Doing security checks

Unusual activity check

A message on a phone asking to confirm your password because it is a new or unfamiliar device.

Description

If there is a change in how the user accesses their account, like from a new device or geographical location, further security checks are required. This often also generates a notification through a different channel. For example, when someone logs into their email from a new device, they are sent a message notifying them of this change.

Advantages

  • Logins from different devices are recorded, so the user can review and revoke access that doesn’t look right
  • The user is notified if the account has been compromised
  • Reassures the user the security of their account is being protected

Limitations

  • If it’s a service that the user accesses often, they might be overwhelmed if they receive a notification each time
  • The user may miss notifications if multiple accounts are compromised
  • Unusual activity can only be detected by collecting data about “usual activity” - this can include personally identifiable data such as machine IDs or IP addresses.

Examples

  • Facebook requires people to answer security questions or sign in again if they're accessing services from a new location

  • Many online banking services require further authentication when transferring money to a new account

Related patterns