Forum: Event Management System

New Authentication System for Anonymous Content

P
Paul Zupan
Nationality: United States
Certifications:
  • International Judge
  • National Judge
In response to spam and anonymous content being submitted to the site via the electronic forms, we have implemented a new system for authenticating users.  We are testing this process on hearing requests and crew substitutions.  If a user that is not signed into the site (an anonymous user) attempts to submit a hearing request or crew substitution, they will be required to authentic the email and/or telephone number they submitted by entering a code that was sent via that email address and telephone number.  Once they enter the code, they will then be able to submit the form.  Officials for the event will see an indication on the Hearing Request Panel (and Crew Substitution Panel) that that email and phone number has been authenticated and thus you will know who submitted the request.  It is unfortunate that such security must be implemented but we are seeing more and more misconduct around the use of management software.  Please let me know if you have any comments or suggestions concerning this process.
Created: 23-Nov-10 01:24

Comments

P
Peter van Muyden
Nationality: Canada
Certifications:
  • Judge In Training
  • International Race Officer
0
Very sad to see that you have to implement a system like you are proposing.   Your solution will work most of the time, but lately I have been involved with events that used Kiosks or POS terminals for those sailors who don't have an device to submit a hearing, crew substitution, equipment substitution  and etc. requests.   

Is there a possibility of using an innovative method to bypass the authentication requirement for devices I listed above?   What about storing the device id's of those devices in the events configuration?  https://stackoverflow.com/questions/49692073/how-can-i-get-a-unique-device-id-in-javascript    
Created: 23-Nov-10 05:16
P
Michael Butterfield
Nationality: United Kingdom
Certifications:
  • International Judge
  • International Umpire
  • International Race Officer
0
Paul. I see this for autonomous persons but will it tell us which registered user had lodged a request?
We may have had one competitor using another's name (selecting it in the panel) to lodge a request with made-up information and facts.
Created: 23-Nov-10 13:03
P
Angelo Guarino
Nationality: United States
Certifications:
  • Regional Judge
  • Fleet Measurer
0
Peter … is that you are asking for basically a “trusted device” mode?
Created: 23-Nov-10 13:26
P
Peter van Muyden
Nationality: Canada
Certifications:
  • Judge In Training
  • International Race Officer
1
Yes, if that is possible.
Created: 23-Nov-10 14:30
P
Uros Zvan
Nationality: Slovenia
Certifications:
  • International Judge
  • National Race Officer
2
Dear Paul, I'm using your race management system, as well as some other, for five years. In all this time, I saw just once spam hearing request. It's good idea to apply authentication system, but you should be very careful. To use it, should be optional.
With underage sailors we can not use it. At the entry forms we have usually email and phone numbers of their coaches and/or parents.
I saw many times with youth classes, that parties arrived late to the hearing. Many time excuses were like that father from Netherlands called him/her to the event in Greece that he have a hearing... So with youth classes we can not relay on the email and phone numbers in the system. Also we want to encourage kids to lodge hearing requests by themselves. With authentication system this goal will not be achieved.
Have in mind also, that in the past time when we came to the race office with hearing request on the paper nobody checked our identity.
Created: 23-Nov-10 15:42
P
Michal Pajak
Nationality: United Arab Emirates
Certifications:
  • National Measurer
  • National Race Officer
  • National Umpire
  • National Judge
0
I believe that this change might be currently causing problems for the mobile application. Hearing requests submitted by the mobile app do not seem to be reflecting in the system. On the other hand there is no way to authenticate on the app itself ... as far as I see.
Created: 23-Dec-05 07:51
[You must be signed in to add a comment]
Cookies help us deliver our services. By using our services, you agree to our use of cookies. Learn more