What is Two-Factor Authentication (2FA)?
Two-factor authentication (2FA) is a method of authentication where, in addition to the username and password, a second factor is required to validate the login. This second factor can be an email, an SMS, or a one-time password (OTP).
The directive from the European Banking Authority mandates that all companies in the payment industry implement a two-factor authentication method to secure access to their interfaces. The use of 2FA has become common for accessing various digital platforms to prevent phishing and security risks.
Impact on Merchants
To connect to the Payxpert Backoffice, a new step is now required:
1. Possess a smartphone.
2. Install an OTP application on the smartphone.
3. Activate two-factor authentication during the first login.
4. Add the one-time code (OTP) at each login to the Backoffice.
What is an OTP Application?
An OTP application generates a 6-digit one-time password, valid for a short period (renewed every 30 seconds). These applications can be used for any site requiring two-factor authentication via a one-time password.
Examples of OTP applications:
PC:
- Browser extension "Authenticator" available for Chrome et Firefox.
Smartphone:
- Google Authenticator
- Microsoft Authenticator
- Aegis Authenticator
- One Auth
How Does It Work?
**Two-Factor Authentication via an OTP Application:**
1. Log in to the Backoffice with your username and password as usual.
2. Open your OTP application and add the code displayed on the login screen.
3. You are connected!
How to Register?
Step 1:
- Log in to the Backoffice and enter your username and password.
Step 2:
- Click on "Register."
Step 3:
- Open your OTP application and click on "add a 2FA token."
- You can scan the QR Code or enter the token directly.
Step 4:
- When the application generates the one-time code, add it to the "Register" page.
How to Authenticate?
Step 1:
- Log in to the Backoffice and enter your username and password.
Step 2:
- Open your OTP application to see the one-time code.
Step 3:
- Add the one-time code.