Multi-Factor Authentication (MFA)

Overview

The Encompass Lending Platform supports multifactor authentication using Ping ID, Okta Verify, or Duo Mobile identity providers. This guide describes the necessary steps to set up your multifactor authentication provider account to work with the Encompass Lending Platform. Once configured, your Encompass users will be able to pair their mobile devices with your Encompass products and start receiving push notifications to authenticate.

Authentication

Primary authentication is handled by the Encompass Lending Platform with the user’s Encompass user name and password. If the user's primary credentials are correct, the user is prompted for secondary or second-factor authentication with the MFA provider. How the user authenticates during second-factor authentication depends on which authentication method is used by the MFA provider. It could be a push notification sent to the user’s smartphone, by answering a phone call or by entering a one-time passcode generated by the MFA provider’s app, a compatible hardware token, or received via SMS.

Process Overview

Setting up your MFA provider with Encompass Lending Platform is a straightforward process. The high-level steps are:

  1. Configure your MFA provider. The Encompass Lending Platform is already configured to use Ping ID as the identity provider. The Encompass Lending Platform supports Okta Verify and Duo Mobile identity providers as well. Configuration steps for both Okta Verify and Duo Mobile are provided in the MFA setup guide.

  2. Enable MFA in Encompass.

  3. Add your MFA application provider details in Encompass Developer Connect. In this step, you will add your MFA application provider details to the Lender MFA configuration page in the Encompass Developer Connect portal. This step is applicable only when using Okta Verify or Duo Mobile identity providers.

For instructions on setting up MFA for Encompass please see How to Set Up MFA for Encompass.