Frictionless security is one of Narmi’s top priorities. But getting the balance between security and user experience is always the trickiest part of any financial institution’s digital banking platform. This month, we made a few additions to our multi-factor authentication process to ensure your financial institution is as protected from fraud as possible, without sacrificing user experience.
What is multi-factor authentication, and why is it important?
Multi-factor Authentication (MFA) is a security measure that requires users to present several pieces of information when logging into their account. It adds additional layers of security, beyond a username and password, to protect against hackers or fraudsters.
The three most common “factors” in MFA are:
Things you know (i.e. usernames and passwords, security questions)
Things you have (i.e. devices at which you can receive a code)
Things you are (i.e. biometrics like fingerprints or face scan)
A common misconception is that two “something-you-know” factors of authentication, like a password followed by a security question, means that you have effective MFA. But to have MFA work correctly, you need at least two different “factors” – like a password and a device, or a password and a fingerprint.
MFA is so critical in protecting against fraud because it ensures that even if a password gets compromised, it won’t be enough to give an intruder access.
Giving you more control over the multi-factor authentication process
Staff users will now be able to control the types of MFA devices that are acceptable for users to log-in to their accounts. Within institution settings, staff users will be able to select or unselect as many options as desired from the following authentication options:
📱 An Authenticator app, like Google Authenticator
☎️ Phone (text message or phone call)
If a device type gets deactivated, it will not affect users that already have that MFA device up within their account. They will essentially be “pre-authorized” to ensure a smooth user experience. Deactivating a device will, however, prevent the creation or addition of any new accounts using that deactivated device type.
Learn how to update your users' authentication options here.
Additionally, if MFA is required and a user does not have it enabled, the user will see a detailed error message explaining the issue and encouraging them to reach out to customer support.
Why does updating the MFA process matter to financial institutions?
👮♀️ Simply, MFA is effective at preventing fraud. Fraud is one of the biggest roadblocks to digital transformation, but it is avoidable. Narmi is very successful at eliminating fraud in the account opening process, but MFA ensures that fraudsters can't take advantage of your existing users.
🔐 You can choose the security measures that make the most sense for your institution. We know that financial institutions have different security policies. Some have policies in place that don’t allow for one device type (i.e. email or phone) in their MFA process, while others have policies that do. We’re here to give you control over what you think is best for your organization.
👩💻 MFA does not come at the expense of user experience. Many users are already familiar with MFA from other platforms, and the process has been designed to be as simple as possible. For those less familiar, we have been thoughtful in our design – from allowing those who already have deactivated device types enabled to retain their current MFA process, to detailed error messages, we want to make the user experience as seamless as possible.