How to use two-factor authentication in TurnKey Lender

TurnKey Lender supports two-factor authentication to ensure a higher level of security for employees and borrowers using your lending platform. If two-factor authentication is enabled for the user, then by logging on to the TurnKey Lender and entering the correct password the user will be sent a one-off code (by SMS or directly to the log file in the 'trunk' project) which must be entered to log on to TurnKey Lender.

Configuring and using two-factor authentication

The use of two-factor authentication is enabled/disabled independently for Front-Office users (borrowers) and Back Office users (employees). Two-factor authentication can be enabled in the web.config file. Reach out to your TurnKey Lender account manager and we'll be happy to enable it for you. 

If two-factor authentication is enabled for Front-Office users, it applies only to newly created accounts. This feature can't be enabled for Front-Office users created before it was turned on.

Borrowers

  1. Back-office settings: In order to use two-factor authentication, SMS notifications have to be activated in Settings > IntegrationsSMS notifications

2. When a Borrower's creates their first Loan Application, the System automatically initiates the creation of a new customer account. 

3. When a user logs off from their customer profile, they will have to complete two-factor authentication in order to log back in. 

4. In order to log on to the account, the Borrow clicks on the Login button and enters their Login (email) and Password.

 

5. In the Verification code box, the user has to enter the code they received via SMS text and Click Submit to complete the login process.

Back-office users

When two-factor authentication is enabled for the Back Office users, an additional checkbox appears in the Back-Office user editing window. It allows for enabling/disabling this authentication for individual users. Also, a phone number field is added. The SMS will be delivered to the phone number entered for each user.