Challenge Overview

MPIN reset is one of the most vulnerable account flows. Fraudsters may exploit it to take control of accounts.

Challenge Objective

Design a risk-based authentication system that secures MPIN reset requests.

Problem Scope

Focus specifically on risk evaluation during MPIN reset flow.

Key Issues

• No behavior-based risk scoring during MPIN reset.
• Authentication risk factors are not evaluated dynamically.

Guiding Questions

• What signals indicate suspicious MPIN reset attempts?
• How should authentication requirements adapt to risk levels?
• How can fraud be prevented without disrupting legitimate users?

What Teams Should Design and Build

A system that:

• evaluates risk during MPIN reset
• applies additional verification when necessary

Solutions May Include

• secure MPIN reset procedure
• device trust scoring