Guild Wars 2

Essentially I am making this post to suggest a solution to a potential problem. The first post will identify the issue and the second will propose a solution, as I’ve not been able to post it all under one.

Currently, if you have a major account change you need to go through customer support to have it carried out. For example, changing your e-mail address associated with the account and having it recovered if it was stolen.

To complete these requests generally speaking they request your Serial Product Key to to verify the account as “yours.” You can do this when submitting it to them via the support ticket generator tool that is used to communicate to them.

EX:

Hi my name is X and I need my email changed from Y to Z.

My serial code is 1234-5678-90ab-cdef.

Thanks!,
X

This all seems fine. You have sent an message to customer support proving this is your account (after all you are the only one who has access to that serial number) and they can verify this and carry out this action for you.

Here are the problems I notice though when looking at this system though:

All of this is essentially conducted via an e-mail support system. They communicate to you via e-mail with the ticket history and you communicate back, again, via e-mail.

E-mail unless encrypted is sent via plain text.

This e-mail system is not encrypted.

Plain text means that if someone sees that e-mail they see exactly what is in it. Encrypted means there is some sort of method used to hide the message (there are numerous ones with different degrees of effectiveness.)

That may not seem like much of an issue until you consider the following:

Assuming both the customer service e-mail account(s) and the end user’s account are secure, the e-mail is passed on to multiple servers / locations / computers as it makes its way to its destination. (Think of it like crossing multiple territories/states/countries to get to your travel destination.) The problem exists in the simple fact that during its travel between the two parties that e-mail can easily be intercepted by someone with a little bit of talent and know how. Now you may think, “What issue is that of mine?” Well, its a big issue and here is why.

If someone were to intercept that e-mail, they now have the entire conversation, which just so happens to contain the e-mail addresses of the parties that are communicating, probably the end-user’s name, and the serial key that is required to carry out changes and prove ownership of that account.

All of a sudden, you, the end-user, now share your account with someone else unwillingly. They are able to contact customer support with your serial key and cite your e-mail address and with a little bit of a story perhaps, impersonate you and take over your account.

While this seems grim, keep in mind they do not have access to any payment methods used or your password or anything extremely compromising. While they can get your password reset and e-mail changed and wreak havoc on your virtual characters and their wealth or reputation, you can always submit an e-mail or support ticket and get that account right back. Essentially you and the thief will play keep away as much as possible passing the account back and forth until it gets resolved somehow, which it probably would be very hard to do and faithfully know whose account this is. If you purchased it directly from ArenaNet you at least benefit from the fact that you need some more purchasing information and can potentially find another avenue of contact with them and give them the aforementioned information in its entirety and possibly get a serial key change. If this happens, please don’t use e-mail again as it was how you were exploited.

I hope I’ve been clear enough in explaining the potential issue or exploit that can occur with the current customer support solution.

Here is one of my suggestions on resolving it (If needed I will post more):

Probably the most effective: Enact an encrypted e-mail system.

Pros: even if the e-mail is intercepted it is not vulnerable to easy viewing.

Cons: Not always consumer friendly and if private key is compromised the entire system is defeated.

Method:
ArenaNet would need to employ a public and private key encryption method. Everyone who wants to e-mail or contact ArenaNet would need to use this public key to encrypt their e-mail and then ArenaNet would use their private key to decrypt it. The public key readily available to anyone to send them a message however, the private key cannot be accessed and is kept secure by ArenaNet as it is vital.

Seeing as ease of use may become an issue, make it so tickets can only be viewed or sent via an online portion of ArenaNet (using SSL of course and the two key systems.) They may view the fact that there is an update to their ticket in their e-mail but nothing more.

Another issue that could come up is the fact that a customer could be trying to recover a password. To prevent interception of a password reset link, or minimize it, have a separate system (again using SSL and perhaps include some security training material for customers, much like the password comic strip) where they enter in the e-mail and their key or other information to request this reset. Seeing as the customer will be looking for it it minimizes the time it is left unused. What I mean by this is if someone is intercepting your e-mails, you (the customer) will generally get to this reset link first seeing as the person intercepting would need to be ready right then and there. Even if they get to it first you will probably request another one time use e-mail reset link and lock them out before they get into anything vital (such as a ticket with your serial key.)

Conclusion:

Overall, this method of compromising an account is not very common. The point is that it can occur. I appreciate how security conscious ArenaNet is and I wanted to identify this potential weak spot in one of their systems. I don’t believe it would cost very much to implement or alter interactions very much in comparison to how they are now, although I could be completely wrong on this. At the end of the day it would prevent a security hole from being exploited and give us, as customers, even more piece of mind that ArenaNet is being proactive in protecting our accounts so that we can continue to invest our time in their amazing product and reap the enjoyment of doing so!