Multi-factor authentication: An extra layer of security for an extra layer of protection

Wednesday, May 05, 2021

As a Heartland Merchant, you trust us to keep your data secure. It’s why we stay on the forefront of security innovation—to deliver for you every day.


We’re strengthening your security with the addition of multi-factor authentication (MFA). It’s an extra layer of protection for your account login credentials and business data,  and it’s easy to set up. 



Why you need MFA


Multi-factor authentication is an extra layer of protection against cyberthreats like phishing attacks and account takeovers. It verifies your identity with two different “factors” of authentication when you log in. 


These factors could be:

  • Something you know: a password, PIN, or answer to a security question

  • Something you have: a smartphone, one-time pass token, or smart card

  • Something you are: biometrics, like your fingerprint


It’s extra account security for an extra layer of protection.


Your questions, answered

How will MFA work on my account?

Once you set up MFA, you’ll need to enter the unique verification code you receive:

  • When you sign in. (You can select “Remember Me” to prompt MFA every 45 days instead of at every login.)

  • When you sign in from a new device or new web browser

  • When you need to view or download sensitive data (like full card numbers)


If I have an elevated account, do I have to set up MFA?

Yes. You’ll need to set up MFA for each of your accounts, including elevated ones.

Can I change my primary authentication method?

You can! You can make the switch in the Reporting app within the “Account Security” section. 

What are the authentication method options?

Your authentication method options could be:

  • Your verified email, which was used during the Merchant Portal registration process

  • text message (SMS) to your mobile phone 

  • phone call to a number associated with your account

  • An authenticator app installed on your device (such as Google Authenticator, Authy, Duo Mobile, or Microsoft Authenticator)


What if I didn’t receive the verification code?

If you haven’t received your verification code, try these methods of troubleshooting:

  1. Have a code sent to you again—a sent code expires after five minutes. 

  2. If this is your first time authenticating with your chosen method, a third-party security app on your mobile phone might be blocking the text message or phone call. Try disabling the security app temporarily while you go through the authentication process again. 

  3. If that doesn’t work, try selecting a new primary authentication method. 

  4. If you still don’t receive the code using another method, contact your local customer care representative.

What if I no longer have access to my verified email?

No problem, contact your local customer care representative to add a new email address to your account.

What if I no longer have access to the phone number on my account?

We’re happy to help. Contact your local customer care representative to add a new phone number to your account.

What happens if I can’t sign in to my account?

Our team is on hand to assist. Contact your local support representative to reset your password.