2026-01-12 06:25:59

Thoughts on Account Security Verification Mechanisms. Currently, many trading platforms have introduced multiple verification methods such as device authentication and facial recognition to prevent theft, with the original intention of protecting user assets. However, there are some aspects in actual implementation that are worth discussing.

First is the authentication logic for device changes. If a user only changes their phone or computer, but the platform requires redoing facial recognition or other complex verifications, this approach indeed causes inconvenience for users. Especially for those who regularly upgrade their devices, having to repeat lengthy identity verification processes each time actually reduces the user experience.

Second is the standard for determining account ownership. Generally, possession of the phone number, email, password, and authenticator should be considered as proof of legitimate account ownership. If these credentials are verified and pass system review, then even if device information changes, it should not be regarded as suspicious login or account theft. This logic aligns better with the principles of protecting user rights.

It is recommended that platforms, when optimizing security strategies, be more flexible in balancing anti-theft needs and user experience, avoiding the inconvenience caused by excessive verification.

View Original

This page may contain third-party content, which is provided for information purposes only (not representations/warranties) and should not be considered as an endorsement of its views by Gate, nor as financial or professional advice. See Disclaimer for details.

18 Likes

Reward
18
8
Repost
Share

Comment

0/400

ApeDegen

· 4h ago

Haha, every time I change phones, I have to redo face recognition. This is really ridiculous. Is the platform protecting me or torturing me? --- Having the password, phone number, and email should make you the legitimate owner, right? Why do you need device authentication? Excessive verification is just bullying. --- I just want to ask if anyone else has been messed with by this verification system like I have. It's really annoying to death. --- That's right, there needs to be a balance between theft prevention and user experience. It's not that the more complicated, the safer. --- Changing devices requires redoing face recognition again. This logic is really absurd. Can't I be the one to decide my account? --- All the core credentials have passed the review, but I still have to go through extra steps. Is this distrust in users or what?

View OriginalReply0

ForkTrooper

· 23h ago

I’ve read it carefully. The verification process on trading platforms is really strict now. Changing to a new phone requires redoing facial recognition, so annoying.

View OriginalReply0

AmateurDAOWatcher

· 01-12 06:55

Damn, this verification mechanism is really ridiculous. Just changing a phone feels like I'm being robbed, so annoying. Every time I log in, I have to scan my face. Is the platform really trying to prevent theft or just prevent me from using it? By the way, if you really have control over the phone's password manager and such, isn't requiring facial recognition over the top? Can't security and user experience be less opposed?

View OriginalReply0

PumpDetector

· 01-12 06:51

nah platforms doing the security theater thing again... they build these walls to "protect" you but really just gate-keep your own money. read between the lines - it's institutional risk management dressed up as user protection, not the same thing at all.

Reply0

RektButSmiling

· 01-12 06:49

Haha, changing a phone means re-adding face recognition. Who came up with this genius plan? --- Having a phone number and password validator isn't enough; they insist on device authentication. Truly using a sledgehammer to crack a nut. --- Basically, the platform is afraid of taking responsibility and just shifts the cost to users. --- Every time I upgrade my device, I have to go through a hellish verification process. I choose not to upgrade anymore. --- The true owner is the one holding the private key. If you can't tell the difference, how dare you call yourself a trading platform? --- That's why I now use cold wallets. No more messing around. --- Can't security and user experience coexist? Is it really that difficult? --- Why should I go through multiple checkpoints for all credentials? It's absurd. --- This centralized exchange verification system will eventually push people toward self-custody. --- You never know how long it will take to log in after the next device update.

View OriginalReply0

CryptoCrazyGF

· 01-12 06:45

It's the same old story again. Every time I change phones, I have to redo face recognition. Truly unbelievable. The platform just loves over-security, stricter than banks. By the way, whose verification logic is so absurd... I just want to log into an account. Security and user experience are like oil and water. When will the industry figure this out? I hold all the credentials myself, so why do I have to go through this repeatedly? I’ll just uninstall platforms with such poor experiences. Do whatever you want.

View OriginalReply0

LiquidationAlert

· 01-12 06:44

I think the idea is pretty good, but in practice it’s really a hassle. Every time I change phones, I have to re-verify a bunch of things. My buddy is right; the person holding the private key and the validator should be the owner. There's really no need to make it so complicated. Should major exchanges listen to users' feedback? Security is important, but user experience also matters. Balancing is indeed difficult, but right now it’s clearly leaning too much toward over-verification. It needs to be adjusted.

View OriginalReply0

SoliditySlayer

· 01-12 06:32

Every time I change phones, I have to redo face recognition. It's really ridiculous, to the point that I don't even want to update my device anymore. --- Speaking of which, a password email verifier should be enough, why insist on staring at device information? --- This is a typical case of over-security; the platform is overcomplicating things. --- Holding these credentials is your account, what else can it be? Do I really have to compare facial features? --- Some exchanges' verification processes are truly disappointing; is it really necessary to choose between anti-theft measures and user experience? --- Logging in on a new phone still requires face recognition, making it feel like opening an account, with a terrible experience. --- Ultimately, it's the platform's risk control logic that isn't well-designed. Forcing verification methods in a rigid way is just unavoidable.

View OriginalReply0