Two-factor Authentication (2FA) is the simplest, most effective way to ensure users are who they say they are. It has become the safest way to use modern security to protect our customers and provide a seamless, trusted digital payment experience.
You may be wondering, why aren’t regular passwords enough?
With the continuous development of our digital habits, it’s no wonder our digital accounts have become a magnet for criminals. Malicious attacks on organizations, businesses, and people are happening more frequently. Similarly, there is no evidence that the rate of hacks, data breaches, or criminality is decreasing. It is becoming increasingly important to use Two-factor Authentication as this a way to immediately neutralize any risks to compromised passwords that give access to your personal accounts.
Luckily, as a secure payments processor, we’ve added an extra layer of protection to your DPO account through two-factor authentication, also commonly referred to as 2FA. Ensuring the safety of your transactions and your account is our number one priority, which is why we require two-factor authentication on the DPO Portal. Strong authentication is necessary to increase access security for accounts and online services.
With 2FA, it is highly unlikely that someone else would be able to obtain your second-factor information even if your password or device is stolen.
From a business perspective, if you use 2FA correctly, it allows you to be sure of your identity, allowing you full access to our services.
Some common types of two-factor authentication:
SMS Text-Message and Voice-based 2FA
This type of 2FA interacts directly with your mobile phone. The website asks you for a login and password before sending a one-time passcode (OTP) through text message. You are then prompted to re-enter the OTP into the program to gain access. Like text-based 2FA, voice-based 2FA automatically calls you and speaks the 2FA code directly to you.
Software Tokens for 2FA
While at DPO we make us of SMS & Voice-based 2FA, it is important to be aware of another widely used method of two-factor authentication (and a preferred alternative for SMS and voice) makes use of a time-based, one-time passcode that is generated by software (also known as TOTP or “soft-token”).
To use this type of 2FA, you will need to download and install a free 2FA program on your computer or smartphone. Any website that accepts this kind of authentication will then be able to utilize the app. Once signed in using your preferred username and password, you’ll be prompted to enter the code displayed on the app. The software token usually has a validity period of less than a minute. Additionally, software tokens eliminate the possibility of hacker eavesdropping because the code is generated and presented on the same device.
Why should you use 2FA?
A recent study (http://www.verizonenterprise.com/verizon-insights-lab/dbir/2017/) found that weak, repeated, and stolen passwords significantly contribute to security breaches. Unfortunately, for many businesses, passwords continue to be the primary (or only) method of user protection. The good news is that because cybercrime is receiving so much attention in the media, Two-factor Authentication awareness is expanding quickly, and customers are demanding better protection from the businesses they do business with.
Related: Fraud Prevention
At DPO, we highly recommend that everybody should have two-factor authentication enabled for all their personal and business accounts, not just for the DPO Portal.