Customers increasingly have to deal with fraudulent theft of credentials. Methods used are for example phishing, where cybercriminals try to trick individuals into providing their credentials through fake emails, websites, or messages that appear legitimate, or brute force attacks, where automated tools are used to guess passwords by systematically trying various combinations until the correct one is found.
The cooldown period feature represents a measure to detect and protect against credential theft. It allows defining a cooldown period for newly enrolled Airlock 2FA devices. This gives customers time to verify that the new device was registered by a real and legitimate end-user, and not by a malicious third party attempting to access the end-user's account with stolen end-user credentials.
If required, it is possible to allow the use of new Airlock 2FA devices for specific low-risk operations during the cooldown period, such as low-value transaction approvals and authentication to unexposed applications.
Both the cooldown period itself and the allowed transactions are configurable. For more information on how to configure the cooldown period feature, see Configuring the cooldown period.
There is also a special use case, which combines the cooldown period feature with the one-device policy. In this use case, only one valid 2FA device per end-user is allowed. For more information on how to configure this special use case, see Cooldown period with one-device policy.