Two Factor Authentication (2FA)

1. What is 2-factor authentication (2FA)?

The two Factor Authentication, also known as 2FA, is an extra layer of security that requires not only a password and email address but also something that only that user has on them, i.e. a 2FA code sent to their mobile device through a software security token.

Using an email address and password together with a 2FA code makes it harder for potential intruders to gain access and steal that person's personal data or identity.

 

2. How to switch ON 2-factor authentication (2FA)?

      1. In you Skrill account click on Settings and then on Security.

      2. In the 2-factor authentication tab click on MANAGE and then on TURN ON AUTHENTICATION. This will open the setup window.

* Click to enlarge the image

     3. Install the Google Authenticator app from Apple app store or Google Play store on your phone.

     4. Scan the QR barcode displayed to you on the setup screen. You can do this by clicking on the + in the upper right corner and then on Scan barcode on your device for IOS or by clicking on the + in the lower right corner and then on Scan a barcode for Android.

* Click to enlarge the image

      5. Enter the code displayed by the Google Authenticator app by clicking on Enter key.

      6. Click on Verify button in order to finalize the setup.

Once the 2-factor authentication activated, 2FA Recovery Codes will be displayed to you. These are one-time use 2FA codes. Please keep them in a safe place. If you lose your phone, these 2FA codes can be used to login to your account and generate new ones.

With 2-factor authentication turned ON, you will be required to enter your 2-factor authentication code from the Google Authenticator app during the Login into MyAccount, Skrill mobile applications or Wallet Checkout.

 

3. I cannot scan the barcode while setting up the 2-factor authentication. What should I do?

If you are having trouble scanning the barcode, you can enter the code manually to successfully setup your device. In order to do that, follow the steps bellow:

     1. Click on the Unable to scan the barcode? link.

* Click to enlarge the image

     2. In Google Authenticator, tap +.

     3. Key type: make sure 'Time-based' is selected.

     4. In 'Account' type your full email address.

     5. In 'Key' type your secret key.

     6. Tap Done/ADD.

  

4. I can't turn ON 2-factor authentication.    

If you don't have the option to turn ON 2-factor authentication, it’s possible that you have the hardware token enabled. * You must disable the hardware token before you can turn ON 2-factor authentication software token. If you don't have the hardware token and still cannot enable the 2-factor authentication, please contact Customer Support. To reach us, please click on the available contact channel below.

*Please note that hardware tokens have been discontinued.

 

5. Can I use hardware and software token at the same time?

No. You can only use one at a time. You must turn off hardware token * before you can enable software token.

*Please note that hardware tokens have been discontinued.
 

6. Signing into MyAccount using the 2-factor authentication.     

     1. Go to https://account.skrill.com.

     2. Enter your email and password for your Skrill account.

     3. You will then be presented with the 2-factor authentication window. Open your Google Authenticator app on your device and enter the 2-factor code displayed to you into the 2-factor authentication field. You can also choose to check the Trust this device field.

* Click to enlarge the image

Note: the first transaction on the mobile app will require the entry of the 2-factor authentication also from Google Authenticator. Within your 15-minute session you do not need to enter the code for further transactions.

 

7. What is trusted device and how do I use it?

The trusted device is an option allows a hassle free secure login experience. Any devices not trusted will require customers to generate a 2-factor authentication code to login in. When you login into MyAccount or Wallet Checkout with the 2-factor authentication you will be presented with a checkbox Trust this device. Checking this box will add the browser to your trusted devices list inside the 2-factor authentication section.

 

8. How many devices can I trust?

You can add up to 5 trusted devices (browsers or mobile devices). You can remove old devices to add new ones through the trusted devices list in the 2-factor authentication section by clicking on the trash icon next to the device.

* Click to enlarge the image

9. Signing in with Wallet Checkout.

When using Wallet Checkout, you can login to pay with your Skrill balance. In order to do that, follow the steps bellow:

     1. Login as normal with your email and password and you will be presented with the security token screen.

     2. Open your Google Authenticator app on your device and enter the 2-factor code displayed to you into the Wallet Checkout token field.

* Click to enlarge the image

     3. This will successfully log you into your Skrill account on Wallet Checkout.

 

10. Signing in using the 2FA recovery codes.       

The 2FA Recovery codes are generated when you setup your 2-factor authentication in MyAccount. Each 2FA Recovery code has one-time validity. i.e it can be used only once. We recommend you to note the codes and to keep it in a secret place. We DO NOT recommend you use the 2FA Recovery codes instead of the 2FA codes generated by the Google Authenticator app from your device.

The 2FA Recovery codes are useful if your device is lost or stolen. If this happen the 2FA Recovery codes can be used on Login instead of generating 2FA codes from the Google Authenticator app from your device. 

 

11. How do I generate more recovery codes?

To generate more 2FA Recovery codes, simply turn the 2-factor authentication off (point 2 How to switch ON 2-factor authentication), then back on again. When you set up the 2-factor authentication again you will be presented with the new set of 2FA Recovery codes.

Any old codes will be invalid once new 2FA Recovery codes are generated.

 

12. My Google Authenticator codes aren’t working. What should I do?

This might be because the time on your Google Authenticator app is not synced correctly. To make sure that you have the correct time, follow the steps bellow:

     1. Go to the main menu on the Google Authenticator app.*

     2. Click on Settings.

     3. Click on Time correction for codes.

     4. Click Sync now.

     5. On the next screen, the app will confirm that the time has been synced, and you should now be able to use your verification codes to sign in. The sync will only affect the internal time of your Google Authenticator app, and will not change your device’s Date & Time settings.

* TimeSync feature missing on the IOS version of Google Authenticator and IOS users should manually enter the time and zone on their device

 13. My phone was lost or stolen. What should I do?

We recommend that you change your password immediately via MyAccount. You can use your 2FA Recovery codes to gain access to your account. If you do not have access to your 2FA Recovery codes, you can request Customer Support to revoke your 2-factor authentication from your account. To reach us, please click on the available contact channel below.

 

14. I deleted the account on Google Authenticator app. What should I do?

If you have deleted the account from your Google Authenticator app, we recommend that you change your password immediately via MyAccount. You can use your 2FA Recovery codes to gain access to your account. Once this is done you should turn the 2-factor authentication off (point 16 How do I turn OFF the 2-factor authentication?).

If you do not have access to your 2FA Recovery codes, you can request Customer Support to revoke your 2-factor authentication from your account. To reach us, please click on the available contact channel below.

 

15. Do I need internet connection in order to use the 2-factor authentication?

Yes, if your internet connection is not available you will not be able to login into MyAccount or the mobile apps.

 

16. How do I turn OFF the 2-factor authentication?

     1. In your Skrill account click on Settings and then on Security.

     2. In the 2-factor authenticationtab click on MANAGE and then on TURN OFF AUTHENTICATION.

* Click to enlarge the image

      3. Once you have successfully turned OFF the 2FA, you need to clean up your Google Authenticator app and remove any old timed codes.    

      4. To delete an old timed code, open your Google Authenticator app and click on the modify pen button. You will then be presented with the delete button for each timed code you have setup. *

      5. Delete your timed code which has your email as the identifier. You can do this by clicking on the associated email and then on Delete and confirming the action for IOS or by clicking on the trash icon and then confirming the action for Android. Keeping invalid codes in your Google Authenticator is not recommended as this will cause confusion if you have to setup your account multiple times.

*Depending on your device, you may have to click on the code itself and keep your finger on it in order to be presented with the option to delete it.    

More information about how to use the 2-factor authentication you can obtain on the dedicated Google page.