Solved: Sanity Check: Authenticating Callers via PIN from DB

mloraditch · ‎03-12-2013

My goal is to get a pin from the user if their pin is in the DB, Go Forward and handle the call, if not, mark as an error give them 1 more time to try, then hangup.

Does the attached script logic make sense?

My DB Read is

SELECT PIN from TableName

Where PIN=$PIN

Here is where I need some reassurance. Obviously if the PIN isn't in the DB, there will be no data returned, but presumably the query would have still been successful, thus I follow with a DB read and map the PIN result to another variable used later. If successful proceed with script execution, if no data (aka bad pin) retry. Does this all make sense? Any better way of handling?

Thanks!

david.macias · ‎03-12-2013

Your approach is solid, the only thing I would add is that you might want to keep a record of those ANIs which keep entering bad PINs, that way you could block them. This would prevent someone from just trying random PINs until they get in.

david

Blog

View solution in original post

david.macias · ‎03-12-2013

Your approach is solid, the only thing I would add is that you might want to keep a record of those ANIs which keep entering bad PINs, that way you could block them. This would prevent someone from just trying random PINs until they get in.

david

Blog

mloraditch · ‎03-12-2013

Thanks for the validation, I may add that logging idea.