On Sat, 07 Oct 2017 01:30:27 +0200, Philip Paeps said: > On 2017-10-06 15:18:45 (-0700), Brandon Long via mailop wrote: > >It can also aid in using say geohop stats. Ie, one easy way to try to > >detect hijacking is to geoloc the accessing IP, and see how close it > >was to the last access, or keep track of where the user is accessing > >from. This has obvious issues if your users travel. If a user with a > >phone that supports it goes somewhere else, chances are they'll access > >from the phone first, even if their desktop client doesn't support > >client-token, so you have a strong signal that they traveled somewhere > >else. > > This paragraph sounds incredibly creepy... I'm glad I'm not one of your > users!
I read it as "even if they travel, we have a way to identify it's them and not an impostor". Can be really handy sometimes. I notified my bank that I was going to the Philippines once - and had my card declined in the Beijing airport because it wasn't the Philippines. Now that they have given out new cards that have chips on them, my bank can be more sure that it's really my card in the Beijing airport next time....
pgpwLPdZ_FFiQ.pgp
Description: PGP signature
_______________________________________________ mailop mailing list mailop@mailop.org https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop
