About Two-Factor Authentication
To be compliant with the Payment Services Directive (PSD 2) in the European Economic Area (EEA), we have added strong customer authentication (SCA) to both account and payment booking. SCA upon means a security token or one time password (OTP) is needed in addition to existing user credentials to access our payment platform. This adds a second verification step. In addition, SCA is now also required when completing a payment or booking. A security token or OTP is required at the final step of booking the payment. These changes will take effect Monday September 16, 2019.
EEA Countries Requiring Security Token 2019
Åland Islands | Austria | Azores | Belgium |
Canary Islands | Croatia | Cyprus | Czech Republic |
Denmark | Estonia | Finland | France |
French Guiana | Germany | Gibraltar | Greece |
Guadeloupe | Guernsey | Hungary | Iceland |
Ireland | Isle of Man | Italy | Jersey |
Latvia | Liechtenstein | Lithuania | Luxembourg |
Madeira | Malta | Martinique | Mayotte |
Netherlands | Norway | Poland | Portugal |
Réunion | Romania | Saint Barthélemy | Saint Martin (Fr. part) |
Saint Pierre and Miquelon | Slovakia | Slovenia | Spain |
Sweden | United Kingdom |
NOTE: WU®EDGE - SCA for logon using Authy continues to be supported for all regions. However, the one-time token upon payment completion is currently not available for non-EEA countries.
NOTE: GlobalPay September 2019 - EEA customers will be upgraded to Authy, our new SCA vendor for both and order commit authentication. Once enabled for Authy, each user is given a choice of which authentication option they prefer. Non-EEA customers will have the Authy options available, but it is not mandatory.
NOTE: GlobalPay for FI and GlobalPay for Students On September 16, 2019 EEA customers will be upgraded to Authy, our new SCA vendor for both and order commit authentication. Once enabled for Authy, each user is given a choice of which authentication option they prefer. In the EEA, for Single Sign-ON (SSO) users, only two-factor authentication at order commit is mandatory. Non-EEA customers will have the Authy options available, but it is not mandatory.
To get your tokens, register with Authy. Registering is a one-time exercise. Subsequently, when you logon, the system will use your chosen delivery method to provide your security token. If you need to change methods, please contact your Account Representative.
The Authy application is a free download from either Google Play or the App Store. Use for each token is free regardless of device. Standard messaging for your provider would apply if using SMS.