Security
      Back to home
      1. Stax Knowledge Base
      2. Business Owners
      3. Security

      Stax Pay: Multi-Factor Authentication (MFA)

      Multi-Factor Authentication (MFA) or Two-Factor Authentication is the term used for requiring a user to verify their identity in two unique ways before they are granted access to a system. 

      MFA is automatically enabled for every user that has access to a Stax Pay account.  

      • The MFA feature is required for your security and is easy. MFA requires the user to enter a one-time verification code that will be delivered to their cell phone. 

      Multi-factor authentication provides an additional layer of security to help keep you and your customer’s data safe. If your account is compromised, your finances, customer details, and transaction information are at risk. 

      Using Multi-Factor Authentication 

      The following steps outline the MFA process.

      MFA Enrollment Flow

        1. Once you navigate to the Stax Pay login page, enter your Username and Password.

          Screenshot 2023-02-07 at 3.46.17 PM

        2. The Multi-Factor Authentication process will automatically occur and the user is prompted to provide a cell phone number to receive a 6-digit code by text message for validation.
          *User's cell phone number will be associated with the user's credentials and will not have to be provided for subsequent log-ins.
       

      3. The user will then enter the code and the system will login to complete the process.

      *If the user selects Remember this browser, they will no longer be prompted for the 6-digit verification code each time, until their browser's cookies expire or cleared manually. 

      NOTE: The first time a user encounters the Multi-Factor Authentication process, they will receive a recovery code, which needs to be recorded in a secure location. This code will allow the user to regain account access if the user cannot access the device. If the user does not have the recovery code, please contact Customer Support to reset the MFA functionality.

      Troubleshooting

      • If the user does not have access to their cell phone to obtain the 6-digit code, the user would click on “Use the recovery code” and enter the 24-digit unique recovery code provided during the initial MFA enablement. 
      • If the user does not have access to the recovery code, please contact a member of the Customer Support team to have MFA reset. The user will need to verify bank and deposit information. 
      • If you see a "The Credentials Has Expired" error notification, it is caused by the user's device clock is not set to your local time. You can use https://time.is/  to check the current time and the time difference between your device and the standard time.