Minimizing the Hassle of MFA (Multi-Faceted Authentication)

One of the many ways banks provide security is with MFA, an industry term for those security questions, text messages, and other secondary means of authenticating you that a bank will ask to authorize your access to their website.  There's usually three you setup when you established your bank login.

The request for these questions can sometimes be every login, or more commonly any time you login from a device or browser that the bank doesn't recognize.

Although these are important security systems, they can be challenging for MX or any other bank data service to deal with.

Why?  Well when you first authenticate your bank with MX it will prompt you for ONE of the security questions, which it will save to use again in the future.  However tomorrow night when Cheqbook asks MX for the day's transactions and MX attempts to login to your bank it may ask question TWO or THREE.  At which point MX will fail. 

We call this a soft fail because it will connect again a day or so later when the bank gets around to asking question ONE again, and for many users getting data on average every third or so day doesn't effect them much.

However if your bank never asks question ONE again, MX will continue to soft fail, Cheqbook will NOT show an error, and your data will quietly stop arriving - sometimes for months if you're not checking it.

The quick fix for this is to re-authenticate that account.  However the MUCH better fix it to re-authenticate several times in succession until MX has prompted you for ALL your bank security questions.

Fortunately for many banks, especially larger ones, you rarely need to do this.  From what we understand MX typically has a data sharing arrangement with larger banks, so this issue doesn't occur.  However for small and mid size banks this issue is more common.

So, if you find your dashboard does not report an error and the bank data just isn't arriving, try re-authenticating.  If you get security questions, do it again a few times.  That should fix the problem in the long term.  

Of course if you ever change your security questions, you'll have to do this again.

Have more questions? Submit a request


Please sign in to leave a comment.