FAQ Yuki Pay - Authentication and Access control

Modified on Tue, 5 Aug at 1:20 PM

The following questions are answered below:

  • What methods are employed for user authentication and access control?
  • Is multi-factor authentication (MFA) implemented for added security?

  • Does Swan bind a phone/device to a user?


What methods are employed for user authentication and access control?

 User authentication is done via Swan Strong Customer Authentication system. To login the user must go through our two-factor authentication process systematically. Access control on the accounts is done via the account membership system. Only an account admin that went through a KYC verification can add another person to the account. Access control for our partners on the Swan tools is done via a set of permissions.


Is multi-factor authentication (MFA) implemented for added security?

 Yes as per regulation, Swan is obligated to do MFA. Our MFA system is done by coupling two elements from this list : a smartphone, a phone number, email address, a passcode, biometric data and the identity of the user.


We use a risk-based approach to decide which kind of factor the user can use to authenticate.


Does Swan bind a phone/device to a user?

Whenever a successful 2FA is executed, the device gets linked to a user login. It is possible to login on another device by using 2FA.


Was this article helpful?

That’s Great!

Thank you for your feedback

Sorry! We couldn't be helpful

Thank you for your feedback

Let us know how can we improve this article!

Select at least one of the reasons
CAPTCHA verification is required.

Feedback sent

We appreciate your effort and will try to fix the article