Manage Two-Factor Authentication
Enable two-factor authentication for additional security.
Your customers require you to use two-factor authentication to access their data in the CSP.
To enable two-factor authentication, click the Security & Two-Factor Authentication link on the My Account page.
When you enable two-factor authentication, you can choose from the following options:
- For Payment Changes (Required for Changing Legal Entity or Remit-To): Two-factor authentication is required when creating or editing legal entities, remit-to, and bank account information.
- For Both Account Access (Login) and Payment Changes: Two-factor authentication is required when logging in to the CSP. You don't have to reauthenticate when working with financial data because you already authenticated when logging in.
Depending on how you want to receive the verification codes, select one of the following options and set your preference as the default:
- Via Authenticator App to use an authenticator app available from the app store on your mobile phone.
- Via Text Message to use a code sent by text message to your phone number.
If you want to receive text message (SMS) notifications or verification codes, you must enter and validate your phone number under My Account > Notification Preferences.
- For the text message, enter the verification code in the pop-up window.
After successful validation, you receive the verification code in a text message.
For installing and using Google Authenticator, follow the on-screen instructions.
- Download and install an authentication app from the Google Play store or the Apple app store.
Scan the QR code or copy the security key to use it as the CSP authentication code.
If you do not have a mobile phone, you can enable two-factor authentication only through an authenticator app by using a browser extension.
- Add the relevant extension to your browser:
- Add the authenticator to your browser.
- Scan the QR code or copy the security key from the CSP page to the authenticator extension.
To scan a QR code using a browser extension:
- Download the relevant extension and pin it to your browser.
- In the CSP, go to the Security & Two-Factor Authentication page and select Via Authenticator App. The Two-Factor Authentication App pop-up appears.
- Click the authenticator extension and then click the QR code icon.
- Select the QR code in the authenticator pop-up.
- On successful scanning, the CSP is added to the authenticator extension.
- Provide the code displayed on the authenticator extension by clicking the code and copy-pasting it into the CSP.
To copy the security key using a browser extension:
- In the CSP, go to the Security & Two-Factor Authentication page, and select Via Authenticator App. The Two-Factor Authentication App pop-up window appears.
- Click the Click to copy Security Key link.
- Open the authenticator extension.
- Click Manual Entry in the appearing pop-up window, enter the issuer name, and paste the secret (security key).
- Click OK and copy-paste the code into the CSP.
Print your backup codes or email them to yourself before you click OK. If you ever lose your device, you need these to regain access to your CSP account.
You can only use a recovery code once, so refresh your list if you have to use a recovery code. Go to Account Settings > Security & Two-Factor Authentication and click Regenerate Recovery Codes to get a new list of codes.
When you enable two-factor authentication, you get an email notification of the change.