The circular states that, “It is clarified that, in addition to User ID, members shall preferably use biometric authentication as one of the authentication factors along with any one of the following factors:
1. Knowledge factor (something that only the user knows):- eg, password, pin.
2. Capture Factors (only something the user has):- For example, OTP, Security Token, Authenticator app on smartphone, etc. In case of OTP, it should be sent to the customers through both email and SMS on their registered email ID and mobile number.”
NSE also said, “Where biometric authentication is not possible, members shall use both the above factors (knowledge factor and possession factor) in addition to the user ID for 2-factor authentication (2FA). It should be noted that the above authentication Will be implemented by the client on every login session in IBT and STWT.
How to Enable Two-Factor Authentication in Demat Accounts
The circular specifies that biometric authentication shall be used in conjunction with Password/PIN or OTP/Security Token. If biometric authentication is not possible, login to demat accounts should be allowed using a combination of password/PIN with OTP/Security Token.
According to NSE, Two-Factor Authentication is a one-time obligation. Once you have completed this, you can access your account using your login ID, password, and a required security image, in addition to any additional information your depository may require.
Here’s how to enable two factor authentication in demat accounts, as per ICICI Direct website
Step 1: Go to your on Profile section demat account Through your web portal or mobile application
Step 2: Go to Password/Security option and click on Two-factor authentication
Step 3: You will receive an OTP on your email id/password
Step 4: Input the OTP. The account may ask you to input your fingerprint, or you may need to scan a QR code to add the account.
“If the biometric authentication fails, the demat account holders can also authenticate their accounts through knowledge/possession factor. The knowledge/cognition factor is the detail that is known only to the account holder. For example, the knowledge factor is something like a PIN or password that is known only to the user, whereas the capture factor is the details sent by the network/system to the user and kept only within their knowledge. Possession factors include a one-time OTP, a security token, a card reader, authentication app, or any other credentials that are within the user’s knowledge.
How to Enable Two Factor Authentication on Zerodha Kite, Web, App
According to the Zerodha website for Kite Web, visit kite.zerodha.com, and follow the steps below:
Step 1: Go to My Profile/Settings and then Password & Security
Step 2: Click on Enable two-step TOTP.
Step 3: Enter the OTP sent to the registered email address.
Step 4: Open any of the above Authenticator app on the mobile phone.
Step 5: Under Add an account option select Scan a QR code and click on Start.
Step 6: Allow access to the phone camera, and scan the bar code shown on the profile page on Kite. Upon scanning, the account will be linked on the Authenticator app. Alternatively, copy the key (available below the QR code) and use it to add the Kite account to the authenticator app. On the kite enter the OTP displayed in the app along with the password and click on Enable.
Step 7: TOTP is enabled.
For Kite Web, visit kite.zerodha.com, and follow the steps below:
Step 1: Go to My Profile/Settings and then Password & Security
Step 2: Click on Enable two-step TOTP.
Step 3: Enter the OTP sent to the registered email address.
Step 4: Open any of the above Authenticator app on the mobile phone.
Step 5: Under Add an account option select Scan a QR code and click on Start.
Step 6: Allow access to the phone camera, and scan the bar code shown on the profile page on Kite. Upon scanning, the account will be linked on the Authenticator app. Alternatively, copy the key (available below the QR code) and use it to add the Kite account to the authenticator app. On the kite enter the OTP displayed in the app along with the password and click on Enable.
Step 7: TOTP is enabled.