Consumer App Onboarding: Mobile-First Patterns

The first 30 seconds of a mobile app determine whether users ever return. Yet most app teams still use outdated desktop onboarding patterns—asking for location, contacts, age, and push permissions before showing any value. In the Indian app ecosystem, where users are ruthless about deleting unused apps, progressive disclosure isn't optional. It's survival.

When Swiggy redesigned their onboarding flow, they moved from a 6-step permission gauntlet to a 2-step address capture. Permission requests came later, paired with clear value (location needed to show restaurants near you). Conversion improved 23%. PhonePe's registration now completes in 12 seconds—phone number, one-tap login, done. The app teaches UPI payment setup after the first successful transaction.

Progressive Disclosure: Ask When You Need It

Progressive disclosure means requesting information only when you need it for the next feature. Don't ask for location on signup—ask when users want to search for restaurants. Don't request contacts on day 1—request when they want to send money to friends.

Structure your onboarding in layers:

• Layer 1 (Signup): Phone number + OTP only. Maximum 20 seconds to completion.
• Layer 2 (Value trigger): Address/location when they browse products or restaurants.
• Layer 3 (Feature unlock): Permissions for push, contacts, or camera when those features are first used.
• Layer 4 (Trust building): Preferences and interests after 2-3 successful transactions.

Meesho's success with non-smartphone users came from asking for almost nothing upfront. Phone number verification. Done. They show products first, ask about size preferences at checkout. This pattern works because it respects the user's time—and time is the scarcest resource in a 5-minute app session.

Social Login & Friction Reduction

WhatsApp Business, Google, and UPI-based login are table stakes for Indian apps. Users expect the fastest possible entry path. However, don't make social login mandatory—always offer phone number as a fallback because not all users want to link their accounts.

The order matters. Test this sequence for your Indian audience: WhatsApp → Google → Phone Number. WhatsApp is the highest-conversion option for most categories (habit apps, fintech, e-commerce) because it's ubiquitous and comes with a pre-verified identity. Google works for productivity and creator tools. Phone number is the safety net.

A/B test removing social options to see if friction matters. In some cohorts (especially older age groups or low-data users), WhatsApp login creates anxiety. Offer a prominent "Phone number instead" link on the social login screen. Zepto found that users in Tier-2 cities preferred phone number login; they optimized their checkout to show it first in those regions.

The Skip-First Design: Permission as Permission

Every permission request should be skippable. "Allow Location" with a "Not now" button dramatically improves completion rates because users feel in control. Make "Not now" the secondary button visually—primary button for the permission you're requesting—but always make it functional.

Smart timing: Don't show permission requests during the first app load. Wait 10 seconds after signup completes. If a user bounces before they see any value, a permission modal is just friction. Permission requests only work if the user has already decided they like your app.

For critical features (like location for delivery apps), you can use in-app education before the system permission request. Swiggy shows a mini-onboarding frame explaining why location matters—restaurants nearby, accurate delivery times—before triggering iOS/Android's native permission dialog. This context improves acceptance by 15-20%.

Key Takeaways

• Progressive disclosure beats comprehensive signup. Request data when you need it, not upfront.
• Minimum viable profile: phone number + OTP only. Everything else is optional until the user finds value.
• Prioritize WhatsApp login, then Google, then phone number as fallback for Indian apps.
• Make permissions skippable; show context before system permission dialogs.
• Measure time to first transaction or first valuable action—not signup completion time.
• Tier-2 cities and older cohorts often prefer phone number login; A/B test by region.