What is MFA for Online Ordering?

Multi-Factor Authentication requires Online Ordering member users to verify their identity when logging in to ensure that they, and only they, can access their account. Member users in this context are Online Ordering customers who have signed up for an Online Ordering member account which they use to log in and place online orders.

Is Online Ordering supported only for member users?

No, online orders may also be placed as guest users, in which case the user would not be logged in. Unlike member users, guest users are not prompted to authenticate with MFA.

What are some of the benefits of Online Ordering user membership?

Online Ordering member users have the ability to save payments, view past orders, save items as favorites, and collect loyalty points.

What are some of the benefits of MFA for Online Ordering?

• Enhanced security: The additional layer of authentication helps to mitigate risks of unauthorized transactions that could lead to chargebacks.
• Protection against password theft: MFA helps mitigate the risks associated with password theft.
• Compliance: MFA ensures regulatory compliance and security standards, including the Payment Card Industry Data Security Standard (PCI DSS).

Does the same MFA verification work for both Online Ordering and Admin Console?

Admin Console and Online Ordering are separate platforms, therefore MFA for Admin Console is separate from MFA for Online Ordering.

Are Online Ordering user member sign-in credentials identical across Online Ordering sites?

No. While the Online Ordering platform is the same, merchant Online Ordering sites that leverage the COMO integration use separate credentials.

Is the Online Ordering sign-in screen the same across sites with a COMO integration and those without?

The sign-in UI differs slightly for sites without the COMO integration vs those with the COMO integration.

• Online Ordering sign-in screen without COMO integration:

• COMO Online Ordering sign-in screen:

In which scenarios will Online Ordering MFA be initiated?

• Online Ordering member user sign-in
• Online Ordering member user sign-up

In which scenarios will Online Ordering MFA not be initiated?

• Guest user online ordering

Does Online Ordering MFA implementation impact the Genius Guest App?

No. At this time, the implementation of MFA only targets Genius Online Ordering (specifically, access through a web browser). The Guest Application is not currently in scope for MFA implementation.

Is there an opt-out option for Online Ordering member users?

MFA will be disabled by default, the Online Ordering member user will have the option to enable it under “My Account”. The steps to do so are outlined in the Online Ordering MFA User Guide.

Will merchants have the option in Admin Portal to opt-out of prompting member users of MFA when placing an Online Order at their sites?

The implementation targets Online Ordering member users which leverage the same credentials across merchant Online Ordering sites, rather than credentials being specific to each merchant’s Online Ordering site. As such, merchants will not have the option to opt their sites or customers out of MFA.

Is MFA implemented for both new and existing Online Ordering?

Yes, MFA will be implemented for both new and existing Online Ordering member users.

What are the supported methods of authentication?

• Email to the address used to sign in to Genius Online Ordering platform.
• Text message (SMS) to the mobile phone number entered during the Online Ordering member sign-up process, and which is indicated under the user’s “My Account”.

Note: SMS verification is only supported for U.S. and Canada phone numbers.

If a method of authentication is selected, can the user change the authentication method selection?

Yes, the user will have the option to go back to the previous screen to select a different authentication method selection.

Will the verification code expire?

Once generated, the verification code remains valid for five minutes after which it expires.

Will the login password expire?

Login passwords will not expire. We have made no changes to login password expiration. MFA just requires the user to enter an additional code after logging in.

If a user changes their phone number, can they update the phone number linked to their Online Ordering account themselves?

Yes. The steps are as follows:

1. Access the Online Ordering website and sign into your account.
2. Click the Account icon on the top right corner of the screen.
   
3. Click Manage Account.
4. In the Personal Information section, click Edit.
5. Enter the new phone number in the Phone Number box, then click Update Information to apply the change.

If a user is locked out of the email account that is linked to their Online Ordering account, can they change the email address associated with the account?

No. The email address associated with an Online Ordering account is not editable. If a user requires a new email address to associate with their Online Ordering account, they must create a new account.

Can the same email address be used to create more than one Online Ordering account?

No. If a user tries to create an Online Ordering account using an email address that is already associated with another Online Ordering account, they will be prompted to sign in to the existing account.

Who should I contact if my customers are having issues with Online Ordering MFA?

In case of issues, a merchant or dealer may contact the Genius POS Support team. Please note, our support teams do not directly support consumers. Our Support team is “merchant/dealer-facing”, which means they assist and equip you, our valued merchants and dealers, with any guidance or tools you may need to address consumer concerns.