Vip access app for mac8/29/2023 ![]() If those cache and cookies aren’t there, and if the public IP and device MAC address changes, then require UN/PW/2FA/biometrics…i.e. Also use cache and cookies to store on the device app after a successful initial logon. To make a phone a Trusted Device, Fidelity needs to capture a device’s MAC address and public IP address. it has yet to be recognized as as a Trusted Device. If someone tried to login to the app from another device for the first time, Fidelity should be able to tell that it is a first time login attempt from that device i.e. Maybe require 2FA for sensitive activities on the app such as making a transaction and changing user profile information after a device is recognized as a Trusted Device. Just for initial app login and logging into USAA via a browser. It only frustrates customers.ĮDIT: I use the USAA app (for insurance and backing) and they use Norton’s Symantec VIP Access as well, but it isn’t required for each logon on their app. I work in cybersecurity (over 10 years now) and trust me, the current policy doesn’t enhance security. At that point, the only way they’d get access to my Fidelity account is if I were there for the biometrics. Think about it, what security threat is the current policy trying to mitigate? If someone where to break into my phone (either physically or remotely), requiring 2FA on top of biometric authentication makes no sense since they already have access to the VIP Access app in my phone. I don’t mind if I’m asked to re-authenticate with UN/PW/2FA every 90 days or so, but every login is ridiculous. After going through initial authentication, my phone should be tracked as a Trusted Device. Once I’ve completed the initial username/password/2FA, I shouldn’t need to switch apps to copy/paste the 2FA code for every login…again, from the same phone. The Fidelity app and Symantec VIP Access app are both on the same phone. Reasoning: Having users access the Fidelity app via biometrics and 2FA each time makes no sense. Enter this security code along with your password to add strong authentication to your favorite websites.Question: If I’ve already initially logged into the Fidelity app on my phone using my username, password, and 2FA via Symantec VIP Access, and then enabled biometric authentication, why do I need to provide the VIP Access code EACH time I need to access the app? Scan a QR Code at participating organizations such as Google, Facebook, Amazon, and more to generate a security code every 30 seconds to securely sign in. ![]() You can generate a security code even if you do not have a network or mobile connection. The strong authentication method you use depends on the method implemented by your participating organization. Note: Touch ID or Face ID authentication requires that your mobile device is Touch ID or Face ID capable and that you have registered a fingerprint or facial recognition authentication on the device.
0 Comments
Leave a Reply.AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |