1. What is Two-factor authentication (2FA)?
Two-factor authentication (2FA) is an extra layer of security used to ensure that people trying to access an online account are who they say they are.
To begin with, a user will enter their username and password as the first factor.
Then, instead of immediately gaining access, they will be required to provide an authentication code generated by the device they physically possess as the second factor.
With 2FA, a potential compromise of only one of these factors will not unlock the account so your account is more secure.
2. When will 2FA be mandatory^ for my login to Airwallex?
2FA setup will be required at your first login after your documents have been verified by us.
Once set up, the 2FA code will be required every time you log in.
^Mandatory for certain jurisdictions. Please contact your account manager or our customer support team if you want to enable 2FA for your account.
3. How to set up my 2FA?
You can set up your 2FA by following the instructions on the setup pages.
- If you are new to Airwallex, you can start the 2FA setup at your first login
- If you are an existing customer, you can set up your 2FA at Account settings > Security > Two-factor authentication > Add authenticator
4. Which authenticator should I use?
You can set up either an SMS or App based authenticator. The use of both authenticators is for free*.
For authentication apps, we recommend the following:
Both authenticator apps can be easily installed on your phone. Once set up, they are accessible even without an internet connection.
* Your carrier may charge for SMS messages or mobile data
5. What is the Recovery code?
In the event that you cannot receive text message code or access your authenticator app, you can use one of the 10 recovery codes for the 2FA verification. Each recovery code is valid for one-time use only.
The first 10 recovery codes will be generated once your 2FA is set up successfully. From here you can:
- Print your recovery codes and store them in a safe place
- Re-generate 10 new recovery codes in Account settings > Security > View codes > Generate new codes. This will deactivate your old codes.
6. Can I reset my own 2FA?
Yes, you can reset the 2FA by yourself if you have the existing 2FA handy, you can go to Account settings > Security > Authenticator > Reset.
7. Have trouble logging in with 2FA?
If you cannot use the SMS code or the authenticator app to log in, one of the 10 recovery codes can be used for the 2FA verification.
If you don't have your recovery codes, and you are an:
(i) Account Owner
(ii) Account User
Please ask your Account Owner to help you reset 2FA.
8. I am the Account Owner, how to reset other user's 2FA?
If you have verified the 2FA reset request from the Account User, you can go to Account settings > Users > Select the User > Reset. The user will be required to set up a new authenticator next time they log in before accessing the account.
9. Can I deactivate my 2FA or skip 2FA setup?
To ensure the high-level security on your account with us and to comply with the regulatory requirements, you are not able to deactivate or skip 2FA setup.