In accordance with the new exchange circular on Implementation of Two Factor Authentication, it is mandatory to have 2 levels of Authentication going forward.
Two Levels of Authentication:
-
Knowledge Factors
# These include traditional security measures such as Passwords and PINs.
# These are already in place in the current system.
-
Possession Factors
# These involve additional security layers such as OTP, Authenticator Apps, and Security Tokens via Biometric Login.
# For web and desktop traders, TOTP (Time-Based One-Time Password) is introduced.
# For mobile apps, Biometric Login has been implemented as part of the possession factor.
What is TOTP?
TOTP (Time-Based One-Time Password) is a widely recognized and secure method of two-factor authentication (2FA) used to protect accounts by generating regularly changing, time-based passwords.
-
How It Works:
# TOTP generates unique, one-time tokens that are valid only for a short period (typically 30 seconds).
# These tokens are used in conjunction with a user’s password for added security.
# Users simply scan the QR code provided in the trading application using an authenticator app to activate the TOTP feature.
Why Use TOTP?
- Enhanced Security: Protects your accounts against hacking by requiring an additional password/token for login.
- User Convenience: Easy to use with minimal setup.
- Real-Time Authentication: The token changes regularly, making it difficult for attackers to compromise accounts.
Commonly Used Authenticator Apps:
Below are some of the most widely used TOTP authenticator apps:
Google Authenticator is available on Google Play Store
Microsoft Authenticator is available on the Google Play store
Authy is available on the Google Play store
