Dual Authorization

Frequently Asked Questions

Show All | Hide All
What is Dual Authorization?

Dual Authorization (Dual Auth) is an internal security control tool that allows small business banking customers to require certain types of activities and transactions to have a second user’s credentials approve a submitted transaction.

What types of transaction can be covered by Dual Auth?
  • Internal Transfers
  • Transfers to a Friend account
  • Stop Payments
  • ACH Direct Deposits (when enrolled)
  • ACH Tax Payments (when enrolled)
  • Online Wire Payments (when enrolled)
  • User Entitlements (Requires at least 2 Company System Administrators (CSA’s))

 

 *Note – Dual Authorization is NOT available for Billpay transactions at this time.

Is Dual Auth required?

Use of certain features may require use of Dual Auth or other security features such as Enhanced Account Protection. At this time, only enrollment in Online Wires requires the use of either one of these two security features.

Does Dual Auth cost anything?

No – this feature has no cost. However, certain products and features that may have costs or fees associated with them may require the use of Dual Auth or other security features such as Enhanced Account Protection.

How does it work?

With Dual Auth turned on, selected types of requested transactions or activities won’t be executed or take effect until a second user’s credentials are used to approve the item. The second user must be designated as an “Approver.”

 

For example, User A creates a transfer request between two accounts. User B (previously designated as an Approver) would then log into Online Banking, and go to the Transfer Center. The transfer created by User A would show as “Pending Add Approval”. User B can then select that transfer request, and then either Approve or Deny the transfer request according to their business policies.

Can the initating user's credentials be used to approve the same transactions?

No – an approver’s credentials cannot be those of the person that created or modified the transaction. It’s best to have at least two users designated as having approval authority.

Does an Approver also have to be a Customer System Adminstrator (CSA)?

For most types of approvals, an Approver does not have to be a CSA. However, companies that choose to use Dual Auth for User Entitlements must have at least two (2) CSA’s, since any User Entitlement change must be executed by one CSA and then approved with a different CSA’s credentials.

How is Dual Auth different from Enhanced Account Protection (EAP)?

Both are internal security control tools for your online banking activities.

 

  • By its nature, Dual Authorization requires at least two users, and gives the additional control where transactions submitted by one user’s credentials must be approved with a second user’s credentials.
  • EAP, on the other hand, can be used by single-user companies as well as multi-user companies.

 

EAP provides a text message code to your phone which you must enter into online banking to complete the requested transaction. If someone other than you tries to use your credentials to create transactions, your phone will receive the text message with the code.  Also, fraudulent users can’t change your telephone number without you being sent a code to alert you if someone is attempting fraud on your accounts.

Can I have more than two approvers?

Companies can have as many approvers as desired. On a per transaction basis, we are supporting only the requirement for one approver per transaction at this time. We may support multiple approvers per transaction in the future.

How does Dual Auth work in Mobile Banking?

Transactions can be created in Mobile Banking under services that use Dual Authorization, such as Internal Transfers, Transfers to a Friend, and External Transfers; however, approvals for those transactions would need to be made by an Approver logging into the Online Banking application. There is no support for transaction approval to be given through Mobile Banking at this time.

How do I sign up for Dual Authorization?

Contact your branch for the appropriate forms and enrollment steps. Once the service has been set up, you will be notified by email that it is ready to use.

How do I change which users have the ability to approve transactions?

Your Company System Administrator (CSA) can grant or remove the Approver designation for any user within Online Banking, by accessing the Admin tab on the main menu. By clicking on the user name, the CSA can then check or uncheck the Approver flag as desired. If Dual Auth is also turned on for User Administration, any changes to a user profile must then be approved by a second CSA’s credentials.

Is there a dollar limit for Dual Auth?

There is no dollar limit associated with dual authorization at this time. Some features, such as ACH and Online Wires, may have dollar limits associated to them regardless of whether Dual Auth is used or not.

When the service is enabled, how will I know that is has been turned on and that "Approver" designation can be assigned?

Initial enrollment will include identification of the Approvers; the operations team responsible for setting up the Dual Auth feature will advise the company by email that the service has been turned on.

Is there any option to pick and choose which accounts would require Dual Auth?

No. Dual Authorization can only be set up by feature (Internal Transfers, Transfers to a Friend, ACH Payroll, etc.) not by account.