Thank you for visiting our Community Forum. For anything community-related please visit our SMB Network (https://www.payoneer.com/community/) or Resource Hub (https://www.payoneer.com/resources/). For support inquiries please visit http://paynr.co/ask.

Two factor with SMS is insecure, period!

caleb45
caleb45 Member Posts: 1
edited December 2020 in Ask The Community
I've got an email saying Payoneer will enforce two-factor authentication soon. That's fine, except it only offers receiving two-factor codes over insecure SMS.

That's long been known as insecure method, and Payoneer is just going to enforce using a flawed method. That's not an opinion, there are articles about it on the web such as this: https://www.cnet.com/how-to/do-you-use-sms-for-two-factor-authentication-heres-why-you-shouldnt/

Please be aware about "SIM swap" attacks and please offer using 2FA apps at least as an option.

Comments

  • ivan_savichev
    ivan_savichev Member Posts: 1
    edited November 2020
    Dear Payoneer,

    Please add support of 2FA with apps like Authy or Google Authenticator.

    SMS are not only insecure but hard to use if you are abroad in roaming and changing sim cards all the time.

    This is completely unacceptable in 2020 to enforce your users 2FA without this option.
This discussion has been closed.