Introducing Hardware Two-Factor Authentication

Braintree has supported SMS and authenticator app two-factor authentication in the Control Panel since 2015. As part of our ongoing mission to keep your data secure, Braintree is pleased to announce that we now support hardware two-factor authentication (H2FA) in the Control Panel, providing a new way for merchants to help keep their accounts secure. In this blog post, we’ll outline how merchants can get started with H2FA.

Two-factor authentication is a crucial tool for helping protect merchants from unauthorized account access, typically by requiring a time-sensitive code during sign in. It is effective against various forms of phishing attacks, where malicious actors trick users into giving them login credentials. These threats are becoming increasingly sophisticated and are one of the most common causes of security breaches.1

Traditional two-factor authentication methods, like SMS codes and authenticator apps, offer protection against basic types of phishing attacks. However, the generated codes can be vulnerable to interception.

The protocol used by hardware tokens -- FIDO’s U2F in our case -- is designed to protect against malicious interception and is proven to be more effective than SMS codes and authenticator apps.2 All merchants are encouraged to enable H2FA to speed up the login process and increase protection against phishing.

The security key

H2FA security keys can have many forms, including thumbdrive-like plugins, fingerprint readers, browser-supported Android devices, and Touch Bar enabled Apple devices.

alt

When a user activates H2FA, the specific key used is linked to their user account. On subsequent logins, the user will be prompted to insert and activate their security key, which will then generate a secure code for authenticating the user. This fast, easy authentication method doesn’t require the user to open an app or check their phone for a text – just plug in your key and go!

Enabling H2FA in your account

alt

For instructions on how to use hardware 2FA and log in with your key, see our 2FA documentation.

Related resources

For more information about FIDO standards, check out The FIDO Alliance’s documentation and press release. If you’re interested in learning more about the effectiveness of H2FA against account takeover, read more in this 2019 study.

Questions?

To learn more about the support of hardware two-factor authentication, contact us.

***
Security Team Payment processing and data security go together like peanut butter and jelly. Our Security team takes vital steps to safeguard customers’ information and merchants’ peace of mind. More posts by this author

You Might Also Like

    Stay up to date – subscribe to our RSS feed