Two Factor Authentication (2FA)

1. What is 2-factor authentication (2FA)?

  • Two Factor Authentication, also known as 2FA, is an extra layer of security that is known as "multi factor authentication" that requires not only a password and username but also something that only that user has on them, i.e. a piece of information only they should know or have immediately to hand - such as a physical token.
  • Using a username and password together with a piece of information that only the user knows makes it harder for potential intruders to gain access and steal that person's personal data or identity.

 

2. How to switch ON 2-factor authentication (2FA)?

  • In the 2-factor authentication tab click 'Enable', to open the tab and click 'Turn ON 2-factor authentication'. This will open the setup window.

  • From your device, scan the QR barcode displayed to you on the setup screen. You can also manually enter a key by clicking 'Manual key entry'.

  • Inside the setup window enter the code displayed by the Google Authenticator app. Your email address will be displayed below the 2FA code so you know it is the correct account.

  • Click 'Verify and save' button and you will navigate to the success screen.
  • 2FA Recovery Codes will be displayed to you. These are one-time use only 2FA codes. Please keep them in a safe place. If you lose your phone,  these 2FA codes can be used to login to your account and generate new ones.
  • Once 2-factor authentication is setup successfully, this enables additional security. With 2-factor authentication turned ON, you will be required to enter your 2-factor authentication code from Google Authenticator app during Login to MyAccount, Skrill mobile applications or Wallet Checkout.
  • You can only turn on 2-factor authentication through MyAccount.

 

3. Can not scan barcode while setting up 2-factor authentication?

  • If you are having trouble scanning the barcode, you can enter the code manually to successfully setup your device. Click the 'Can not scan the barcode?' link and follow the instructions.

  • In Google Authenticator, tap +
  • Key type: make sure 'Time-based' is selected
  • In 'Account' type your full email address.
  • In 'Key' type your secret key.
  • Tap Done

 

4. How you turn OFF 2-factor authentication

  • Log in to MyAccount, go to Settings tabs

  • In the 2-factor authentication tab click 'Disable' to open the tab and click 'Turn OFF 2-factor authentication'.

  • 2-factor authentication will be turned off and the 'Security Token Disabled' message will be displayed. You will no longer be required to enter an additional code on login.
  • You can only turn off 2-factor authentication through MyAccount.

  • When you have successfully turned OFF 2FA, now its time to clean up your Google Authenticator app and remove any old timed codes. 
  • To delete an old timed code, open your Google Authenticator app and click the modify pen button
  • You will then be presented with the delete button for each timed code you have setup.
  • Delete your timed code which has your email as the identifier. Keeping invalid codes in your Google Authenticator is not recommended as this will cause confusion if you have to setup your account multiple times.
  • Deleting the account from Google Authenticator will not turn OFF 2FA. You must login to MyAccount to turn OFF 2FA before you delete from GA.

 

5. Installing Google Authenticator app on your phone/device

 

6. Signing in using 2FA recovery codes

  • 2FA Recovery codes are generated when you setup your 2-factor authentication in MyAccount. These 2FA Recovery codes can be used on Login instead of generating 2FA codes from Google authenticator app from your device. Each 2FA Recovery codes has one-time validity. i.e it can be used only once.
  • 2FA Recovery codes are useful if your device is lost or stolen.

 

7. How do I generate more recovery codes?

  • To generate more 2FA Recovery codes, simply turn 2-factor authentication OFF, then back on again. When you set up 2-factor again you will be presented with the new set of 2FA Recovery codes. 
  • Any old codes will be invalid once new 2FA Recovery codes are generated.
  • Follow the steps in point 2 (How to switch ON 2-factor authentication)

 

8. Signing into MyAccount using 2-factor authentication

  • Navigate to https://account.skrill.com
  • Enter your username and password for your Skrill account
  • You will be presented with the security token window.
  • Open your Google Authenticator app on your device and enter the 2-factor code displayed to you into the Security token field.
  • This will allow you to login securely to MyAccount

 

9. Signing in with your iPhone, iPad or Android phone

  • Add a new login to your profile screen on the mobile for both iOS and Android
  • Login with your username and password. You will be prompted with the security token window.
  • Open your Google Authenticator app on your device and enter the 2-factor code displayed to you into the mobile app token field.
  • This will successfully log you in.
  • Note: the first transaction on the mobile app will require the entry of the security token also from Google Authenticator. Within your 15-minute session you do not need to enter the code for further transactions.

 

10. Signing in with Wallet Checkout

  • When using Wallet Checkout, you can login to pay with your Skrill balance
  • Login as normal with your username and password and you will be presented with the security token screen.
  • Open your Google Authenticator app on your device and enter the 2-factor code displayed to you into the Wallet Checkout token field.
  • This will successfully log you into your Skrill account on Wallet Checkout.

 

11. My Google Authenticator codes aren’t working (Android)

  • This might be because the time on your Google Authenticator app is not synced correctly.
  • To make sure that you have the correct time:
  • Go to the main menu on the Google Authenticator app
  • Click Settings
  • Click Time correction for codes
  • Click Sync now
  • On the next screen, the app will confirm that the time has been synced, and you should now be able to use your verification codes to sign in. The sync will only affect the internal time of your Google Authenticator app, and will not change your device’s Date & Time settings.

 

12. My phone was lost or stolen

  • We recommend that you change your password immediately via MyAccount. You can use your 2FA Recovery codes to gain access to your account. If you do not have access to your 2FA Recovery codes, you can request Customer Support to revoke your 2-factor authentication from your account

 

13. I deleted the account on Google Authenticator app, what should I do?

  • If you have deleted the account from your google authenticator app,  we recommend that you change your password immediately via MyAccount. You can use your 2FA Recovery codes to gain access to your account. If you do not have access to your 2FA Recovery codes, you can request Customer Support to revoke your 2-factor authentication from your account.

 

14. What happens if my internet connection is down?

  • Sorry, if your internet connection is not available you will not be able to login into MyAccount or the mobile apps.

 

15. I can't turn ON 2-factor authentication?

  • If you don't have the option to turn ON 2-factor authentication, its possible you have the hardware token enabled. You must disable the hardware token before you can turn ON 2-factor authentication software token. If you don't have the hardware token and still cannot enable 2-factor authentication please contact customer service.

 

16. Can I use hardware and software token at the same time?

  • No. You can only use one at a time. You must turn off hardware token before you can enable software token.

 

17.Do you support trusted devices?

  • Yes. When you login into MyAccount or Wallet Checkout with 2-factor authentication you will be presented with a checkbox for 'Trust this device'. Checking this box will add the browser to your trusted devices table inside Settings > Personal Info > 2-factor authentication

 

18. How many devices can I trust?

  • Maximum 5 devices (browsers or mobile devices). You can remove old devices to add new ones through the trusted devices table in Settings > Personal Info  > 2-factor authentication.

 

19. Why do I trust devices?

  • Trusting your device or browser will allow a hassle free secure login experience. Any devices not trusted will require customers to generate a 2-factor authentication code to login in.