General | Multi-Factor Authentication (MFA) Setup

General | Multi-Factor Authentication (MFA) Setup

Overview

ISO 27001 is the internationally recognised standard of managing information security in an organisation.  Our payroll software has been assessed and certified as meeting the requirements of ISO 27001 of our Information Security Management System (ISMS).  In this section, extra security measures that can be implemented in your payroll environment, are shared.

Multi-Factor Authentication (MFA) is a security system that requires more than one method of authentication from independent categories of credentials to verify an identity. Besides providing an e-mail address and password, MFA will provide a second method of authentication when logging onto the system.

Edition

This feature is available on all PaySpace editions.

Google Authenticator

Google Authenticator is a free MFA application that enables the user to use a time sensitive code to verify an identity.










An employee will need the following to use Google Authenticator:
  1. A smartphone
  2. Google Authenticator app installed from the smartphone’s app store.

Enforcing MFA

A company can select MFA as a mandatory requirement for all employees.  Three options are available:
  1. Google Authenticator with e-mail fall back
  2. Google Authenticator with SMS fall back
  3. SMS Authentication with e-mail fall back
Once one of the options above has been activated, a prompt to set-up MFA will appear when a user logs onto the system. Should the prompt be dismissed the first three times, the user will not be able to login without completing the set-up.  To enforce MFA, please contact our Support Team to advise and assist.

E-mail or SMS fall back

Once set-up, should the user enter three incorrect One Time Pins (OTPs) obtained from Google Authenticator, the OTP will be e-mailed to the e-mail address or sent via SMS to the cell phone number confirmed during the set-up. If five incorrect attempts in total are made, the account will be locked. The account will have to be activated by the Company Level User.

Important Comment

Tip
By default, the ESS user can set-up Google Authenticator as an optional, using e-mail as fall back.

    • Related Articles

    • An employee level user got a new phone, how do they setup the Multifactor Authentication (MFA) on the new phone?

      This feature is available on all PaySpace editions. The employee will first need to log in to their profile, to request the Authentication code be sent by either email or SMS. Log in to PaySpace and opt for the option "Send Email" or "Send SMS" to ...
    • General | Single Sign On (SSO)

      Overview ISO 27001 is the internationally recognised standard of managing information security in an organisation. Our PaySpace has been assessed and certified as meeting the requirements of ISO 27001 of our Information Security Management System ...
    • Is PaySpace ISO 27001 certified?

      This applies to all PaySpace editions. Security is at the core of our business. Therefore, it is essential that we adopt a rigorous control regime to protect both our own information and, importantly, our clients' information. Security is a ...
    • How do I remove the Multifactor Authentication (MFA) setting on user profiles?

      This feature is available on all PaySpace editions The Multifactor Authentication (MFA) can only be removed on Bureau level. Contact support@payspace.com for further assistance.
    • Simply | Bi-directional Integration Setup

      Introduction Simply Financial Services (www.simply.co.za) has created a powerful integration with PaySpace whereby they automatically extract all employee details from PaySpace to make it easy for you to take out group risk cover and ensure your ...