CDF has put additional steps and processes in place to strengthen the online security of its customers. These measures are aimed at minimising cyber risks and threats to create safer online experiences.
For CDF Online transactions, the Fund has introduced two-factor authentication. This additional security measure confirms registered identities by cross-checking a combination of two different user factors. The first-factor being something you know (i.e. CDF Online login credentials) and the second-factor being something you have (i.e. a mobile phone number).
From 14 February 2019, all CDF Account Authorisers will receive a one-time password (OTP), delivered via SMS to their registered mobile phone number, when completing certain CDF Online authorisations.
The following CDF Online transactions will request for a one-time password (OTP):
How does a OTP work?
OTP is a single use SMS password for only one CDF Online authorisation activity. When requested to enter your OTP on CDF Online:
- Click the 'Get SMS' link
- CDF will then send you a randomly generated OTP SMS to your registered mobile phone number; then
- Enter the code received via SMS, in the OTP field, to complete the authorisation.
Why can't I provide the second authorisation on a payment like i used to, by entering my credentials in my colleague's CDF Online session?
Due to the updated security measures, each Authoriser will now be required to login to their own CDF Online session to authorise payments. This means that Authorisers are no longer able to enter their authorising credentials in their colleagues' CDF Online session.
Can I use a OTP more than once?
The OTP SMS code is only valid for the current transaction you are required to authorise. Once you have authorised/cancelled the transaction the OTP SMS code is no longer valid.
Do I have to register my mobile phone to receive a OTP?
Account Authorisers who have already provided their mobile phone number details to CDF, you will automatically be registered to receive a OTP. If you have not previously provided your mobile phone number, please contact the CDF Client Services team at firstname.lastname@example.org.
Why does my CDF Online password disappear when i click 'Get SMS'?
The webpage will reload when you click Get SMS therefore Your Password will be removed. The correct order of entry for this screen is shown below:
- Select Get SMS
- Enter the OTP code, recieved via SMS
- Enter your CDF Online password
Are any costs involved?
CDF will not charge customers to receive an OTP SMS. However, customers should check with their mobile network provider to confirm possible charges for receiving OTP SMS messages particularly when overseas.
What if I haven't supplied my mobile phone number to CDF or my mobile phone number details are incorrect?
Account Authorisers without a registered mobile phone number will be unable to approve transactions online. To ensure your account is up to date, or to provide a mobile phone number, please contact our Client Services team on Tel: 1800 134 135 or email email@example.com.
What if I don't own a mobile phone, have no reception, or am overseas and can't receive a OTP?
Please contact our Client Services team on Tel: 1800 134 135 or firstname.lastname@example.org to discuss your options.
Will my registered mobile phone number be used for anything else?