Multi-Fator Authentication (MFA)?

What is Multi-Fator Authentication (MFA)

An authentication factor is a way of confirming your identity when you try to sign in to a service or website. The most used authentication factor is passwords. However, using passwords alone can put your accounts in risk if others capture the password.

In addition to passwords, there are other methods i.e. factors of authenticating your identity such as entering a temporary password known as One-Time Password (OTP) sent to your mobile phone, or scanning your fingerprint or face when login; using two or more of these methods is known as Multi-Factor Authentication (MFA).

In this page, we will explain Multi-Fator Authentication (MFA) and why securing your accounts and financial data is important.

 

 

Why Multi-Fator Authentication (MFA) is so useful

Compromised passwords are one of the most common ways criminals use to access your online accounts and use your identity. Multi-Fator Authentication (MFA) is one of the easiest ways to make it much harder for criminals to access your accounts since they still need the One-Time Password (OTP) sent to your phone or the code generated on your mobile phone to access your account in case they steal your password.

Conducting financial transactions based on usernames and passwords alone is insecure since users may follow some poor practices to manage their passwords. Users might struggle remembering their passwords, and many of them may reuse the same password across different platforms. Others may create passwords that lack complexity or share passwords with other people. In general, passwords as a sole factor for authentication have many flaws and expose your accounts and financial information to more risks.

 

 

How does Multi-Fator Authentication (MFA) work?

The three common kinds of authentication factors are:

• Something you know - Like a password or a PIN.
• Something you have - Like a smartphone or a hardware token
• Something you are - Like a fingerprint or facial recognition.

Using at least two of the three factors is called Multi-Fator Authentication (MFA). For example, When you enter your username and password to access iBank, then enter an OTP message sent over SMS to pay a bill, the entire process is called Multi-Fator Authentication (MFA) because you used your password (i.e., something you know). The OTP is sent to your phone (i.e., your phone is ‘something you have’) to complete the financial transaction. The same concept applies to other activities, such as registering your device or browser in the iBank service.

 

 

How iBank utilizes the Multi-Fator Authentication (MFA)

At INVESTBANK, we use advanced Multi-Fator Authentication (MFA) to secure the authentication process so you can enjoy our online service securely. To prevent criminals and scammers from accessing your accounts, we register your devices and browsers and link them to your account; each time you access your account, we verify the access comes from a trusted device. In case the device is not trusted yet, after you enter your username and password correctly and our service verifies them, we send a One-Time Password (OTP) to your registered phone number to complete the authentication process. The OTP is valid for a short time to prevent others from using the code later. Upon successful authentication using this Multi-Fator Authentication (MFA) scheme, we register your device or browser and add it to your trusted devices. Also, we use MFA to secure your transactions, such as adding a new beneficiary, resetting your password on iBank, using eFAWATEERcom service and many more.

For additional layer of security, the iBank application on your mobile device allows you to secure login to your accounts using your biometrics, such as finger print or face recognition.

Additionally, our corporate clients are using a token device to generate a one-time password to complete the authentication process, in addition to the username and password.

 

 

Security tips

To benefit from the Multi-Fator Authentication (MFA), we recommend following these few tips:

• Remember the golden rule: do not share sensitive information, including the One-Time Password (OTP), with others.
• Secure your mobile devices; enable biometric security on your devices, and be careful of the software you download online.

 

If you have more inquiries, please call our Contact Center.