Consider the following scenario:

  • a user gives us an email, jane.doe@example.com, they are a new user and we match them with our records
  • one year later, a user gives an email jp1954@gmail.com, this is a new email address, we ask our questions and we match them
  • but jp1954@gmail.com has matched the same identity as jane.doe@example.com

What do we do?

It depends. Is re-answering the record checking questions secure enough? Can we:

  • sign them in as that user
  • ask if the user wants to use their old or new email address
  • show their old email address

We think it needs to be more secure, and the original email address must be alerted.

Asking for mobile numbers

We’re considering asking for mobile numbers as an extra layer of security, and as something we can use to disambiguate in cases like this.

At the beginning of the journey we would:

  • ask for an email address, and confirm the email address with a code
  • ask for a mobile number, and confirm the mobile number with a different code

It’s not quite so simple though.

Asking for a number is an extra hurdle

Firstly, asking for a number is an extra hurdle.

  • Do we let users continue if they do not have a mobile number?
  • What if they have a number but no access to it at the moment?
  • Will it work with international numbers? (Probably)
  • Confirming two sets of codes will be confusing, people will try to reuse their email code

How secure is a number?

If they give us a number, can we treat access to emails and mobile phone numbers equally?

Consider this scenario:

  • a user gives us an email and phone number, jane.doe@example.com, 07123456789, they are a new user and we match them with our records
  • one year later, a user gives an email jp1954@gmail.com, this is a new email address, so we ask for a mobile number
  • they give us 07123456789 and confirm it with a code

Is this secure enough to:

  1. Sign them in
  2. Show and update their old email address with their new email address

It is more secure than the original scenario because they are more likely to be the same person, having access to the same thing.

Going one step further, we could also get them to reconfirm their name, date of birth, etc.

Different email and different number

There’s now a new scenario too:

  • a user gives us an email and phone number, jane.doe@example.com, 07123456789, they are a new user and we match them with our records
  • one year later, a user gives an email jp1954@gmail.com, this is a new email address, so we ask for a mobile number
  • they give us 07987612345, also a new number, and they confirm it with a code
  • we ask our questions and we match them
  • but jp1954@gmail.com has matched the same identity as jane.doe@example.com and their mobile numbers are different

What do we do?

Short video walkthrough

Proof of concept using phone numbers

Screenshots

Your mobile number

ask-for-number.png

Check your phone

confirm-number.png

You’ve signed in with a different email address

which-email-address.png

Share this page

Tags

User experience Teachers