Logging in and other activities will soon gain an additional layer of security. What do you need to know about upcoming changes?
- As a result of the adopted PSD 2 Directive, we are introducing a strong customer authentication mechanism.
- It will change the way you log into your account at Conotoxia.com, authorise a payment transaction or carry out other important activities.
- Strong customer authentication means that we use two components to confirm your identity: login and password (same as before) and a one-time code sent to you by email or text message.
- Changes also apply to our mobile apps. If you use them, you will be asked to add your phone to the list of trusted devices before the changes described will happen.
- When will this happen? Soon we will implement the strong customer authentication when changing the phone number. Other activities will be covered by this mechanism no later than September 14th, 2019.
- What should you do now? Make sure that your email address in your profile is up to date and you have access to it.
Protecting your online transactions requires effective measures to prevent unauthorised access to your account. Therefore, the PSD 2 Directive introduces a strong customer authentication mechanism, also called two-factor authentication. It is aimed at ensuring a higher level of credibility and fraud resistance.
Strong customer authentication will be required by Conotoxia.com at least when the user performs the following actions:
- accessing the account (via the website or mobile apps) - user authentication,
- ordering a payment transaction - authorising the transaction,
- carrying out an activity that may involve a risk of abuse. It may be, i.e. editing personal data, changing the phone number or email address.
What will change?
While logging in into your account at Conotoxia.com, after entering your login and password, you will be asked to enter a one-time code sent by us by email or text message. This is a typical method of confirming the login to the account that meets the standards of strong customer authentication, as the authentication is based on the use of two elements categorised as knowledge factor (login data) and possession factor (one-time code).
Mobile app users will confirm their identity using the phone associated with their user account. While introducing two-factor authentication, customers who use our mobile apps will be asked to add their phones to the list of trusted devices.
When will the changes take place?
In the first stage, we will introduce strong customer authentication when changing the phone number. It can be edited in Your Profile/Settings. For mobile apps users, the first step of the new process will be to set their phone as a trusted device. Other activities such as registration and logging in into the portal, ordering payments, changing the amount or recipient of the transaction will be covered by the additional layer of security no later than September 14th, 2019.
What should you do now?
To continue using our services at Conotoxia.com web portal, after September 14th, 2019, make sure that your email address in your profile is up to date and you have access to it.
The legal basis for the introduced changes is the PSD 2 Directive adopted by the European Parliament and the Council of the European Union on November 25th, 2015. On June 20th, 2018, the Payment Services Act came into force in Poland, which adapts national law to EU regulations. Full text of the PSD2 directive can be found at https://eur-lex.europa.eu/eli/dir/2015/2366/oj?locale=en.
Read more about the strong customer authentication here https://conotoxia.com/about-us/security/strong-customer-authentication.