SEBI Circular about 2-factor authentication
According to a circular that came into force on 30th September, 2022, depository participants were compelled to ask their users to fill in a 2-factor authentication system for logging into their online platforms each time they want to open their app. However, Angel One has found a solution to simplify the login process for users by introducing the 30 days OTP validity feature.
Understanding the value of the 30 days OTP validity
Under the current system of login, an Angel One app user will have to first enter his/her phone number or Client ID (mobile number in case of our app’s new version ‘Angel Spark’ and Client ID in case of ‘Angel One’ i.e. the older version) after which he/she will receive an OTP or One Time Password (which can be auto-filled from the messages).
Once the OTP is entered, the user will be asked to enter the MPIN. Finally, once the MPIN is entered, the user will have successfully logged in to the Angel one trading platform. In case the user enables biometric authentication, the MPIN will not be required and the biometric authentication can be used in its place.This is the current 2-factor authentication system (the first factor being the OTP and the second factor being the MPIN or biometrics).
Apart from the current system, users can also avail of their own device’s screen lock (PIN/Password/Pattern) as an alternative to entering OTPs to login into the Angel One app. The screen lock offers a secure authentication process and requires minimal time to unlock the app – making it a much simpler way to access your account.
However, the 30 day OTP validity ensures that once the above process has been concluded, the user will not be asked to enter any further OTPs while opening the app for the next 30 days – only entering the MPIN or biometrics will be sufficient each time (making it practically a one-factor authentication for the next 30 days). This will significantly reduce the hassle of the trader – especially if they need to log into the account multiple times during the trading hours and beyond.
Note: This new flow (addition of screen lock as an alternative to OTPs) is being used only for “Android” devices. In iOS devices, there will be no change in the flow.
What is 2-factor authentication (2-FA)?
The 2FA or 2-factor authentication is a system that requires the depository participant to offer any two of the following three types of authentication mechanism to users for logging in to their online account-
- Knowledge factor (i.e. something that only the user knows) e.g. PIN, password etc.
- Possession factor (i.e. something that only the user has) e.g. OTP, security token, authenticator apps on smartphones etc.
- Biometrics (i.e. biological identity markers of the person) e.g. fingerprint, face id, pattern, etc.
Note: The combination of OTP and an authentication app or a combination of fingerprint and face ID cannot be considered a valid 2FA as authentication from two different classes of mechanisms is necessary to comply with the 2FA requirement.
The security of our users as well as their comfort are always a top priority for us – hence Angel One has come up with the aforementioned innovation that allows both the safety and the seamless trading experience of the users to be preserved.
How to stay safe from cyberfraud?
While the 2FA allows safety and privacy of the trader on the Angel One app, there are other avenues by which a trader’s electronic devices and trading platforms can be hacked. It is important to us that our users stay protected from cyber fraud both inside the Angel platform as well as outside it. Over the years, our observations of cyberfraud activities in the financial industry has led us to infer that cyberfraud usually happens under the following circumstances –
- Users willingly sharing their login credentials with scamsters offering to trade on their behalf
- Users unknowingly share their credentials on a phishing website or via social engineering.
- A weak email address security allowing attackers access to the trading platform via email.
In order to keep your account safe, you can take the following steps –
- Use long, complex and unique passwords
- Never share your account credentials with anyone
- Avoid those who offer to trade on your behalf and give high returns
- Avoid suspicious websites and links – definitely avoid entering any credentials of accounts or email on such websites.
Angel One always strives to bring the highest standards of innovations and trading experience to its users. Join us now by setting up your demat account with us in a matter of minutes and log in securely through our 2FA to trade. Stay safe & Keep investing!