Next week, enrollment into 2-Factor Authentication (2FA) becomes required. Advisors, their support staff and clients currently opting out of 2FA will be prompted to enroll on June 13.
But don’t worry – neither you nor your clients will be required to enter a security PIN every time you log in.
Our “Standard Security” default uses a risk-based approach that intelligently monitors your and your clients log in activity, which will typically only require a PIN upon your first login.
With online security threats and large data breaches happening more often every year, it’s important to ensure your clients that their cutting-edge wealth management technology employs the highest security measures in order to safeguard their financial data.
Visit this page to learn more about mandatory enrollment in 2FA for advisors.
Why are we requiring all advisors and clients to enroll?
eMoney is truly looking out for our clients’ best interests in deploying this technology, as this is the type of risk-based authentication that large financial institutions leverage in order to protect their clients. We know that the greatest risk to you is the security of your data and your clients’ data. We strive to be at the forefront when it comes to a rapidly-changing security environment.
Rather than allowing advisors and clients the opportunity to opt-out, we are offering two levels of Security: Standard, which is adaptive and will only prompt for a PIN when a login exceeds a risk score threshold (which rarely occurs); or High which is available for those clients who place a premium on security and want to be prompted at each login.
What will my clients need to do if they have not yet opted-in?
On June 13, clients who have not yet enrolled in 2FA will be prompted to enroll, and will no longer have the option to skip. But that doesn’t necessarily mean they’ll need to enter their PIN every time they log in.
Our “Standard Security” option is used by default. Standard Security uses “Adaptive Authentication” – a risk-based approach that intelligently monitors your and your clients log in activity, which will typically only require a PIN upon your first login. Based on your past activity (previous logins, device profiles, country, time zone, etc.), Adaptive Authentication steps up security to require 2FA on your account only when it identifies high-risk activity.
Though the default security will be set to Standard at release, you can update this to High in your global advisor Settings.
Pro Tip: Your default setting determines which level of security your clients will start with, but they can change this at any time from inside their Client Website Settings.
How do clients enroll?
Clients who have currently opted out of 2FA will now be required to enroll. Enrolling in 2FA is simple. Here are the steps they’ll need to follow:
- Clients will simply log into their personal financial management site on or any time after June 13.
- They’ll then be prompted to enter their mobile phone number to receive a PIN code.
- Finally, they’ll need to enter that PIN code to be securely signed into their personal financial management site.
By default, your clients will only need to enter their PIN code once upon their first login. Once enrolled in 2FA, your clients can adjust their security level to High Security under Settings -> Security.
What is the difference between “Standard Security” and “High Security”?
Standard Security uses adaptive risk-based scoring, which only requires clients to enter their PIN when “at-risk activity” has been identified. This option is best used for clients who want enhanced security but prefer to only be prompted with an additional layer of security when our system detects a potential threat.
High Security will require clients to enter their PIN every time they log in. This option is recommended for clients who prefer the highest level of security available.
How is “at-risk activity” defined?
Standard Security uses risk-based step up authentication to look for unusual and suspicious login activity. Users who are accessing their personal financial management sites in a manner consistent with their typical behavior will rarely be prompted to enter a PIN. However, there are certain circumstances where users may inadvertently trigger our security system on their own.
For instance, a client who logs into their website for the first time from a new device, or attempts to log in while traveling outside the country may be required to enter their PIN.
Does anything change if my clients have already opted-in?
By default, your clients will be enrolled in Standard Security, which will only require a PIN upon their first login and if “high risk” behavior is identified. Clients who have previously enrolled in 2FA will be automatically switched from High Security to Standard Security. If a client is already enrolled in 2FA and wants to continue to use High Security their security settings must be updated.
- Advisors can set clients to “High Security” on the Advisor Site by clicking Manage Client Website and toggling to High under Security.
- Clients can change their security preferences in their Client Website under Settings -> Security
How are client security settings managed?
Clients can adjust their security level by clicking on Settings on the Client Site.
Advisors can manage the default security for new client websites in their global Settings. They also have the ability to approve one-time access or adjust the security level for their clients under Manage Client Website.
What if my clients have an international number?
With this update, international phone numbers are supported. Anyone with an international phone number must enter + and the country code before their phone number.
How should I position this update to my clients?
It’s important to remind clients that these changes have been implemented to protect the security of their information. We know that the greatest risk to your clients, is the security of their data. We strive to be at the forefront when it comes to a rapidly-changing security environment.
For more help positioning these changes to your clients, refer to our sample language below:
- Version for clients who are currently opted into 2FA
- Version for clients who have skipped enrollment
Questions about mandatory enrollment? Call us at 888-362-8482 or send us an email.