Prague
Getting Started
Using the Dashboard
Multi-factor methods: an overview
Manage your policy's secondary authentication methods here.

Authentication methods & factors

Email factors

  • Passcodes via email: sends a one-time passcode.
  • Magic links via email: sends an expirable link.
Phone factors
  • Passcode via text message or voice call: sends a one-time passcode by default, or initiates a voice call per customer request. Customers can ask for a voice call in their authentication workflow.
  • Magic links via text message: sends an expirable link.

Factor restriction

At each method, select which factors can be used for secondary authentication.

Authenticator restriction checkboxes

Restrict customers to enroll only the email address(es) or phone number(s) as secondary authenticators that are already added to their account as an identifier or personal information.

Parameters

Passcode Lengths
Specify the character length of the one-time passcodes for both email and phone number based methods in this field.
Recommended minimum length: 6 characters (digits) by default. Maximum length: 8 characters.
Passcode Lifetimes
Specify the character length of the one-time passcodes for both email and phone number based methods in this field.
Recommended minimum length: 6 characters (digits) by default. Maximum length: 8 characters.
Magic Link Lifetime
Enter the liftime of Magic Links for both email and phone based methods.The lifetime of a Magic Link starts from the time the passcode has been sent out. Strivacity Fusion invalidates the Magic Link once its lifetime has been exceeded. In this case, customers will have to restart the login process.

Google Authenticator or other soft token authenticator apps

Enable the Google Authenticator or other soft token authenticator apps as a secondary authenticator option for your customers. Customers will receive their temporary one-time passcodes via the application.
Label Name
Help your customers identify which service to look for in their authenticator app.
Add a display name in this field that will appear above the soft token in the authenticator application.
If there is no Label Name added, the soft token label in the authenticator application will default to the brand name specified in the application's branding policy.
See Setup and Manage Customer Notification for further information on how to customize and brand the Adaptive MFA notification email and text messages.

MFA enrollment configuration

Enable or disable MFA methods, prompt your customers to enroll in an MFA method of their choice, or request them to enroll in multiple authentication methods.

Optional MFA

You can leave it up entirely to your customers to switch on MFA in their self-service accounts by leaving every enabled MFA method optional.
One multi-factor method always needs to be enabled for your adaptive MFA workflow.
Once enrolled, customers can manage factors for each enrolled authentication method in their self-service portal:
Your customer service can also enroll in any available authentication methods for your customers in Strivacity Fusion's Admin Console.
Make at least one optional method mandatory at next login or registration
When selected, your customers will be required to enroll in one of the optional authentication methods before continuing in their registration or login workflow.
This option is only available if there are no mandatory methods selected.

Mandatory MFA

Request your customers to enroll in the selected MFA methods at registration or login to enhance the security of their accounts.
If multiple MFA methods are mandatory, your customers will be required to enroll in each method at registration or on their next login in the following order: email authentication first, then phone authentication if mandatory, then soft token authentication if mandatory.
After successful enrollment for each mandatory method, customers will only be stepped up to one of the enrolled methods during future logins.