HRA Settings

Mobicint Lesssons HRA Settings

This document outlines the configuration options for High Risk Authentication (HRA) within the Flex system, accessible via FTADMIN under “High Risk Settings/Multifactor.” HRA provides enhanced security for user logins and specific sensitive activities.

HRA Authentication Methods

FTADMIN offers a selection of methods for additional authentication:

  • Use Images: Users must select their pre-selected correct image from a displayed list of images.
  • Use Image Only: Displays a single image that the user chose during the enrollment process.
  • Use Captcha: Requires users to enter a distorted word and/or number displayed in a box. This method helps verify that a human, not a bot, is attempting to log in.
  • Use Captcha Verification: Users must enter a confirmation word that is not visible on the screen (i.e., not part of a captcha image).
  • Challenge Question: Users are prompted to enter the correct answer to a previously posed challenge question.
  • Email Auth Code: An authentication code is sent to the user’s registered email address, which they must then enter.
  • Secure Contact Enrollment: Allows users to register and verify a trusted email address for authentication purposes.

HRA Tiered Application

HRA options are applied in two tiers to provide flexible security:

  • Tier 1: Primarily used for login authentication.
  • Tier 2: Applied to certain activities, such as transfers, requiring an additional layer of security beyond login.

HRA Configuration Options

In addition to selecting authentication methods, the following configuration options are available:

  • Device Registration:
    • Allows users to register their device.
    • Enables users to bypass HRA challenges for future logins from that registered device.
  • Challenge Question Quantity:
    • Configures the number of challenge questions presented during user enrollment.
  • Invalid HRA Attempts:
    • Sets the maximum number of invalid HRA attempts allowed before further action (e.g., account lockout) is taken.
  • Case Sensitivity for Challenge Questions:
    • Determines whether the answers to challenge questions are case-sensitive.

Multi-Factor Authentication (MFA) Settings for Transfers

The system also provides specific MFA settings related to transfers:

  • Transfers and External Transfers Protection:
    • If MFA settings are enabled for transfers, both internal transfers and external transfers will be protected by MFA.
  • External Transfers Only Protection:
    • If MFA settings are enabled for external transfers, only external transfers will be protected.
  • Mutual Exclusivity:
    • It is important to note that MFA for “transfers” and “external transfers” cannot be enabled simultaneously. These settings are mutually exclusive.