Guides
Start typing to search…

What is Strong Authentication?

Since January 2018, European regulations have mandated Payment Service Providers to implement Strong Customer Authentication (SCA) to strengthen the security of their customers' accounts and reduce the risk of fraud.

What is Strong Customer Authentication (SCA)?

SCA is a security measure that reinforces the protection of your account by using two steps to verify your identity: Your account is first secured by entering your password. Then, on top of that, a 6 digits Time-based One Time Password (TOTP) generated by your authentication application is used to confirm your identity and unlock access to your account.

How does Strong Customer Authentication work?

To enable Strong Customer Authentication through an application, you will need 2 components:

  1. Your password (which you will normally already have set up at this stage)
  2. Your phone with an authentication application installed (such as Google Authenticator)

Through your authentication application, you can either view existing Time-based One Time Password (TOTP) (if you already set up strong authentication for other services) or choose to set up a new TOTP. To set up a new TOTP, you will typically need to scan a QR code or copy a setup key provided by the service where you want to secure your account access.

💡 Unlike a common password, your TOTP is unique for each use, thereby enhancing the security of your account.

Why is Strong Customer Authentication preferable to other security methods?

Strong Customer Authentication can take various forms, for example, two-step validation via SMS (receiving a unique code on your phone). However, this method is not as secure as using an authentication application to generate Time-based One Time Password (TOTP) because malicious hackers could intercept your two-step validation SMS, which is not possible with an authentication application. This is why at Fipto, we have chosen to secure your account through TOTP.

How to set up your Strong Customer Authentication?

Strong Customer Authentication (SCA) is a security measure that enhances the protection of your account by using two steps to verify your identity. To learn more about this, you can refer to the dedicated FAQ section "What is Strong Authentication?".

Setting up Strong Customer Authentication for my Fipto account Before getting started To enable Strong Customer Authentication (SCA), you will need 2 components:

  1. Your Fipto password (which you already set up)
  2. Your phone with an authentication application installed (if you don't have one, you can download Google Authenticator for free)

Strong Authentication Configuration

Once your authentication application is installed, you can configure SCA for your Fipto account by following the steps below:

  1. Scan the QR code displayed on your Fipto login screen with your phone, or copy the configuration key and paste it into your authentication application.
  2. Open your authentication application and retrieve your 6-digit Time-based One Time Password (TOTP). Then type it into the Code field of your Fipto application (login screen).
  3. Click Confirm on the Fipto login screen.

Connect to Fipto once your Strong Customer Authentication is set up

  1. Open the Fipto app by clicking on Login (top right) from the fipto.com website (or follow this link).
  2. Enter your email (used as your Fipto login) along with your password and click Sign in.
  3. Retrieve your Fipto Time-based One Time Password (TOTP) from your authentication application and type it into the Code field on Fipto. Then, click Confirm to access your account.

Updated 1 day ago