Frequently Asked Questions

Who needs DetPhish solution ?

Any website that has a login page, irrespective of whether it is a small online cookie shop or a big bank or social media website.It protects their online users from phishing attacks.

Can a website using DetPhish solution have more counter challenge data elements filled by user at the time of registration ?

Yes, websites implementing DetPhish solution can add any number of counter challenge data elements. More the number of data elements, harder it is to phish a user.

Can websites enable their user add their own counter challenge data elements instead of fixed elements ?

Yes, it is quite possible. The webpage can have a button clicking which users can add any number of customized data elements. While adding a customized data element, the solution also checks for certain sensitive information in the data element before adding it to avoid identitity theft of users. The sensitive information includes SSN, passport number, driver license, state id etc.

How does DetPhish solution prevent brute force attacks through fradulent counter challenges ?

DetPhish solution defeats phishers trying to gather data element values that they can use in answering user's counter challenge questions in order to trick the user entering their password in the password page. This is achieved by blocking users performing two consecutive counter challenges without entering the correct password, indicating a phisher's brute force attack.

When a server receives a counter challenge request with a userid from a browser, it should receive athe correct password leading to a successful authentication. A wrong password or no password received at the server for the same userid before a second counter challenge could mean a phisher impersonating a user trying to collect their personal data.

If two consecutive futile or void counter challenges received by a server with a given userid, the server blocks the userid to prevent further data leakage. The real user can have his account unblocked by calling or sending email to customer support. The customer support can unblock the user after confirming their identity by verifying their identity documents such as SSN, passport, driver license, state id etc. Further, the support team can investigate the phisher's details from his IP address and intitiate legal action.

The server marks the letters of the data element revealed in a brute force attack exposed in its database and disables the corresponding check boxes in the counter challenge UI page in order to prevent the genuine user from falling prey to the phisher. When 30 percent of letters of a data element are marked exposed, the data element is deleted from the database, and the user is prompted to add a new data element when they login next.