Two Factor Authentication

Endeavour 3DSecure supports Two Factor Authentication.

Two Factor Authentication (TFA) is a combination of something that you know with something that you have. From a practical point of view this involves the use a one-time use passwords (OTP) which are conveyed to the user via SMS or an application running on mobile phone or Chrome. Using OTP greatly reduces hacking risks and the need to remember complicated passwords which must be changed periodically.

As further protection, a password can be used – something that you know. Within the ACS, the card number can fill in the role of ‘something that you know’, to simplify the checkout process.

TFA can be prompted every time or Endeavour will detect a change of cookie or IP address and only prompt for TFA periodically or on detection of different ‘location’ parameters, further combined with other factors as part of a Risk Based Approach to 3DSecure Authentication.

Endeavour is making TFA available on both its MPI for accessing the management console, as well as the ACS for card holder authentication. Endeavour’s modular design allows for any number of 3rd Party TFA solutions to be used. Endeavour has launched TFA with Google Authenticator and Authy already supported.