New Activation Scheme for First-time Users
As announced during the 2019 Leadership Conference presentation (see slide 71), this project creates a new optional feature a CU can activate that will allow first-time users of It’s Me 247 online and mobile web banking to set up their credentials (“self enroll”) without the CU having to publish a standard formula for the member’s initial password.
CUs can choose to offer either one or both of these options:
1. Send an activation code via text message to a phone number already on file for the member, and/or
2. Send an activation code via email to an email address already on file for the member.
The member will click a new button and choose a delivery method they prefer (text or email, depending on what your credit union allows and what data is already on file for the member). This will prompt a temporary activation code to be sent and the member must enter the code within a defined expiration period (such as 10 minutes) before proceeding through the first-time login process, which will include setting up a new username (required), password, and security questions, along with other first-time user steps (accepting the use agreement, etc.).
Status: Implemented with the 19.10 release.
Expanded Options for Password Resets
The functionality described above is currently being used only for activating first-time users. However, we already have on our radar the idea for eventually incorporating this method into password resets as well. However, for the time being password resets still use same CU-defined formula (such as SSN digits or a combination of birth year, name, etc.) as currently in place.
Status as of November 2019: Still in the early design phases.
Multi-factor Authentication for Email/Personal Info Changes
Expanding on the first-time activation feature described above, this project would add similar capabilities for when members update personal information in It’s Me 247, including email address. This is in response to numerous requests from CUs specifically related to P2P fraud. The idea is to help reduce the chances of an unauthorized person changing a member’s email address and then immediately enrolling into P2P to transfer funds.
Since email addresses can be changed in many places within It’s Me 247, beyond the Personal Info Update feature, the first phase of the project is to alter how enrollments work not only bill pay and P2P enrollments, but also for eStatements, eAlerts, eNotices, and the like. In short, members who do not have an email address, or whose email address is wrong, will NOT be able to enroll without first changing their email address. For CUs who use the “reviewed” option to review incoming personal info change requests, this will now include email addresses as well.
Status as of February 2020: Project #52500 specs have been completed and the project is awaiting availability of programming resources.
After this project is completed, we will start a separate project to incorporate the multi-factor authentication (text/email) functionality into the personal info update process. Again, members who don’t have an email address or text-capable phone number already on file must first contact the CU to update their email address or text-capable phone number. This will be an optional feature credit unions can activate or not, as they wish.
Status as of November 2019: Still in the design phase.
Give us your feedback!
We’d love to hear from you on these projects. Use the form below to leave your comments.