Airbnb’s home-rental business has really skyrocketed over the past couple of years. This has been made possible because of the trust established between the hosts and travelers. The company provides a common ground for you to welcome strangers into your home without any hesitation — the outcome of which has sometimes resulted in thefts.
In an official blog post, the company today detailed that online scammers have been reeking havoc on the platform of late. They are the ones who take over Airbnb accounts of travelers with good rating and reviews. The personal information of these accounts sees minor tweaks, which are then used to book stays at the home of any host, whom they rob before leaving. This has also worked other way round as well, where hosts have been hacked to extort money from travelers who stayed at their homes. As Airbnb points out,
As Airbnb points out, such an activity on the platform is popularly known as account takeover. The user accounts are usually hacked via fraudulent online scams such as malware attacks or phishing and even password dumps from previous hacks (ahem! Yahoo!) that are available on the interwebs. This has resulted in both the hosts, as well as the travelers to suffer from massive losses and fraudulent bookings.
Talking about the same, Nathan Blecharczyk, Airbnb’s co-founder and Chief Strategy Officer said,
Our model is effective at stopping most account takeovers, but unfortunately there have been some incidents where hosts and guests have suffered. This is not acceptable to us, therefore we’re working around the clock to do everything we can to improve our detection and prevention methods.
It’s not like Airbnb did not have any security measures in place, the company was using a machine learning model to defend its users against account takeovers. This model predicted whether the login was being performed by a true user and if high risk was associated with the login attempt then users were asked for additional information. The AI was trained using hundreds of millions of historical login events — both good and bad.
But, it hasn’t proven to be completely effective and Airbnb is now bulking up on its efforts to prevent takeovers to have both the host, as well as the traveler, enjoy the community experience. The company is now adding a new set of mandatory measures, such as muti-factor authentication and account alerts to build an even stronger and trustworthy community.
This means, like most online platform such as Facebook, Twitter or Google, Airbnb will also require users — both travelers and hosts to verify their identity using additional methods when they log in using new devices.
In addition to the login password, you will now have to supply a one-time unique code sent either to your phone number or email to verify you’re the true account owner. This is known as multi-factor authentication and has already been adopted by several Internet giants a long time ago, Airbnb is actually late to the game. But, it’s better to be late than never. Now, if some scammer tries to access your account from an unknown location and device, they will be asked for more proof.
Also, as another minor but valuable addition, you’ll now be notified about every little change made to your account via SMS alerts. It will enable you to stay up to date with your Airbnb and if hackers take over your account — which they shouldn’t — then you’ll receive notification about changes in your account and you can take necessary action to prevent losses or fraud.
