Why use Two Factor Authentication?
Also known as MFA, 2FA or 2SA, Two Factor Authentication adds an extra layer of security to authenticate users when they log into Wise-Sync and Wise-Pay, by requiring that the user enter a verification code generated for their login.
Why this change is required?
The requirement for 2FA has been extended by our integration partners as a mandatory requirement for third party systems that provide access to sensitive company data. This mandate is in line with the Australian Software Business Association recommendations as adopted by our integration partners (Xero, Intuit). As such, the Australian Taxation Office (ATO) requires a minimum standard that all integration providers must meet as a minimum security requirement. This is further detailed in the Security Standard for Add-On Marketplaces. The recommendation specifically states that users that access company information via third party integrations must ensure that strong customer authentication is enabled (minimum two step authentication (2FA) or single sign on (SSO)) when logging in to any system that provides access to this information.
As a result of an integration security review, a requirement to ensure 2FA is enabled and required for all accounts that connect to an Australian based organisation be enforced by the 1st of October, 2020.
While Wise-Sync and Wise-Pay have provided 2FA as an option for account security for a number of years, we are at this time required to ensure that all accounts that log in are protected by 2FA as a minimum security standard.
To simplify this experience we will be launching a new ‘Email Verification’ step that provides simplified 2FA for accounts that have not yet configured an authenticator app. While this initiative will provide an added layer of security to all accounts; we do recommend that you consider simplifying your log in experience by configuring an authenticator app. Refer to our Knowledge Base on Configuring 2FA.
We recognise that this requirement will create further steps to access our platform; however we also recognise that 2FA is now a minimum standard to help protect your account from unauthorised access.