We use multiple layers of defense with built-in redundancies to verify law enforcement agents and prevent their Kodex accounts from unauthorized use.

Law Enforcement Account Verification

Law enforcement officers are required to sign up with a verified agency email. However, criminals know that law enforcement agencies often have weaker security than the companies they’re trying to exploit, so agency email domains are a popular target. This is one reason why additional verification is required for individual accounts to gain authorization for Emergency Data Requests (EDRs). We immediately notify our customers if an unauthorized account attempts to submit an EDR to them through our portal.

Suspicious Behavior Detection

Law enforcement agents have varying technical capacity, so Kodex maintains a continuous system of verification to detect and mitigate unauthorized access to Kodex accounts. Kodex has mitigated threats ranging from individual agents having a shared password leaked from another service to entire email domains being compromised. This continuous verification uses technical signals, combined with a global threat intelligence team, to prevent law enforcement agent compromise. To date, we’ve blocked thousands of imposters attempting to submit fraudulent requests. Occasionally, we even see fraudsters trying to scam each other with advertisements for access to Kodex accounts which have already been blocked from submitting requests.

Global Threat Intelligence

One of our greatest strengths is the experience of our security and engineering teams including former law enforcement officers, seasoned cybersecurity experts, and anti-fraud investigators. Our vast knowledge and expertise in identifying, defending against, and disrupting criminal attacks against online accounts is not only built into Kodex technology, it’s strengthened by our expansive threat intelligence network. It’s not uncommon for our team to notify law enforcement about a potential compromise in their systems because of the information we have about underground criminal networks.

Criminals looking to steal personal data know that law enforcement agencies often have weaker security than the companies that collect the data. So agency email domains are now a popular target for criminals hoping to scam companies into giving up sensitive data by emailing fake requests.

That's why we don't stop at email verification when vetting law enforcement requests, nor do we stop verifying accounts at login. Our team includes seasoned cybersecurity experts and former law enforcement officials; we've seen it all and we're always monitoring for impersonators.