What is DPX Multi-Factor Authentication?
Multi-factor Authentication (MFA) is the method of confirming a user’s identity and granting access to the DPX platform only after you successfully provide two or more authentication factors verifying your identity. For DPX, once MFA is enabled, normally you will only enter only a password to gain access to the DPX website. There will still be times, however, that you are required to enter a second authentication factor based on Deluxe reauthentication policies.
Why is DPX requiring MFA?
Protecting customer data, and building and retaining trust, is a top priority for the Deluxe Payment Exchange (DPX). Adding the Multi-factor Authentication layer to our existing DPX security controls enhances the security of our system and ensures the security of your DPX experience.
How do I set up MFA for my DPX account?
DPX will walk you through the process of setting up MFA. You start by selecting from the list of MFA options below.
Details for each MFA Factor Type
MFA Factor Type |
Information required for |
App* Download required? |
Required input into DPX |
Okta Verify-OTP Code |
Download Okta App |
YES |
Open the Okta app on your mobile device to generate a 6-digit TOTP (code). Enter this code into the DPX application. |
Okta Verify-Push |
Download Okta App |
YES |
The Okta Verify Authentication challenge screen appears. Confirm your identify by sending a push notification to your mobile device and accepting the challenge. |
Google Authenticator |
Download Google Authenticator App |
YES |
Open the Google Authenticator app on your mobile device to generate a 6-digit TOTP (code). Enter this code into the application. |
SMS |
Cell phone number |
NO |
Authenticate by entering a security token that is sent to your mobile device. |
Voice Call |
Cell phone or land line number |
NO |
Enter a security token into the app that is generated, then sent to you via a phone call from a mobile device or land line phone. |
*This is an external app; if you select this option, you will be prompted to download the app from the Android or Apple app store based on your mobile device’s operating system.
What if I can’t scan the QR code for the Google or Okta Verify?
If you can't scan QR codes with your device, you can set up Okta Verify by using an activation link sent to your email or short message service (SMS) app on your device. You can also activate Okta Verify by using a secret key. The DPX system will walk you through this process.
MFA Common Questions
What happens if I lose my phone or need to get a new device?
The user should call DPX Product Customer support, who will reset their MFA.
Can I Opt-out of MFA?
Customers do not have the option to opt-out of MFA because it is considered a critical DPX security control.
Will my MFA code expire?
MFA codes will expire. You will always have the option to send yourself a new MFA code
- The SMS code is valid for 5 minutes
- The Okta Verify code changes every 30 seconds
- The Google Authenticator code changes every 30 seconds
- The voice call authentication code is valid for 5 minutes
Are there any invalid cell phone types, for example burner phones?
There are no restrictions on the type of cell phone used by the customer
Will DPX sell the phone number or email I entered for MFA?
No, DPX does not sell any customer information.
Can I enter an international number for MFA registration or code input?
SMS Multifactor Authentication is only valid for customers with US or Canada phone numbers.
Security
Is my information secure?
Yes, your information is secure. DPX offers multifactor authentication, meaning there are multiple steps someone has to take before accessing your information. That authentication is also flexible -‐-‐ meaning you’ll use a traditional password and you can also choose your second authentication to be either a text message pin number, a 6-‐digit soft token or a security question.
Can I be confident my password is safe?
Yes -‐-‐ nobody has access or visibility into your password data.
Comments
0 comments
Article is closed for comments.