Airbnb adds new security measures to prevent scammers from hijacking hosts
Airbnb today announced a new set of mandatory security measures,
including multi-factor authentication, it’s implementing to prevent
account takeovers. Now, for the first time, Airbnb will require both
hosts and guests logging in from new devices to verify their identity
with a second account, either via SMS or email. A vast majority of other
social and communication apps use multi-factor authentication,
including Facebook, Google, and Twitter, making Airbnb a bit of an
outlier to have gone so long before enabling it by default.
The company says that one of the most common security
breaches suffers is when a scammer or other bad actor takes control of
someone’s account by obtaining the password. Normally, this would mean
access to someone’s email or the ability to purchase stuff on their
behalf. But in the case of Airbnb, it could mean giving a stranger
access to private details about your home and the ability to rent it out
to others. That arguably raises the stakes when it comes to account
security.
Airbnb says it already uses predictive models, trained
using machine learning techniques, that look for uncharacteristic
behavior to flag. For instance, if the account is seeing an abnormal
number of login attempts or a login from a foreign country, Airbnb’s
system might ask for an additional confirmation that the person logged
in is truly the host. Unfortunately, the company says this isn’t enough
and both guests and hosts have suffered lost funds and fraudulent
bookings as a result.
Now, at the very least, there’s an additional wall of
security to prevent malicious takeovers of your Airbnb account. In
addition to multi-factor authentication, Airbnb is also adding SMS
alerts to let people stay up to date about changes made to their account
in the event a stranger has gained access and starts tinkering with
settings.
The article was published on : theverge
Post a Comment