Multi-factor Authentication

Strengthening the security of your Affinity account

With two multi-factor authentication methods available, including Time-Based One-Time Password (TOTP), your online banking experience is now even more secure!

Multi-factor authentication combines the security of your password, along with a one-time verification code as a second factor to protect your account.

This extra layer of security will help verify it’s you when you sign in to online banking and the Affinity Mobile app. It’s an important security measure beyond your login information because it stops someone else from accessing your account, even if they had your password.

Ways to receive a code

Email

Text Message

Automated Phone Call

Setting up multi-factor authentication

Step 1

After signing in to your Affinity account with your password, you’ll be prompted to select one of three ways to receive a one-time verification code: email, text message or automated phone call.

Step 2

Next, choose the email or phone number where you’d like to receive the one-time verification code. The code will be valid for 10 minutes. If the code expires, you will have to request a new one.

Step 3

You’ll then be prompted to enter the verification code you received. That’s all it takes to complete multi-factor authentication!

During step three, it will default to "Don't ask me again on this device.” This means you won’t have to provide a one-time code every time you sign in to your trusted device.

Take it a step further with Time-Based One-Time Password (TOTP)

This enhanced multi-factor authentication method lets you use an authenticator app to generate one time codes directly on your mobile device, further protecting against potential fraud risks.

Benefits of TOTP:

Higher security and reduced fraud risk: Codes stay on your device and are never sent over cellular networks.
Faster, more convenient access: Get codes immediately, no worry of SMS or email delays.
Extra protection: Time-sensitive codes are generated locally for added safety.

Setting up TOTP

To get started with TOTP setup you’ll need to download the authenticator app of your choice on your mobile device. Some popular options include:

Microsoft Authenticator
Google Authenticator
Authy

After that, TOTP can be set up through online banking or Affinity Mobile.

Online banking:

Log in to online banking.
Select My Profile.
Select Authenticator App Management on the left menu.
Follow the prompts to complete setup.

Affinity Mobile:

Log in to Affinity Mobile.
Choose Menu > Settings > Security > Authenticator App Management
From there, follow the prompts to complete setup.

Frequently asked questions:

Expand all

If I use biometric login (fingerprint or face recognition) on the Affinity app, will I still need to set up multi-factor authentication?

No. You will not be prompted to enroll in multi-factor authentication on the Affinity Mobile app if you are already using biometric login such Touch ID or Face ID on an Apple device or Android biometrics.
I can’t authenticate my Affinity account when I try to set up multi-factor authentication. What should I do?

Unfortunately, we may not have your phone number or email on your profile to send you a one-time verification code or these methods may not be options to complete MFA. Please call us at 1.866.863.6237 and we’ll help you out.
Will I need to enter a one-time code every time I log in to online or mobile banking?

Mobile app
When you enroll in multi-factor authentication for the first time on the Affinity Mobile app, there will be a default option to "Don't ask me again on this device.” This way you won’t have to provide a one-time code each time you sign in to your trusted device you typically use to access your account. If you’re using a shared device, you can choose to not make this the default and then multi-factor authentication will be required for future logins on that device.
Online banking
When entering the one-time code during the multi-factor authentication process on your computer, there will be a default option to “Remember Device.” This way you won’t have to provide a one-time code each time you sign in to your trusted device. You can turn this option off if you are using a shared computer or prefer to do the multi-factor authentication process every time you log in. As well, if you clear your cookies on your web browser, you’ll have to do the multi-factor authentication process again the next time you sign in to online banking.
How do I see and manage which devices have been authorized for multi-factor authentication?

Mobile app
In the Affinity Mobile app, head to the “Menu” on the bottom navigation bar, next select “Settings” and scroll down to “Manage Authorized Devices.”
Online banking
In online banking on your desktop, you can view and manage authorized devices by heading to “My Profile” and then go to “Manage Devices.”
From here you will be able to see which devices and web browsers have completed multi-factor authentication for online and mobile banking. You can have as many authorized devices as you’d like. Here you also have the option to deauthorize multi-factor authentication for a certain device or web browser.
The one-time verification code I received came from an unfamiliar phone number. Is this normal?

Yes, the one-time verification code might come from a different area code, such as Northwest Territories.
I selected to receive a one-time verification code by email but haven’t received anything yet. What should I do?

If you haven’t received your requested email from Affinity with a one-time verification code, please make sure to check your junk email folder. Remember, the code will expire after 10 minutes. You could also try selecting an alternate delivery method such as text message or automated phone call to receive a code.
How is TOTP different from the MFA method I already use?

TOTP uses an authenticator app to generate one time codes directly on your mobile device, rather than other MFA options of using email, text or automated call verification.
Do I have to use an authenticator app, or can I stay with text/email codes?

No, TOTP is optional and available for an added measure of security.

Advice on protecting your information

Protect your Identity

Card Security

Interac eTransfer Security