Set up MFA in Console
After you create an account, add another layer of security with multi-factor authentication (MFA).
You can log in to your Console account using only your username and password. But for additional security, we recommend that you set up multi-factor authentication.
With MFA, you need the following to access your account, as well as your credentials:
- something you have (like a one-time password or code)
- something you are (like your fingerprint or other biometric data)
Choose from two options to set up MFA with your TrueLayer Console account:
- an authenticator app, such as Google Authenticator
- a FIDO security key
MFA is required to refund payments in Console
In order for any users in your organisation to refund payments through Console, they need to authenticate through MFA. After this, they can issue refunds for 5 minutes.
Additionally, they must have the Owner, Admin or Payments Operator role.
Configure MFA for your Console account
The exact process to configure MFA varies based on which authenticator app or security key you use.
You can only configure MFA for the account you are currently signed into. You cannot set up MFA for other users' accounts.
To start configuring MFA for a Console account:
- Click the icon with your initials in the top-right corner of Console. Then, select User settings.
- Click Multi-factor authentication (MFA) then Configure MFA.
A new tab opens. - Select the MFA method you want to use: either Google Authenticator or similar or Security Key.
You can use fingerprint or facial recognition on iOS or Android as a security key.
See the sections below for more information about how to configure each method.
MFA app
If you select Google Authenticator or similar as your MFA method, the Secure your Account screen displays. To set it up:
- Open your authenticator app and scan the QR code that displays.
An entry for TrueLayer displays in your app. - In the Enter your one-time code field, enter the six-digit code from your authenticator app, then click Continue.
- A screen that contains a recovery code displays. Make a note of this code, select the checkbox confirming you have done so, then click Continue.
You can use the code if you ever need to sign in without your authenticator app. - A screen displays where you can optionally set up biometrics (fingerprint or facial recognition) for authentication. Select your preference.
A screen displays that confirms you've successfully configured MFA. You need to sign back in to continue using Console.
When you sign into Console after this, you are always prompted for your six-digit code from your authenticator app.
Security key
If you select Security Key as your MFA method, the Fido security key authentication screen displays. To set it up:
- Select Use key.
A browser dialog displays, which asks you to select either Use a phone or tablet or USB security key. - Select a method for your key and follow the instructions onscreen or on your device.
If successful, the Name your security key window displays. - Enter a name for your security key so you can identify it later, then click Next.
- In the Security key successful confirmation window, click Continue.
- A screen that contains a recovery code displays. Make a note of this code, select the checkbox confirming you have done so, then click Continue.
You can use the code if you ever need to sign in without your security key. - A screen displays where you can optionally set up biometrics (fingerprint or facial recognition) for authentication. Select your preference.
A screen displays that confirms that you've successfully configured MFA.
Remove MFA
If you have configured MFA for an account, you can disable it while signed into that account. You cannot remove MFA for other users' accounts.
To remove MFA for a Console account:
- Click the icon with your initials in the top right corner of Console. Then, select User settings.
- Click Multi-factor authentication (MFA).
Details about your MFA configuration display, such as the last sign in session and time, and if the recovery code has been used. - Click Remove MFA.
A loading indicator displays, after which MFA is removed for the account.
You can configure MFA again immediately after removing it.
Updated 4 months ago