diff --git a/CHANGES.md b/CHANGES.md
index 30f56919d8a..ab0b2264df6 100644
--- a/CHANGES.md
+++ b/CHANGES.md
@@ -1,4 +1,5 @@
 #3.3.4 201?-??-??
+ - 2013-12-20 Fixed bug#[10099](http://bugs.otrs.org/show_bug.cgi?id=10099) - Missing challenge token checks on customer interface.
  - 2013-12-18 Fixed bug#[10110](http://bugs.otrs.org/show_bug.cgi?id=10110) - Stats list may show too few or too many stats.
  - 2013-12-17 Fixed bug#[10103](http://bugs.otrs.org/show_bug.cgi?id=10103) - ArticleTypeID is always undef in AgentTicketCompose
  - 2013-12-16 Fixed bug#[10080](http://bugs.otrs.org/show_bug.cgi?id=10080) - Bad group check in otrs-scheduler-linux.
diff --git a/Kernel/Modules/CustomerPreferences.pm b/Kernel/Modules/CustomerPreferences.pm
index 6b0a1517247..aa88d7a92ce 100644
--- a/Kernel/Modules/CustomerPreferences.pm
+++ b/Kernel/Modules/CustomerPreferences.pm
@@ -44,7 +44,7 @@ sub Run {
     if ( $Self->{Subaction} eq 'Update' ) {
 
         # challenge token check for write action
-        $Self->{LayoutObject}->ChallengeTokenCheck();
+        $Self->{LayoutObject}->ChallengeTokenCheck(Type => 'Customer');
 
         # check group param
         my $Group = $Self->{ParamObject}->GetParam( Param => 'Group' ) || '';
diff --git a/Kernel/Modules/CustomerTicketMessage.pm b/Kernel/Modules/CustomerTicketMessage.pm
index d04c981079e..31cb35d03c8 100644
--- a/Kernel/Modules/CustomerTicketMessage.pm
+++ b/Kernel/Modules/CustomerTicketMessage.pm
@@ -222,6 +222,10 @@ sub Run {
         return $Output;
     }
     elsif ( $Self->{Subaction} eq 'StoreNew' ) {
+
+        # challenge token check for write action
+        $Self->{LayoutObject}->ChallengeTokenCheck(Type => 'Customer');
+
         my $NextScreen = $Self->{Config}->{NextScreenAfterNewTicket};
         my %Error;
 
diff --git a/Kernel/Modules/CustomerTicketProcess.pm b/Kernel/Modules/CustomerTicketProcess.pm
index 01bd4de78ee..8774541f053 100644
--- a/Kernel/Modules/CustomerTicketProcess.pm
+++ b/Kernel/Modules/CustomerTicketProcess.pm
@@ -338,7 +338,7 @@ sub Run {
     }
 
     if ( $Self->{Subaction} eq 'StoreActivityDialog' && $ProcessEntityID ) {
-        $Self->{LayoutObject}->ChallengeTokenCheck();
+        $Self->{LayoutObject}->ChallengeTokenCheck(Type => 'Customer');
 
         return $Self->_StoreActivityDialog(
             %Param,
diff --git a/Kernel/Modules/CustomerTicketZoom.pm b/Kernel/Modules/CustomerTicketZoom.pm
index 48a65f73a9e..20ac9bb6d52 100644
--- a/Kernel/Modules/CustomerTicketZoom.pm
+++ b/Kernel/Modules/CustomerTicketZoom.pm
@@ -320,6 +320,10 @@ sub Run {
 
     # check follow up
     elsif ( $Self->{Subaction} eq 'Store' ) {
+
+        # challenge token check for write action
+        $Self->{LayoutObject}->ChallengeTokenCheck(Type => 'Customer');
+
         my $NextScreen = $Self->{NextScreen} || $Self->{Config}->{NextScreenAfterFollowUp};
         my %Error;
 
diff --git a/Kernel/Output/HTML/Layout.pm b/Kernel/Output/HTML/Layout.pm
index 9ff4708c083..6e6569b0302 100644
--- a/Kernel/Output/HTML/Layout.pm
+++ b/Kernel/Output/HTML/Layout.pm
@@ -1147,11 +1147,17 @@ sub ChallengeTokenCheck {
     }
 
     # no valid token found
-    $Self->FatalError(
-        Message => 'Invalid Challenge Token!',
-    );
+    if ($Param{Type} && lc $Param{Type} eq 'customer') {
+        $Self->CustomerFatalError(
+            Message => 'Invalid Challenge Token!',
+        );
+    }
+    else {
+        $Self->FatalError(
+            Message => 'Invalid Challenge Token!',
+        );
+    }
 
-    # ChallengeToken ok
     return;
 }