Arrow Icon

Advisor Site 2FA: Enrollment Update Coming June 13

Visit Heart of Advice

for expert insights on the most pressing topics financial professionals are facing today.

Learn More

On Tuesday, June 13, enrollment into 2-Factor Authentication (2FA) becomes required. Advisors, their support staff, and clients currently opting out of 2FA will be prompted to enroll on June 13.

But don’t worry – neither you nor your clients will be required enter a security PIN every time you log in.

Advisors who have not yet opted into Advisor Site 2FA will be automatically enrolled in our “Standard Security” option, which will typically only require a PIN upon your first login. Users will only be prompted for 2FA when their login is deemed high risk. This is the same security option that will be made available to your clients on June 13.

Click here, to learn more about how this update will impact your clients.

What is changing on June 13?

On June 13, advisors, their support staff and clients who have not yet enrolled in 2FA will be prompted to enroll, and will no longer have the option to skip. Users will have a choice between High Security (PIN every log in) and Standard Security (risk-based authentication). Those who have already enrolled will be transitioned from High Security – which requires a PIN upon each login – to Standard Security – which requires a PIN upon your first login, and if high risk activity is identified.

Why are we requiring all advisors and clients to enroll?

eMoney is truly looking out for our clients’ best interests in deploying this technology, as this is the type of risk-based authentication that large financial institutions leverage in order to protect their clients. We know that the greatest risk to you is the security of your data and your clients’ data. We strive to be at the forefront when it comes to a rapidly-changing security environment.

Rather than allowing advisors and clients the opportunity to opt-out, we are offering two levels of Security: Standard, which is adaptive and will only prompt for a PIN when a login exceeds a risk score threshold (which rarely occurs); or High which is available for those clients who place a premium on security and want to be prompted at each login.

What is the difference between “Standard Security” and “High Security”?

Standard Security uses adaptive risk-based scoring, which only requires users to enter their PIN when “at-risk activity” has been identified. Standard Security is offered to advisors (and your clients) by default, and typically only requires a PIN upon first login. It is only triggered again if our system detects a security threat. This option is best used for if you want enhanced security but prefer the convenience of avoiding a PIN each login. With the June 13 release, this option will become the default for advisors and clients.

High Security will require users to enter their PIN every time they log in. This option is recommended for people who prefer the highest level of security available.

How is “high risk activity” defined?

Standard Security uses risk-based authentication to create a user profile, and looks for unusual and suspicious login activity. Users who are accessing eMoney in a manner consistent with their typical behavior will rarely be prompted to enter a PIN. However, there are certain circumstances where users may inadvertently trigger our security system on their own.

For instance, if you log into your website for the first time from a new device, or attempt to log in while traveling outside the country may be required to enter your PIN.

If I’m already enrolled, how can I switch to High Security?

By default, you will be updated to the new Standard Security setting, which will only require a PIN upon first login and if “high risk” behavior is identified. Advisors who have previously enrolled in 2FA will be automatically switched from High Security to Standard Security. To your security settings to High Security, which will require a PIN upon each login, go to Settings -> Security.

Are international phone numbers supported?

With this update, international phone numbers are supported. Anyone with an international phone number must enter + and the country code before their phone number.

How should I position this update to my clients? 

It’s important to remind clients that these changes have been implemented to protect the security of their information. We know that the greatest risk to your clients, is the security of their data. We strive to be at the forefront when it comes to a rapidly-changing security environment.

For more help positioning these changes to your clients click here for the full blog post or, refer to our sample language below:


Questions about mandatory enrollment?  Call us at 888-362-8482 or send us an email.


Related Posts