PEER-TO-PEER lender Assetz Capital has attracted criticism from customers after glitches were identified with its new two-factor authentication process.
In early July, Assetz Capital took the decision to introduce two-factor authentification for all lenders on its platform in order to provide another layer of security.
This involved the introduction of a time-restricted, single-use code sent by text, a phone call or through the ‘Authy’ app. This is required every time a user logs on to the platform.
The move attracted criticism from customers on the P2P Independent Forum, an online forum for P2P investors. The most common complaint was that two-factor authentication made the login process cumbersome.
“Please God give us the option to opt out of two-factor authentification. I’ve now only a fraction of my original peak Assetz Capital balance (on account of there being no loans for months that pay enough interest to me) – and this, if I’m forced to jump through more hoops just to log in, will guarantee that goes to zero ASAP,” said one disgruntled customer posting under the name ‘SteveT’.
Other users said two-factor authentication posed a problem because they did not own smartphones, had poor mobile phone network coverage in their homes or faced time delays receiving the code via text while abroad.
As the new login process was introduced, a raft of customers also complained of glitches. For example, one user continued to receive phone calls with codes after signing in.
Read more: Assetz Capital boosts returns for investors
Another lender received calls on his landline at 40-minute intervals on behalf of Assetz Capital asking him to activate two-factor authentication on his account.
Assetz Capital told Peer2Peer Finance News that it was aware of the initial feedback from lenders and will allow its customers to opt out of using two-factor authentication every time they log in. This will be possible at the end of this week when the next update completes.
“We are actively working on improving the information available to users regarding how our two-factor authentication works,” said Chris Mellish, chief technology officer at Assetz Capital, via email.
“[The next update] will improve the user experience but retain the advantages of increased security on sensitive transactions and changes.
“We live in a world which requires us to maintain security standards in order to protect lenders, and we will continue to evolve the solution to be the least intrusive experience but safe.”
Mellish also said via the P2P Independent Forum: “You’ll always need to use two-factor authentication for changing profile information (including password and communication preferences); making a withdrawal (even when we have designated bank accounts in the coming weeks); selling loan units at a discount; or if you connect from another device for the first time.”