Read about the basics of User Intel
|What it does||Checks if any Personally Identifiable Information (PII) data and credentials specified have been exposed by a hack or attack.|
About User Intel service
The User Intel service allows you to check a large repository of breach data to see if a user’s PII or credentials have been compromised. This data is indexed and can be looked up by:
Purpose of User Intel service
Understanding whether a user’s credentials or personal information have appeared in a recent breach can be extremely valuable in protecting your application and users. By identifying compromised credentials during account creation, you can prevent bad actors from creating false accounts on your application. In addition, informing users of breached credentials will help build trust between you and your users. This means you’re helping them improve their security while also ensuring your application is used only by legitimate credential owners.
Here are some of the helpful fields returned by the User Intel service:
|The objects nested under data will indicate if a user’s data has been involved in a breach and how many times the user’s data has been involved in said breaches.|
|A summary is a string indicating if a result was found or not.|
|Raw data returned by the provider you specified in the API request. You can investigate the raw data if it’s meaningful to your use case or if you want to supply it to your users. You must set the raw field to true to receive this data.|
Understanding the breach status of a user account can be useful in various ways.
Common use cases include:
Blocking or requiring extra confirmation steps during the user signup flow. When a user is signing up for an account you can use the User Intel service to understand if the user account information has been involved in a recent breach. This information can indicate to your application if additional steps must be taken before you allow the account to be created. This helps prevent bad actors from creating accounts with compromised credentials.
Protecting user accounts from future compromise by informing them of breached passwords during account creation. You can incorporate User Intel while your user is creating a password-based account. When the user attempts to use a password, you can use the secure User Intel service to discern whether that password has been used in a recent breach.