Skip Navigation
Close
KCB Mobile App and Internet "e-banking" system upgrade

These new systems will be effective August 5, 2020 ...Learn More

FAQ - Enhanced Login Security for Mobile Banking Image

FAQ - Enhanced Login Security for Mobile Banking

Q: How is it really multifactor authentication if the passcode is sent to the same device?

A: Multi-factor authentication gets its name because there are multiple methods of authentication, to further reduce the risk of fraudulent attacks, both remote hacking attempts and tablet theft. The second factor of authentication that we are adding to mobile further reduces the risk of remote fraudulent attacks, because the tablet is "something the user has" and the login has to be verified with the specific tablet that is tied to the user's account with the tablet in the user's hand at time of login. If a tablet is stolen and the thief attempts to log in, then the attack is no longer remote. At this point the thief still must initially get past the username and password. The "something the user knows" factor (username and password through the app) is one channel of communication & authentication, while the "something the user has" factor (passcode through SMS or Voice) is another channel of communication & authentication. Thus, multiple channels mitigate the risk of malicious remote and local attacks.

Additionally, remember, you can use a different phone number than your mobile phone number if you choose. Hence, you could enter your landline or office number to authenticate your mobile device to further reduce risk.

Q: Will I be able to change the phone number(s) that I registered to use for authentication?

A: You will be able to change your registered phone number(s) within Online Banking, but there are currently no settings that allow this to be done within Mobile/Tablet Apps. However, during first-time use of multi-factor authentication, you will be able to change the phone number(s) you use for authentication.

Q: What happens if my mobile device is stolen or lost?

A: Multi-factor authentication is built to protect against remote attacks, which are the majority of fraudulent attacks. If a cellphone/tablet is lost or stolen, you should do exactly what you do today: call your mobile carrier to report it and cancel service to the phone/tablet or do a remote lock or data wipe via another device. There is more information (contacts, email, other apps, etc.) on your phone/tablet that should be protected than one particular banking app. Keep in mind, that even if a phone/tablet is stolen or lost, the thief still needs to get past the username and password, hence multi-factor authentication. Similar to when a user loses their ATM card, then the fraudster must know their ATM PIN to move funds out.

Q: Do you mask the phone numbers in this feature?

A: Yes, the phone numbers are masked throughout all points of the authentication process.

Q: Will I have to authenticate each device that I use?

A: Yes, you will have to individually authenticate each device that uses the banking app. This allows us to provide additional security at each access point that is used to engage with the financial institution.

Q: Will I have to authenticate my devices every time I log in or only the first time?

A: You will only have to authenticate your devices the first time. Then, we will create a secure cookie that will be used to ensure that the same user on the same device makes each future login attempt. If you erase the cookie from a device from within the app, you will have to authenticate the device again.

Q: Can I opt to be challenged by MFA every time I log in if I want to?

A: Yes, even though this is not the default behavior of the app, if you prefer, you can go into the “More” section and turn the ‘Remember device’ toggle OFF to be challenged with MFA when you log in again.

Back to Top