Quick answer Multi-factor authentication (MFA) is a type of authentication that requires more than a user name and password combination and is usually applied when logging into an online account where high-value or high-risk transactions can be processed. It means multiple forms of authentication are required. This could be in the form of a code sent to your mobile, a code generated by an app on your phone, or through the use of biometrics, like the use of fingerprint or face authentication.

    Multi-factor authentication provides additional layers to protect you from online crime when using your amaysim service.

    To protect our customers from unauthorised high-risk customer interactions, we're introducing identity authentication processes to authenticate the identity of a requesting person, prior to the undertaking of a high-risk customer transaction. We may ask that you complete additional authentication processes for various transactions as you interact with us and our services.

    What are high-risk customer transactions?

    These are transactions that may include:

    • you losing access to your telecommunications service
    • changes to your payment information
    • adding or removing an authorised representative
    • disclosing your personal information
    • the addition of certain charges

    We're expected to use passwords for most of our online accounts, but they cause friction and slow down the way we interact with online services. Unfortunately, while we all know we shouldn't use weak passwords, stronger passwords can be more time-consuming to type and harder to remember. Similarly, some of us re-use passwords across multiple online providers, which means that where a data breach occurs with one online provider, you can be quickly placed at risk of an account take-over with other online providers.

    This is why multi-factor authentication (MFA), can be an effective measure to prevent someone armed with your passwords from getting access to your online accounts.

    We recognise that your telecommunications service is central to how other organisations authenticate you, so we might ask you to complete MFA before certain high-risk transactions can be performed with us. This means we may prompt you to request an MFA code via SMS or email or approve a request using biometrics. Our contact centre staff may also ask you to complete MFA where a high-risk interaction is initiated over the phone, or via live chat. Unfortunately, we may not be able to assist you with some high-risk transactions as we may have in the past where MFA has not been completed.

    You don't need to do anything right now, we'll automatically prompt you with an MFA request when you attempt to perform certain high-risk transactions with us. We may also prompt you to set up in-app biometrics if you've enabled it on your device and attempt to perform a high-risk transaction using the latest version of the amaysim app.

    If your device supports biometrics, we recommend enabling it to ensure a seamless interaction with amaysim the next time you perform certain high-risk transactions with us.

    If you suspect that your amaysim telecommunications service or account has been subject to fraud, you should immediately report that activity to us as well as your financial service provider.

    Unfortunately, no security feature is perfect, and criminals are always looking at new ways to gain access to other people's services and online accounts. We do know however that the advantages of MFA outweigh any potential risks, which makes it considerably more secure than a password alone.

    If you'd like to find out more about MFA, feel free to check out the ACSC's MFA page.