Community home
Menu
  • PEXA Certified Expand

    PEXA Certified

    This program will give you an introduction to PEXA, how it works and how it can help you transform your business processes.

    Discover More
    • Getting Business Ready
    • System Set Up
    • Transacting in PEXA
  • Help Centre Expand

    Help Centre

    Here you’ll find more than 230 help articles and videos to assist you.

    Discover More
    • Help Articles
    • Help Videos/PEXA TV
    • PEXA Interactive Demos
    • FAQs
    • Ask a Question
    • PEXA Certified
  • Ask a Question
  • Share your Experience
  • Raise an Idea
  • Blogs Expand

    Read the latest in our blogs.

    Keep up to date with the latest PEXA product releases, and read up on the property blog.

    Discover more
    • Community Blog
    • The Property Blog
    • Security Updates
    • PEXA Product Releases
    • Announcements | Outages etc
    • The Bank Blog
    • Workspaces
      Community
      Register
      Log in
    Apps menu
  • Register / Login

Community Home
Register / Login

PEXA Security Initiatives

cancel
turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
  • Community
  • :
  • Security
  • :
  • Security Updates
  • :
  • PEXA Security Initiatives

PEXA Security Initiatives

Reply
Topic Options
  • Subscribe to RSS Feed
  • Mark Topic as New
  • Mark Topic as Read
  • Float this Topic for Current User
  • Bookmark
  • Subscribe
  • Printer Friendly Page
  • All forum topics
  • Next Topic
Highlighted
cbrown
cbrown Star Employee
Star Employee
  • Mark as New
  • Bookmark
  • Subscribe
  • Subscribe to RSS Feed
  • Highlight
  • Print
  • Email to a Friend
  • Report Inappropriate Content

a week ago - last edited a week ago by Moderator Aoife Moderator

a week ago - last edited a week ago by Moderator Aoife Moderator

PEXA Security Initiatives

Hi Community,

 

The team at PEXA continues to explore techniques and technologies to align with the ever-changing security landscape. Below is an update on current security initiatives happening on the PEXA platform including our insights into a topical security concern – phone porting.


Multi-Factor Authentication

In September, multi-factor authentication (MFA) was rolled out to PEXA members. MFA requires the user to provide two or more types of evidence to verify their identity when logging in to an account or completing a transaction. This includes a password and unique authentication code which regularly changes. Members choose to receive an authentication code by SMS, the PingID mobile app, or the PingID desktop app.

 

MFA was added as another layer of authentication on top of digitally signing. Members with the relevant authority must digitally sign-off transactions with their unique [bespoke] digital signing token and PIN, confirming that all details are correct prior to the transfer of funds.

 

More than verification

Additionally, we initiated the following measures to boost the protection of members while transacting online: 

 

  • Increased monitoring of unusual activity surrounding password resets, new user creations and changes to BSB and account numbers. If such activity is detected by PEXA, a member of PEXA’s team will contact members to confirm that the activity is legitimate.
  • Machine learning algorithms to detect behavioural anomalies on a per user basis. If the behavioural pattern of a user changes, PEXA’s risk profiling mechanism is activated to trigger an alert. The member will then be promptly contacted by PEXA’s Security team.
  • Workspace time stamps and summary screen so that members can see when the Financial Settlement Schedule was last updated and by which user.


Phone porting

A current concern from industry is the possibility of phone porting – a situation where a scammer uses your personal details to port your mobile number from one provider to another, therefore accessing further personal details.

 

With a suite of security measures in place to protect PEXA members and your clients, and lawyers and conveyancers continuing to practice their due diligence, the

small percentage of members who have chosen to receive their authentication code via SMS should not be alarmed.

It is important to note that for phone porting to occur, the scammer would require several pieces of a user’s ID, as well as the ability to convince a service provider to transfer the SIM details from one telco to another. Therefore, not only would the scammer need to know the targeted user’s personal information, they would also need to know if that user has chosen SMS as the preferred method.

 

To assist in preventing this from happening, I advise members to remain vigilant of people calling, emailing and requesting personal details.

If you have any questions about this information, please don’t hesitate to reply below.

 

Regards,

 

Craig Brown
Head of PEXA Security

  • Tags:
  • Cyber-hero
5 Likes
Reply
  • All forum topics
  • Next Topic
PEXA

|

Facebook Twitter LinkedIn
  • Support
  • Privacy Policy
  • Terms of Service