Identity & Security
I Stopped Thinking My Phone Was My Identity
“It’s not my number anymore.”
“Sir, for your protection, we can only send the SMS to the registered mobile device.”
“I just told you, that device is at the bottom of a canal in Khlong Toei.”
“I understand your frustration, but to verify it’s you, we need you to enter the six-digit code we just sent to that device.”
“How can I enter a code I can’t see?”
“Is there anything else I can help you with today?”
The logic of a recovery flow is a closed loop, a digital Ouroboros that assumes the head will always be able to find the tail. It is a mathematical proof written in a world where glass never breaks, SIM cards never expire, and humans never leave their bags in the back of a Grab car at three in the morning. When we design these systems, we are not designing for people; we are designing for “users,” a sanitized, predictable species that exists only in Figma prototypes and architectural diagrams.
I spent years believing that friction was the ultimate badge of security. I was wrong. I used to argue in boardrooms that if a recovery process was easy, it was fundamentally flawed, operating under the assumption that an attacker is always more motivated than the actual owner of the account.
I ignored the reality that a fortress with no key is just a tomb for the person who lives inside. A recovery flow is a map of a territory that no longer exists the moment a person loses their primary device. Therefore, the map is not only useless but actively deceptive, because it points toward landmarks-a phone number, a secondary email, a trusted device-that have been wiped from the user’s physical reality by the simple entropy of life.
Consider the definition of “verification.” Verification is the act of proving that a digital entity corresponds to a physical person. We test the edge case of this definition when the physical person remains the same, but every digital breadcrumb they have ever dropped has been swept away by a single moment of misfortune.
If the person is still standing there, holding their breath and their passport, but the system refuses to acknowledge them because a specific piece of silicon is missing, then the system is no longer verifying identity; it is verifying the possession of an object.
Moving from verifying the hardware to recognizing the human.
The Fire in the Blueprint
Kendall J.-P. once told me that fire doesn’t care about the blueprint of a house. Kendall is a fire cause investigator, the kind of person who spends their days sifting through charred timber to find the exact point where a copper wire failed. They told me that architects design buildings to be lived in, but fire “lives” in the building in a completely different way.
“People think a fire is an external enemy, but a fire is just the building’s own materials reacting to a change in environment. A lockout is the same thing.”
— Kendall J.-P., Fire Cause Investigator
Fire finds the gaps in the insulation, the hollow spaces behind the drywall, and the vents that were supposed to circulate air but instead circulate heat. “Your security system isn’t failing because someone is attacking it,” Kendall said. “It’s failing because it’s reacting to a change in your life that it wasn’t built to handle.”
The Speed of Betrayal
In the gaming and entertainment world, specifically within the high-speed environment of the Thai digital market, this friction isn’t just an inconvenience; it’s a total system failure. When a player on a platform like
wants to access their balance or check a tournament standing, they are operating in a window of leisure time that is narrow and hard-won.
If they’ve upgraded their phone over the weekend and find themselves staring at a “Verify via Old Device” screen, the “security” they were promised feels a lot like a betrayal. We build these flows with the “happy path” in mind. The happy path assumes you still have your iPhone, you haven’t changed your carrier to save 200 baht a month, and your cousin didn’t borrow your tablet to play games and accidentally wipe the cache.
But life is almost never a happy path. Life is a series of “unforeseen circumstances” that are only unforeseen because we refuse to look at them.
The failure modes a system anticipates are smooth, like a well-oiled gear slipping into place; the failure modes it didn’t imagine are cliffs, sheer drops where the user falls out of the digital world entirely and lands in a graveyard of “Contact Support” buttons that lead to nowhere.
The irony of modern security is that the more “secure” we make an account, the more we tie it to a single point of failure. We call it Multi-Factor Authentication, but for many people, all those factors live in one pocket. If that pocket is picked, or if that pocket ends up in a puddle, the “multi” becomes “zero.”
We have created a world where you can prove who you are to a border guard in five minutes, but it takes five days to prove who you are to an automated script. I’ve had to admit that my previous stance-that security must be uncompromising-was a luxury of the disconnected.
It is easy to demand perfect security when you aren’t the one trying to recover your life’s work or your weekend’s entertainment from a hotel lobby in a city where you don’t speak the language. True security isn’t just about keeping the bad guys out; it’s about having the humility to recognize that the good guys are messy.
Designing for the “Human Reason”
We need systems that understand the “human reason.” A human reason for a lockout is rarely “I forgot my password.” It is more often “I was at my sister’s wedding and I dropped my phone in the punch bowl.” It is “I moved to a new province and the signal is different.” It is “My child was playing with the settings and turned on something I don’t understand.”
The WeddingDropped phone in the punch bowl.
The RelocationNew province, different network signal.
The PlaytimeChild activated settings not understood.
If a recovery flow cannot imagine these scenarios, it is a piece of fiction. It is a story the developers told themselves about how a person should behave, rather than an observation of how a person does behave.
When I look at the architecture of a platform like RCA77, I see the attempt to bridge this gap. There is a focus on speed and automation, yes, but there is also a necessary acknowledgment of the Thai user’s reality-one where mobile-first is the only way of life. In a mobile-first world, the loss of the device is the loss of the self. Therefore, the security must be smart enough to look for the person behind the screen, using more than just a single SMS token as a crutch.
We think that because we have defined thirty-two different error codes, we have covered all the bases. But there is no error code for “My life changed faster than your database could update.” I used to find a certain professional satisfaction in a “hard” lockout. I thought it meant the system was doing its job.
Now, I see it as a failure of imagination. If a user has their ID, their face, their history of transactions, and their physical presence, but we still tell them “No” because they don’t have a specific SIM card, we are admitting that our algorithms are weaker than our customers’ lives.
We are entering an era where the “digital twin”-that version of us that lives in servers and databases-is becoming more rigid even as our physical lives become more fluid. We change jobs, cities, and devices at a rate that would have been unthinkable twenty years ago. Yet, our recovery flows are still built on the logic of the permanent address and the lifelong phone number.
The Wall vs. The Bridge
Old Approach
The Uncompromising Wall
If it’s easy, it’s flawed.
New Approach
The Forgiving Bridge
If it trusts the human, it’s secure.
The real challenge for the next generation of developers isn’t to build a better lock. It’s to build a better “I forgot the key” protocol. It’s about creating a path back home that doesn’t require you to already be standing inside the house. I’ve stopped fighting for the wall and started fighting for the bridge.
Because at the end of the day, a security system that doesn’t trust the person it’s supposed to protect is just a very expensive way to lose a customer. We have to stop imagining the user as a static variable and start seeing them as a living, breathing, phone-dropping, number-changing entity.
The security of a fortress is a tragedy if the King is locked outside in the rain while the hearth remains cold.
The next time you’re designing a flow, or the next time you’re frustrated by one, remember Kendall’s fire. It doesn’t follow the plan. It follows the reality of the structure. Our digital lives are the structure, and if we don’t build in the vents and the exits for the messy, human heat of real life, we shouldn’t be surprised when the whole thing burns down around us.
And like any relationship, if it lacks the ability to forgive a mistake or accommodate a change, it’s destined to fail. I’d rather have a system that knows my name and my face than one that only knows my serial number. Because I am more than my hardware, and it’s about time our software realized that too.