2-Factor Authentication

Many banks in Asia and large financial institutions in the US, like Charles Schwab, Fidelity Investments, E*Trade and others are now offering 2-factor authentication for their online services. These features require a user to use a USB token or receive an SMS message on their cellphone, in addition to entering their password. This requires users to both know something (password) and have something (registered cellphone or usb token), in order to gain access to their account. The benefit is that if your password is compromised, a physical item is still required for a theif to gain access to online banking. Implementing 2-factor authentication at BECU would greatly enhance member online security.
35 Comments
Adventurer

Thanks for adding 2FA, this was the first thing I was going to request when I signed up for the Member Idea Exchange.

Explorer

I'd love to see Google Authenticator as well. SMS can be hard to cut and paste on some phones.

Sightseer

Joined just to upvote this idea as well

Tourist

Hi @KristinA - great news on the SMS authentication. This is a great feature, and one I am thrilled to see have moved through the community. I would like to echo @grumpykitten and see if Google Authenticator can be considered for a future evolution of this technology. 

 

SMS two-factor is good. Having a stand-alone authentication app that doesn't rely on a message being sent is better. Is faster, generally more convenient, and a bit more secure than SMS. It also is nice for those of us that are already using for technologies like DropBox and Google to have a consolidated authenticaiton method that we can rely on.

 

Thanks for the rapid action to a great suggestion from the community.

Adventurer

I agree with @jammin320. An authenticator app can also be used without cell or data service, since the token used to generate the codes is local as opposed to the SMS 2FA being reliant on having a cell signal and the remote party generating and transmitting the code to your device.

Adventurer

@KristinA Any chance you could talk to the team about migrating to a Microsoft/Google Authenticator platform instead of SMS for the benefits listed above by both myself and  @jammin320?

BECU Employee

@EpikYummeh- Thanks for the question, let me see what I can find out about our platform approach. Cheers, KristinA 

BECU Employee

@EpikYummeh & @jammin320- Here's what I learned after checking in with our experts... We do have Multi-factor authentication on the horizon for the mobile app but no confirmed timeframe for delivery yet. We're working with auditors to understand what is required, and then we of course will factor in what members like you are asking for as we discuss how to best bring this to our membership. Thanks for hanging in there with us and making your voices heard. Cheers, KristinA 

Sightseer

Hello, any news on progress for this? I'm also very interested in ensuring that my account is more secure through multi-factor authentication.

BECU Employee

@aweb- Thanks for joining in the conversation! I'm checking in for any updates and will let you know as soon I hear back. To confirm you're curious about additional enhancements for mobile multi-factor authentication, correct? Cheers, KristinA