Use the following process to permanently ban a device based on exceeded login thresholds:
- Store the device_id in a blacklist on the customer's end.
- Upon subsequent logins, if the new login(s) for the device_id matches the blacklisted device_id, block the login regardless of any decision returned by Kount Access.
The caveat to performing this action is that permanently blocking a device based solely on thresholds may be too extreme. A Kount Access user may find they must unblock accounts manually.
Our suggestion is to set threshold limits very high, such as over 20 or 30 attempts per minute, if a customer wants to perform a permanent ban.