All users with an Adyen account must set up Multifactor Authentication (MFA) or Single Sign-On in the Customer Area.
MFA keeps your account secure by requiring an additional form of verification in order to log in. This prevents unauthorized users from accessing your account, even if they have obtained your username and password.
Each user can set up one authentication method per device and register two devices through MFA. If you have the Merchant admin role, you can:
- See user details by going to Settings > Users.
- Manage user access by removing devices registered to users in your organization.
In your Customer Area, you have two ways to set up MFA for your account:
- With an authenticator app, such as Google Authenticator, Okta Verify, or Microsoft Authenticator, which generates time-based one-time passwords on your mobile device.
- With SMS authentication, which sends SMS messages with time-based one-time passwords on your mobile device.
Set up MFA with an authenticator app
You must set up MFA on your device the first time you log in to your Customer Area.
- Enter a device name in the Create device name field.
- Scan the QR barcode to create a new account in the authenticator app on your device. If you want to use a manual code to create a new account in your authenticator app, select Switch to manual key and enter the code Adyen provides.
- Enter the 6-digit verification code from your authenticator app.
- Select Add to register your device with Adyen.
After you register your device for MFA with an authenticator app, each time you log in to your Customer Area, you must enter the code from the authenticator app.
Set up MFA with SMS
If you want to add SMS authentication to your Customer Area account:
- Go to your user account menu.
- Select Profile .
- Under Multifactor authentication, select Add authentication.
- Select Switch to SMS authentication.
- Enter your phone number.
- Enter the 6-digit verification code that you receive on your mobile phone.
- Select Add.
After you register your device for MFA with SMS, each time you log in to your Customer Area account, you must enter the code we send to your device.
Delete an authentication method
To delete an existing authentication method from your account:
- In your Customer Area, go to your user account menu.
- Select Profile .
- Under Multifactor authentication, select the delete icon next to the authentication method you want to remove.
- Select Delete.
Manage devices
If you have a new device, you can remove your registered device and add MFA with an authenticator app to that new device.
To manage the devices used for MFA:
- In your Customer Area, navigate to the details page of the user whose device you want to manage: My user for your own user, or the User details page of another user in your organization.
- Under Multifactor authentication, select the delete icon next to the device you want to remove.
- Select Delete.
The next time you log in to Adyen, you must register your new device.