MULTI-FACTOR AUTHENTICATION & HOW WE SECURE YOU
Multi-Factor Authentication (MFA) is a multi-step process that ensures that your Pearl Hawaii accounts are safe. Also, MFA verifies that you’re the only person that can access your account even if someone has your password. Additionally, Multi-factor Authentication is a method that requires the user to provide two or more verification methods to gain access. Rather than just asking for a username and password, MFA requires one or more additional verification. With MFA, the likelihood of a successful cyber-attack decreases.
If you log into PHFCUOnline or our mobile apps using a device that we do not recognize, our system will ask for you to take additional steps. In addition to entering your password, we will also ask you to enter a security code that you can choose to receive via email or text message. Once authenticating your account, you will only need to authenticate your account if you erase the device’s history, use a different browser, or change your password.
BEST PRACTICES FOR KEEPING YOUR ACCOUNTS SAFE ONLINE
One of the keys to multifactor authentication is having accurate contact information for you on file so you can authenticate your login. If we don’t have your correct phone number or email, you may not be able to log in to online or mobile banking.
In addition to the protections Pearl Hawaii has in place, we encourage you to use these best practices to help keep your accounts safe online:
- Change your passwords frequently
- Monitor your accounts regularly
- Authorize account alerts
- Keep your apps and devices up-to-date with the most recent system updates
- Run anti-virus software
- Turn on your firewall
- Avoid unsecured wireless access points
- Avoid clicking on links in unsolicited emails
WHAT IS MULTI-FACTOR AUTHENTICATION?
Multi-Factor Authentication is a system to verify that someone is who they say they are. Typically, there are three methods.
- know (username, password, security questions, one-time password, or a code)
- have (Codes sent to you via text or email, Calls to your mobile device, Software certificates)
- you are (facial recognition, fingerprint, voice recognition, iris scanning, or some other biometric verification).
If only two factors are present, it’s called two-factor authentication (2FA). For example, you enter your debit card at an ATM. You need to enter something you have (the debit card) and something you know (your PIN). Often, MFA is used interchangeably with two-factor authentication (2FA). 2FA is basically a subset of MFA.
Additionally, another example is when entering your username and password on PHFCUOnline or with our app. We will then ask you for a second verification, like a code to your cell via text, which you need to use to gain access.
MFA can also involve location scanning. If you are in Hawaii and there is a log-in attempt or your cards are used from another country or state, you could be on vacation or you could be the victim of a hacking attempt.
Have you ever been asked to enter your zip code when you buy gas? That would be an example of an older type of MFA.
BENEFITS OF MULTI-FACTOR AUTHENTICATION
Multi-Factor Authentication adds another layer of security. If just one of these methods has been compromised by a hacker or if you enter the wrong password in succession, then you won’t gain access to your accounts… and neither will they. As a result, you can simply change your password and start over.
Some people like to use the same password for everything. Unfortunately, this means that if a hacker gets access to one account, they can access all of your accounts. Multi-Factor Authentication is one the most effective ways to protect both cloud-based data and online information.
SAFEGUARD YOUR ACCOUNTS
Overall, the goal is to make it much more difficult for hackers and scammers to gain access to your accounts. It’s not possible to prevent all cybercrime, but you can make it much more difficult for criminals to hack into your account by using multi-factor authentication. You can also use strong passwords and change them every three months.
- To learn more about identity theft fraud safety visit ID Theft Center.
- If you think you’ve been a victim of identity theft, contact the Federal Trade Commission (FTC) at 877-IDTHEFT (438-4338) or visit the Federal Trade Commission’s site to learn more.
- If you believe your Social Security Number is being used fraudulently contact the Social Security Administration at (800) 772-1213.
- It’s a good idea to get a copy of your credit report each year from each credit-reporting agency. You can get a free credit report yearly from the Annual Credit Report website at annualcreditreport.com or by calling 1-877-322-8228 where you will go through a simple verification process over the phone. It is important that you obtain and review a copy of your credit report once a year to make sure your information is accurate.
- For financial literacy, check out Upgrade| our blog or our financial education page.
- To file a complaint about a suspected fraudulent email, contact the Federal Bureau of Investigation’s Internet Crime Complaint Center at www.ic3.gov.
- Consumer Finance Protection Bureau