Simplify Account Verification Process
Jimmy5
Member Posts: 2 ★
Rather than asking security questions that are next to impossible to answer, especially for players like me (player tag menamoo55) who have been playing for years, consider using recent purchase and payment info to authenticate an account. I set up my account years ago and no longer have access to that email. I can’t change the email because the security questions are too onerous and too far gone from memory. I’ve gone through the support process and am just told sorry, then closed out. Yet I still spend money every month. Why would a player spend a ton of money on an account they don’t own? The process could definitely use major improvement.
6
Comments
I support establishing a secure method of account verification, but the current process is asinine.
How do we get this issue raised in importance so that they actually do something about it?
ME: So you are telling me its considered more secure for me to guess 10 names, 5 locations, and 557 start dates, than it is to tell me which one was right. That makes absolutely no sense.
KABAM:I hope you understand that we follow strict practice when it comes to account information because we are serious about account security and keeping player accounts safe. We firmly suggest providing all possible answers and we will see which matches on the account. This will prevent other parties to get access to the correct information of the account.
We work daily to make sure that players feel that all of their questions and concerns are being heard, so please know that you can always contact us should you have further inquiries.
ME: This response makes me feel completely unheard. I had to use brute force hacking techniques to get into my account. This is the opposite of how I want my account secured. I feel completely vulnerable knowing someone can do what you forced me to do, and guess every date, name, and location feasible in one shotgun approach. This is inherently unsecure driven by the fact that the account owner can't verify their own information. I should be able to answer your security questions with confidence and if I happen to forget an answer there should be some method of logging into my account to find out that information. What you have employed works only on people with perfect recall (only 60 people in the world have that) or brute force hacking techniques that any person in the world could employ. My email address though guarded is still fairly easily obtainable, I could also easily have guessed every day this game has existed and with minor knowledge of me guessed many of the locations I could feasibly have been on those days. This is not secure. I really want to be able to contact support with confidence in your competence, but this week long evolution has tarnished that forever. This has also taken me, a player that spends on any offer i deem meets its value proposition, to be a permanent free to play player. This is easily the worst support experience of my life. Security questions should ALWAYS be established by the account owner, NOT support. Please elevate this feedback, do not take away my access to my account, and do not knowingly swindle players like myself.
--------------------------------------------
only 2 of the 5 questions on their standard form are valid questions to ask:
What are your first two real-money purchases? Include the dates (yyyy-mm-dd) and the amounts of real money that you spent on iTunes or Google.
Did you ever attach a Kabam ID to your account, and what was the original email address that was linked to your account? Write the exact email address you attached to your account as a Kabam ID.
The others are completely from memory and can not be verified, but they can be brute forced. Which after a dozen or more attempts I did.
My feedback is simple, every player should be prompted to establish security questions, in game, at creation of account. This is standard practice, and I can't think of a player anywhere in the world that would object to establishing their own security questions. The effort to secure our accounts is valid and appreciated, but without having first experienced this fiasco of support, nobody would ever save off the information to the other 3 questions. It could even be as simple as sending an email to the KABAM ID account with the account initiation information so that could be saved for future interaction with Kabam.
1)you own nothing
2)memory will fail
3)email will disappear because it got delete for inactivity. business cease or hacker took it over
kabam is just to cheap to implement a sound/ solid authetication systems, 9+ yrs and players have to rely on the forum to find other to interact with
4)i don't want it associate with google play id