Summary
To combat cybersecurity risks and bot attacks, the member registration functionality now includes the following security features to prevent unauthorised registrations to your loyalty program.
- maximum verification attempts
- time lockouts
Prerequisites
To utilise the security features described in this article you will need:
- Polygon Central with a deployment date of 30 April 2024 or later.
Configuration
The configuration settings that govern these functions are located:
- Polygon Central | Configuration | Loyalty | Member Registration Details
Note: these settings are not generally exposed to Admin users, please speak to your Redcat contact about these features.
Maximum Verification Attempts
A configurable value to set the maximum limit for members to be able to attempt or request verification.
The default value for this setting is three (3) attempts.
Interval Time Delay
You can configure the time delay (in seconds) between verification attempts.
Time Lockout
When the maximum number of allowed verification attempts is reached, verification for that member will enter a timed lockout period.
The default value for this setting is twenty four (24) hours.
Time lockouts will be within a rolling window. For example, if you made 3 attempts - at 2.00 pm, 4.00 pm, and 6.00 pm. - twenty four hours after the initial 2.00 pm attempt one further verification attempt is allowed before being locked out until twenty fours after the 4.00 pm attempt (two more hours).
Considerations
- This only applies to 're-verification' attempts, so the initial verification request does not add to the count.
- A new request for a verification code will invalidate the previous request.
- These security features are available for both OLO2 and OLO3 platforms.
Article Change Log
| Date | Record of Changes | Author |
|
August 2024 |
First publication of this article. |
S Black |