Articles in this section

See more

Multi-Factor Authentication (MFA) for Providers in Arcadia

Avatar
Shelton Bilgates
Updated
Follow

What is Multi-Factor Authentication (MFA)?

Multi-factor authentication (MFA) is a security process that requires users to provide multiple forms of verification to gain access to an account. This adds an extra layer of protection beyond just a username and password.

MFA Support in Arcadia

Arcadia supports MFA for some providers. When a provider introduces MFA, our system detects it through our automation jobs.

How Does Arcadia Identify MFA for a Provider?

  • Our automation job runs and attempts to log into the provider’s site.
  • If an MFA prompt is detected, the credential is automatically tagged as MULTI FACTOR AUTHENTICATION FAILURE

  • Our internal team investigates the issue.
  • If MFA is confirmed, a notification is sent to the customer stating:
    • Encountered Multi-Factor Authentication - Provider Name
    • The provider has added MFA to the site.
    • We are suspending service for that provider temporarily.
    • We are working on an alternate method to process the bills.
    • Proceed to upload bills through Files module

  • Customers will receive an email notification regarding the change.
  • If we can disable the MFA a different type of notification will be sent like
    • Request to Disable MFA Option - Provider NAme
    • In the mail they will have steps to be followed to disable MFA in the website

How Can MFA Be Bypassed?

There are two ways to bypass MFA:

  1. Disabling MFA on the Provider’s Site – If the provider allows it, the customer can disable MFA in their account settings. This enables our automation to log in and fetch bills without interruptions.
  2. Bypassing MFA Using Cookies/Tokens – Our engineering team can bypass MFA by capturing authentication tokens. Here’s how it works:
    • The customer submits a credential for an MFA-enforced provider.
    • Our automation attempts to log in and encounters the MFA prompt.
    • The dashboard prompts the customer to enter the OTP.
    • Once the customer enters the OTP, our system logs in successfully and captures the authentication cookies/tokens which saves the login information.
    • These cookies/tokens are stored and used for future logins, eliminating the need for repeated OTP entry.

How to View MFA-Supported Providers?

Customers can check which providers support MFA bypass in the dashboard:

  1. Navigate to the Providers tab.
  2. Use the Filters option.
  3. Set the filter MFA Enforced to True.
  4. The list will display all providers that Arcadia supports for MFA bypass.

For any further assistance regarding MFA-related queries, please contact our support team.

Related articles