Security Sample
This article illustrates the default user journey for security on LEVEL INFINITE PASS.
Account unlink verification
The LI PASS Account Center supports unlinking third-party channel accounts by default, and no additional configuration is required.
A player opens the LI PASS Account Center, and selects Link Account.
The player selects a third-party channel account to be unlinked, and a verification code is sent to the email registered on their LI PASS for verification.
The email verification is successful, and the channel account is unlinked successfully.
Suspicious activity alert
After enabling suspicious activity alerts from Player Network Console, an alert email will be sent when the set onditions have been met. The email should inform players that their account is being logged in to from a new device and/or different region, the possible risks to their account, and will also include recommended steps to be taken.
A player logs in to their game account from a new device or from a different region.
The configured conditions are met, and an alert is sent to the email registered on their LI PASS.
CAPTCHA
After enabling CAPTCHA from Player Network Console, the function may be employed in the following scenarios:
- Players request for verification codes such as during account registration or password change, and CAPTCHA can ensure that the request comes from a real user instead of an automated program.
- Players attempt log in with a password, and CAPTCHA can prevent brute force attacks or unauthorized login attempts.
A player applies for verification codes or uses their password to log in, multiple times in a short period of time for a single account.
The configured conditions are met, and CAPTCHA is triggered, which must be completed before the player can log in to the game.
Account linking restrictions
After enabling account linking restrictions from Player Network Console, when a player logs in to an account with a new device and attempts to link their account while still within the set time restrictions, a popup will be displayed to inform the player that linking cannot be performed during this time.
A player logs in to their game account from a new device.
The player attempts to link their account to a different third-party channel from LI PASS Account Center.
The configured conditions are met, and a prompt is displayed to inform the player that linking cannot be completed.
Two-Factor Authentication (2FA)
After a player enables 2FA from the Account Center, when they attempt to log in to a game with a new device using a method other than verification code login, they will be required to enter the verification code received in their registered email address.
A player logs in to their game account with password from a new device.
2FA is triggered, which must be completed before the player can log in to the game.
Device History
Players can monitor the detailed login behavior of their accounts at any time, through accessing the Device History.
A player opens the LI PASS Account Center, and selects Security Settings.
The player clicks Device History.
Log Out Of All Devices
If suspicious activity has been detected in an account, or if the player is no longer able to access their device, they can choose to log out from all devices with a single click.
A player opens the LI PASS Account Center, and selects Security Settings.
The player can access the Log Out Of All Devices function from either of the below locations:
- From the Security Settings tab, click Log Out Of All Devices.
- From the Security Settings tab, go to Device History, then click Log out of all devices at the bottom of the page.
- From the Security Settings tab, click Log Out Of All Devices.