Breach Of Customer Security: Failed Login, Multiple Tries, Now What!?

That dreaded moment when you see that someone has failed consistently to log in to a customer account. Now due to safety precautions, penalties must be given to whoever is trying to bust in. It could be the real person or could be a hacker. The protocol is to shut the account down for several minutes basically. This is the standard response to multiple failed tries to log into an account. Now it could just be they forget their password or mistyped. However the verification information will be ceased from entering for a period of time. So what can you do now, or better yet what should be doing? The key is not to panic, and just see what they do next. As a business your top priority is to not have your reputation smashed in public, so you’ve got to question yourself, are you doing enough? There are other methods you can implement that will add layers to the security and safety of your customers.

Image credit U.S. Army illustration

 

Email vital personal

Okay, it’s one of the two, it’s either email or password errors that are being done when an account is continually failing to login. What you should have has as part of your registration method is backup failsafe questions. For example, ask the account holder personal questions, such as their mother’s maiden name, their favorite food or place, how many times they’ve moved house etc. These kinds of questions only have specific answers that no one else could possibly know apart from the customer. Therefore rather than just ask them via the failed login page, you can also send them an email asking these questions. Be wary however as their email may have been hacked also, but the walls of questions are still relevant. Once they have answered the questions correctly, you can then send them a link which will allow them to reset their information.

Image credit Justlen Van Zele

There’s only one you

One of the newest methods of security and login validation is facial recognition. No, it’s not quite James Bond anymore, because almost every smartphone has the ability to procure software that does exactly this. One of these is jumio.com/trusted-identity/netverify that uses biometric data analysis to scan facial features and thus confirm that you are the real person. They call it liveness detection that will thwart fraud by ensuring a selfie of the living person matches that which they took upon first verifying their account with your business. Don’t worry about loopholes around this as holding up a picture of the person will not be successful. This is great for security purposes, but it’s also great for speeding up the purchasing process. Rather than having to type out passwords and emails customers can just hold up their phone to their face and confirm who they are.

If these precautions fail, they can always ring your business, and the situation can be resolved on the phone. But seeing as you have a huge amount of customers that are in the same boat as each other, asking them personal questions might be their saving grace in the event of a hacking. Newer technology is making harder for criminals to gain access to customer accounts so you should consider utilizing facial recognition software which cannot be imitated any other way.

Leave a Comment