BillGO Exchange is committed to providing you with the fastest, simplest — and most secure — payments processing experience. As part of this effort, we want to share some best practices when it comes to setting up multi-factor authentication (MFA) for your BillGO Exchange account.
“When it comes to the security of BillGO, I don’t see any better method. Compared to other vendors, BillGO is by far the easiest – and the most secure.”
Area Supervior, Financial Services, national paint retailer
Require MFA for all BillGO Exchange users, not just administrators.
When setting up MFA, use a combination of factors to enhance security. We recommend the following 3 guidelines:
Something you know, like a password
Something you have, like a smartphone or hardware token
Something you are, like a fingerprint
Avoid using 2 factors that rely on the same type of information.
For example, DO NOT use the email address you selected for your initial authentication user ID as the email address from which to receive the required code for the multi-factor authentication.
Use unique user accounts and not shared (or distributed) accounts with unique multi-factor settings, such as individual phones, SMS, voice mail or third-party authenticators.
Remember: MFA means 1-to-1 account, not 1-to-many accounts.
Set up notifications and alerts with your identity provider (IDP) to drive to multiple sources (i.e., email, device, phone, etc.) when user account information has been modified, such as a password change.
Regularly monitor your IDP for authentication attempts and analyze any anomalies or suspicious activities.
Train and educate users to "See Something, Say Something."
If something doesn't seem right question it. In other words, be a human firewall!
