The vast majority of customers using the mobile apps use them as they should, but there will always be users who will try to game the system for their own benefit. Passenger Cloud has automatic systems in place to help identify these users and encourage them to use the system fairly.
Login Lock is one of the automatic systems we use, and is designed to reduce potential fraudulent activity without penalising everyone.
What causes Passenger Cloud to activate Login Lock on a user account?
When a user logs in and out of their mobile app account, the system monitors this activity and if the frequency is too high, or from more than one place, Login Lock can activate automatically.
When Login Lock is active, it is not possible to log into the account. Parts of the app that don't require logging in are still available. Login Lock deactivates automatically after 8 hours. Customers are emailed "Account suspended" when Login Lock activates, informing them that they must change their password to re-secure their account.
As the system is designed to prevent multiple logins, and not all logins to the same account, if a user is already logged into the device when Login Lock is activated they will not be automatically logged out of the device.
It might help to think about it like this:
"It's like two people trying to use one cinema ticket. We throw one of them out and stop them from coming back in. The other, we leave to watch the film as they have the ticket."