When an account is reclaimed by the legitimate owner Ravelin should be notified that the account has been secured. This will prevent the account from being blocked due to activity that happened while the account was compromised.
We recommend telling us about the account reclaim either:
- After the legitimate customer has reset the password and the account can be considered secure
- If you have force reset the password to something new and the account can be considered secure
If you want to know more about how to reclaim an account, please read our developer documentation.
How reclaims work
When we receive a reclaim event for a customer we reset all Account Takeover features. Only login activity which happens after the reclaim event will be used to build up those features again. For Payment Fraud all data is retained, including activity that happened before the reclaim.
In Connect, when an account is reclaimed we reset the network connections around the customer in question. We drop any connections that were seen in the account before the reclaim date. However, these will be rebuilt after the reclaim if the customer re-uses a device, email, card etc.
Reclaims have no effect on other customers' networks: it will reset the network for the reclaimed customer but for any other customer in that network the graph still shows the full network including the reclaimed account. Consequently, if the network is centred on a customer whose account hasn't been reclaimed you will see the full network including the accounts with reclaims. Whereas accounts that do have reclaims will show as customer nodes floating outside the main network.
Reclaimed Accounts on the dashboard
On the customer profile if an account has been reclaimed you will see a banner with the reclaim date. In the audits tab you will also see an event for "Account reclaimed".
Account reclaim information is also visible in the network.
