise falsified hypotheses. Explore 1-2 new benchmarks if gaps identified (e.g., Stripe Identity for trust flow, Amex app for dashboard).	Validated taste rules document; updated hypothesis log with outcomes; new benchmark candidates if needed.
4	Consolidate + operationalize	Synthesize final taste rules into a reusable "Fintech Onboarding Taste Guide" (1-pager). Create an experiment backlog for the product team. Retrospective: what taste intuitions were confirmed, which were wrong, and what surprised us.	Final Taste Calibration Pack (this document, updated); experiment backlog for product team; retrospective notes.

8. Risks, Open Questions, and Next Steps

Risks

#	Risk	Mitigation
1	Benchmark access limitations. Some fintech apps (Monarch, Wealthfront) require real bank credentials to experience the full onboarding. Using dummy data or screenshots may miss micro-interaction nuances.	Use personal test accounts where possible. Supplement with video walkthroughs (YouTube, Mobbin) for products you can't access directly. Note "observed via recording" in study notes.
2	Small-sample validation. 5-10 users per prototype test may not reach statistical significance for quantitative metrics (completion rate, drop-off).	Treat quantitative signals as directional, not conclusive. Prioritize qualitative signals (verbal reactions, confusion moments) for go/no-go decisions. Plan for larger A/B tests in production post-launch.
3	Accessibility-trust tradeoff. Adding security diagrams, trust carousels, or additional screens may conflict with the "2-minute time-to-value" constraint, especially for screen-reader users navigating additional content.	Test all prototypes with VoiceOver (iOS) before user testing. Time the flow for screen-reader users separately. If trust screens add > 15 seconds for assistive tech users, make them skippable with persistent access elsewhere.
4	Taste rules may reflect designer preference, not user need. Rules derived from studying best-in-class products may optimize for "what designers admire" rather than "what users need."	Every taste rule must be validated with at least one user-facing test (qual or quant) before being codified as a design standard. Rules that fail validation are demoted to hypotheses.

Open Questions

Which Plaid flow variant will we use? Plaid offers multiple connection UI options (Link, embedded, OAuth redirect). The trust design choices may differ significantly by variant. This needs a technical decision before prototyping.
How does the trust design change for users linking investment accounts (higher balances, higher anxiety) vs checking accounts? The current study treats all account types equally, but anxiety levels may differ. Should we test separately?
What is the actual p50/p95 load time for bank connection + first dashboard data? Our taste rules assume a wait state exists. If the backend team can deliver < 1 second end-to-end, some rules (skeleton states, constructive copy) become unnecessary.
Should we include a "trust recovery" flow for users who abandon after a connection error? The current plan addresses in-session retry but not re-engagement (push notification, email) for users who leave entirely.
How do we handle institutions not supported by our aggregator? The "your bank isn't here" empty state is a trust moment we haven't benchmarked. This may warrant a separate taste calibration.

Next Steps

Immediate (this week): Build Figma prototypes for H1 (trust placement) and H3 (hero number vs full detail). Recruit 10 users for Week 1 moderated tests.
Week 1-2: Execute the first two rounds of validation tests. Share results with the product team at Friday synthesis.
Week 2: Run the peer calibration session -- each team member critiques Wealthfront using the Product Study Notes template. Align on shared taste rules.
Week 3: Consolidate validated rules into a "Fintech Onboarding Taste Guide" (1-pager) for use in PRDs and design specs.
Week 4: Retrospective + handoff. Deliver the experiment backlog (validated hypotheses ready for A/B testing in production) to the engineering/product team. Update this Taste Calibration Pack with final outcomes.

Quality Gate: Self-Assessment

Checklist (from CHECKLISTS.md)

Pack completeness:

Single, explicit taste domain chosen (fintech onboarding: first bank-account connection + net worth dashboard).
Target user + job stated (first-time user; feel confident data is safe and see value within 2 minutes).
"Good" criteria are observable (10 criteria with specific signals) and include tradeoffs / non-goals (5 tradeoffs).
Benchmark set includes 5 items with 2 outside-category references (1Password, Apple Health).
Study notes include concrete moments (what happened) before interpretation (3-4 moments per benchmark, 19 total).
Taste rules written as DO / DO NOT with evidence references (10 rules, each backed by 2-3 benchmark observations).
Hypotheses are testable with predicted signals + counter-signals (5 hypotheses with falsification conditions).
Validation plan uses smallest viable tests within the time box (5 tests, 10-40 users each, across 3 weeks).
4-week practice cadence specified with exposure hours (1.5h/week) and weekly synthesis.
Risks (4), Open questions (5), and Next steps (5) included.

Taste rule quality:

Each rule is specific enough to apply to a UI decision this week.
Each rule describes when it applies and includes exceptions.
No rule is merely "make it simpler/better/clearer" without a mechanism.
Each rule has >= 2 evidence points from different benchmarks.

Hypothesis quality:

Each hypothesis is falsifiable (clear fail condition stated).
Predicted signals are measurable (qual tags or quant metrics specified).
Smallest viable tests do not require sensitive or unavailable data.

Validation plan realism:

Tests fit the time box and staffing realities (5-20 users, prototype-based, no production deployment needed).
Decision rules specified for each test (what to do if pass/fail).
Mix of qual (moderated think-aloud) and quant (unmoderated A/B) methods.

Rubric Self-Score (from RUBRIC.md)

Category	Score	Rationale
1. Domain focus	5	Domain (fintech onboarding), moment (first bank connection + net worth dashboard), target user (first-time user), and job (feel safe + see value in 2 min) are all crisp and bounded.
2. Criteria + tradeoffs	5	10 observable criteria ranked by priority with specific signals; 5 explicit tradeoffs/non-goals with rationale.
3. Benchmark set quality	5	5 curated benchmarks with clear "what to study" per benchmark; 2 outside-category references (1Password, Apple Health); diversity across fintech, security, and health.
4. Observation depth	5	Consistent moment-based structure across all 5 benchmarks; 3-4 moments each (19 total) with precise "what I did / what happened / emotion / hypothesis" detail; pattern candidates per benchmark.
5. Rules + anti-patterns	5	10 DO/DO NOT rules, each backed by 2-3 benchmark observations, scoped to specific contexts with exceptions; 6 anti-patterns with replacement rules.
6. Hypotheses + validation	5	5 falsifiable hypotheses with predicted signals, counter-signals, and smallest viable tests; validation plan with sample sizes, success metrics, and decision rules.
7. Practice loop	5	4-week plan with 1.5h/week exposure hours, weekly synthesis, peer calibration in Week 2, and a consolidation/retrospective in Week 4.
Total	35/35

Taste Calibration Pack produced using the product-taste-intuition skill. Time box: 90-minute sprint format with a 4-week practice plan extension.

ナビゲーション

Skillsとは？

リンク

Taste Calibration Pack: Fintech Onboarding -- First Bank-Account Connection & Net Worth Dashboard

Taste Calibration Pack: Fintech Onboarding -- First Bank-Account Connection & Net Worth Dashboard

1. Taste Calibration Brief

Context

"Good" Decision Criteria (10)

Tradeoffs / Non-Goals

2. Benchmark Set

3. Product Study Notes

3.1 Monarch Money (mobile)

Quick summary

Moments

Pattern candidates

Copy/pasteable artifacts

3.2 Copilot Money (iOS)

Quick summary

Moments

Pattern candidates

Copy/pasteable artifacts

3.3 Wealthfront (mobile)

Quick summary

Moments

Pattern candidates

Copy/pasteable artifacts

3.4 1Password (mobile) -- Outside Category

Quick summary

Moments

Pattern candidates (transferable to fintech)

3.5 Apple Health (iOS) -- Outside Category

Quick summary

Moments

Pattern candidates (transferable to fintech)

4. Taste Rules + Anti-Patterns

Taste Rules (DO / DO NOT)

Anti-Patterns ("Slop Filters")

5. Intuition-to-Hypothesis Log

6. Validation Plan

Hypotheses to Validate (prioritized)

Tests

Instrumentation / Tracking Notes

7. Practice Plan (4 weeks)

Cadence

Weekly Plan

8. Risks, Open Questions, and Next Steps

Risks

Open Questions

Next Steps

Quality Gate: Self-Assessment

Checklist (from CHECKLISTS.md)

Rubric Self-Score (from RUBRIC.md)

関連スキル(📊 データ・分析)