Due to new regulations, two-factor authentication (or 2FA) is being implemented as an extra layered security measure when accessing the online platform. This new feature will be mandatory from the 13th April 2020.
What is Two-Factor Authentication?
Two factor authentication (or 2FA) is an extra layer of security to make sure someone trying to access their online account is who they say they are. In addition to providing information you know such as username and passwords (1st factor), you’ll also be asked to use something you have such as a smartphone (2nd factor) to confirm your identity.
Why is Two Step Verification Important?
Two step verification, also known as 2FA (two factor authentication), is crucial for banking apps due to the importance of layered security and the need for robust cyber security measures in the banking sector. Implementing two-step verification adds an extra layered security to prevent unauthorised access to sensitive financial information and transactions. It requires users to provide two separate forms of authentication, typically a combination of something they know (like a password) and something they have (like a unique code sent to their mobile device). This significantly reduces the risk of fraudulent activities and unauthorised access, ensuring a higher level of cyber security for banking apps.
Is 2FA Mandatory?
Yes, the implementation of 2FA is mandated by the UK Regulator as a crucial measure to enhance cyber security in banking and mitigate fraud risks across the entire UK Banking network. This extra protection is being introduced across all UK Banks and financial service providers.
Setting up 2FA
Between now and the 13th April you will start to be given the option to register for 2FA using your mobile phone, when logging in to the platform, by taking the following steps:
- Either download the Authy mobile application when prompted, and start the simple registration process.
- Alternatively, you can choose to receive a 2FA code via SMS instead if you prefer.
- Once registered, you will be asked to provide the 2FA code, either via the App or SMS (along with your username and password), whenever you log in to the online platform from a new device, or every 15 days from an existing device.
I didn’t receive a text message with instructions to download the app
You may already have Authy installed on your phone, in which case check the App and you should see the token has been setup
Sometimes poor signal can result in SMS messages being delayed. Please check your reception and try again. On the confirmation screen, you can also check the mobile phone number you entered, just to make 100% sure it is correct.
If the issue persists you can always select the option to receive a 2FA code via SMS
Can I use another authenticator app like Google Authenticator instead?
Not at this time, we believe Authy is the best app for the job. But this is something we’ll be monitoring demand for with a view to introducing in future.
Logging in with 2FA
How often will I be asked to verify my identity
Every time you log into the online platform from a device you haven’t used before, you will be asked to verify yourself using the Authy app. If you have ticked the “Remember this device for 15 days” option on the 2-step login page, we won’t ask you to verify on subsequent attempts over the next 15 days. After this time has lapsed, you will need to verify yourself using the 2-step login again.
I have 2FA set-up but wasn’t prompted for it when I logged in
Usually, this is because you will have selected the “Remember this device for 15 days” functionality on a previous log-in attempt. If you still think there may be issues with your 2FA, please contact us directly.
I don’t have my phone with me
You need to have access to a device registered to receive your 2-factor authentication prompts in order to keep your account secure. The best thing to do is to enable Authy Multi-Device which allows multiple trusted devices to use the same Authy account. This will also help if you ever lose access to one of your devices. If you can’t access any of your devices and urgently need to access your account, please contact our support team.
I’ve lost my phone or have a new phone number
There are a number of options, the easiest being if you already have more than one device registered.
- If you have access to another registered device you can use it to manage your devices, including changing your phone number.
- If you have access to a new phone with the same number then you can restore your Authy account on your new phone by downloading the app.
- If you have a new phone number and don’t have another registered device, you can request to change your phone number.
Further information on this can be found on the Authy website – https://authy.com/help/
As always please email email@example.com should you have any issues or questions