Back

Two Factor Authentication (2FA) via email

August 07, 2024

Up until recently the 2FA feature within KYCP was only possible by either receiving an SMS or through the use of an authentication application (APP). This new feature allows a client to decide if they would like to also offer the option of 2FA via email.

This feature of 2FA in KYCP adds an extra layer of security for users who have access to login into the system. Due to the sensitive nature of the data residing in KYCP and also due to regulatory pressure, this feature of 2FA ensures that the users accessing the portal are legitimate.



There are two types of users that can access the portal namely, internal users of the organisation and all external parties (subjects) if the organisation is using the outreach modules. All external users (counterparties) will always require 2FA. This means that an external user will always need to either receive the one time code via an SMS that is sent to their personal mobile device or else by using the authenticator app on their mobile device to provide the code given. This is done following inputting the username and password within the Customer Outreach Tool. In the case of direct links sent to individuals, the system authenticates the user through the secure one time link sent via email and 2FA. This 2FA requirement is also enabled by default for all internal users. However, KYC Portal also provides the means of WHITELISTING IP addresses. This is done on IP addresses that are considered as safe (such as a dedicated IP range of an office or VPN). If an internal user is accessing KYCP from a whitelisted IP address the solution will only prompt for username and password (or SSO).

The above scenarios however proved to be a limitation with some clients who do not have (or collect) the personal mobile number of their customers. This would make the external (customer facing) modules unusable. This is what led to the introduction of the optional setting in KYCP. A client can now opt to set KYCP to accept 2FA via email. In this instance the code is sent to the user via a separate email generated automatically by KYCP.



Clicking on the above new button (if configured at KYCP level) would send the user the code to be able to proceed with login.

Whilst as a provider, we do not deem this email route as secure an option (of 2FA) as much as receiving a code on the personal mobile device (via APP or SMS), we proceeded with developing this feature due to the benefit it delivers to quite a lot of customers.

For more information, contact us directly on info@kycportal.com or schedule your live demo with us today. If you are an existing client and you would like more information about this feature, please contact our CRM Team.