Network-enabled account services are available for many types of “accounts,” including banking, investment, credit card, e-mail, and almost every conceivable type of traditional or network-based services that involve “owner” registration or subscription. Network-enabled account services provide remote access to personal account information and/or management capability via the Internet, for example, on a Worldwide Web (“web”) site of an account administrator. Accordingly, authentication measures exist to restrict access or account privileges to a private account to only authorized users (e.g., account owner(s)).
To prevent unauthorized access, a user may be required, for example, to “log” into an account to access web content containing account information. Typically, logging into a specific account requires the user to enter valid, private account login information. The account login information can include a user name, user ID, login name, customer access number, e-mail address, or the like, along with a password, pass code, access code, personal identification number (PIN), codeword, or the like, which are uniquely associated with the specific account.
Currently, network-enabled account protection may be compromised when the account login information is made known to an unauthorized individual. Account login information can be ascertained by an unauthorized individual in a number of ways, for example, by a fraudulent practice known as “phishing.” Phishing is the act of sending an e-mail to a user falsely claiming to be an established legitimate enterprise in an attempt to scam the user into divulging private information that may then be used for identity theft or unauthorized account access. Accordingly, existing account login processes alone are insufficient to prevent the unauthorized or fraudulent access to online account services.