The following questions are answered below:
- What methods are employed for user authentication and access control?
Is multi-factor authentication (MFA) implemented for added security?
Does Swan bind a phone/device to a user?
What methods are employed for user authentication and access control?
User authentication is done via Swan Strong Customer Authentication system. To login the user must go through our two-factor authentication process systematically. Access control on the accounts is done via the account membership system. Only an account admin that went through a KYC verification can add another person to the account. Access control for our partners on the Swan tools is done via a set of permissions.
Is multi-factor authentication (MFA) implemented for added security?
Yes as per regulation, Swan is obligated to do MFA. Our MFA system is done by coupling two elements from this list : a smartphone, a phone number, email address, a passcode, biometric data and the identity of the user.
We use a risk-based approach to decide which kind of factor the user can use to authenticate.
Does Swan bind a phone/device to a user?
Whenever a successful 2FA is executed, the device gets linked to a user login. It is possible to login on another device by using 2FA.
Was this article helpful?
That’s Great!
Thank you for your feedback
Sorry! We couldn't be helpful
Thank you for your feedback
Feedback sent
We appreciate your effort and will try to fix the article