Multi-Factor Authentication (MFA) Set-up

Multi-Factor Authentication (MFA) Set-up

About

ISO 27001 is the internationally recognised standard of managing information security in an organisation.  Our payroll software has been assessed and certified as meeting the requirements of ISO 27001 of our Information Security Management System (ISMS).  In this section, extra security measures that can be implemented in your payroll environment, are shared.

Multi-Factor Authentication (MFA) is a security system that requires more than one method of authentication from independent categories of credentials to verify an identity. Besides providing an e-mail address and password, MFA will provide a second method of authentication when logging onto the system.

Edition

This feature is available on Lite, Premier and Master.

Google Authenticator

Google Authenticator is a free MFA application that enables the user to use a time sensitive code to verify an identity.



An employee will need the following to use Google Authenticator:
  1. A smartphone
  2. Google Authenticator app installed from the smartphone’s app store

Enforcing MFA

A company can select MFA as a mandatory requirement for all employees.  Three options are available:
  1. Google Authenticator with e-mail fall back
  2. Google Authenticator with e-mail or SMS fall back
  3. SMS Authentication with e-mail fall back

Once one of the options above has been activated, a prompt to set-up MFA will appear when a user logs onto the system. Should the prompt be dismissed the first three times, the user will not be able to login without completing the set-up.  To enforce MFA, please contact our Support Centre to advise and assist.

E-mail and/or SMS fall back

Once set-up, should the user enter three incorrect One Time Pins (OTPs) obtained from Google Authenticator, the OTP will be e-mailed to the e-mail address or sent via SMS to the cell phone number confirmed during the set-up. If five incorrect attempts in total are made, the account will be locked. The account will have to be activated by the Company Level User.

Important Comment

Tip
By default, the ESS user can set-up Google Authenticator as an optional, using e-mail as fall back.


You may also be interested in


    • Related Articles

    • Single Sign On (SSO)

      About ISO 27001 is the internationally recognised standard of managing information security in an organisation.  Our PaySpace has been assessed and certified as meeting the requirements of ISO 27001 of our Information Security Management System ...
    • Is PaySpace ISO 27001 Certified?

      We are independently audited for our ISO27001 certification annually. We use a reputable 3rd party security specialist company for penetration testing. Please refer to our website for more detail. Click on the following link to access our ...
    • Classic | Pension and Provident Fund Set-up

      About A variety of Pension and Provident Funds are available to choose from on the Pension and Provident Setup Screen. You can select and configure the relevant funds according to the company’s requirements.  The Pension or Provident Fund needs to be ...
    • Classic | Group Life Policy and Disability Lumpsum Insurance Set-up

      About Employer-owned insurance policies,such as a Group Life Policy or Disability Lumpsum Insurance, where the company contributes on behalf of their employees, should be set-up as a Payroll Fund. The Group Life Policy or Disability Lumpsum Insurance ...
    • Classic | Medical Aid Scheme Set-up

      About A variety of Medical Aid Schemes are available to choose from on the Medical Aid Setup Screen. You can select and configure the relevant scheme according to the company’s requirements. The Medical Aid Scheme needs to be configured before the ...