Enhanced Agent Web Console security features are designed to allow AWC users with access to more than one AWC instance, such as Account Managers, to employ Multi-factor Authentication restrictions and/or IP and Region Login Whitelist restrictions. These restrictions are defined by the user’s Default Account.
Multi-factor authentication (MFA) is an optional security feature in the AWC using third-party provider Duo. Once a Duo account is created and the AWC is configured by an Admin user, the specific user must login both with their username and password and then, once prompted, using the Duo app on their mobile. Only after both authentication methods are employed will the user have access to the AWC.
MFA restrictions are inherited by your Default Account in the AWC, however, if you are an Account Manager and can access more than one AWC account, you can, once logged in, change from one account to another as long as your session hasn't timed out.
IP Region and Login Whitelist
IP and Region Login Whitelisting is an optional security feature in the AWC. Once enabled and configured, users can only login if their IP address matches the one set up in the AWC, or if their IP matches the configured IP address range for their country.
This is configurable for the Default Merchant Account and restricts valid logins to individual IP addresses, IP address ranges, and/or IP addresses by countries.
IP Address Whitelists are intended for use by Account Managers who are logged into partner merchants. When an Account Manager logs in, they are identified so that AWC’s authentication system checks the appropriate white label list.
As previously mentioned, IP whitelist restrictions are inherited by the merchant's Default Account in the AWC, however, an Account Manager and can access more than one AWC account, and, once logged in, can change from one account to another as long as the current session hasn't timed out.