To enhance the security of your Cloud POS group, you have the option to enable Two-Factor Authentication (2FA). 

This feature can be activated or deactivated by a cashier with Administrator-level access and is applied at the group level.

There are three levels available:

Disabled - 2FA is not in use.

Enabled - 2FA is available but not mandatory for POS and Back Office. 2FA becomes mandatory for accessing Cloud MT, Cloud Reports, the Courier Module, and Customer Rewards.

Enforced - 2FA is mandatory for accessing Cloud POS, Back Office, Cloud MT, Cloud Reports, the Courier Module, and Customer Rewards.

The 2FA verification being completed will authenticate the cashier on that specific device for 7 days, so each cashier should only have to authenticate with 2FA once per week on their usual computer. If a cashier uses multiple devices to sign in, they would have to verify using 2FA for each device once per week.

The setting for this is located under the Cashier Settings section of the Configuration page in Cloud POS Back Office:

Configuration Page

Once you have made the selection you require, scroll to the foot of the page and click Save.

How does a cashier setup their 2FA? 

If 2FA is enabled for your group, cashiers will see this page when they login to the Back Office/Point of Sale;

There are two types of 2FA available: SMS Verification and Authenticator App. 

Cashiers can choose to use SMS Verification alone or both SMS Verification and an Authenticator App.

SMS Verification

1) The cashier will need to have a mobile number set against their cashier in the Back Office.

If the cashier does not have a mobile number set against their cashier, this can be assigned from within the Users page in the Back Office, by a user with administrator-level access.

Users

The text message contains the Security Code;



2) Enter the security code received via SMS to verify your number.

3) Upon verification, you will be directed to the Back Office/Point of Sale. CloudPOS will then remember your 2 Factor Authentication for up to 7 days (unless you clear your cache and cookies in your web browser).

For subsequent logins, every 7 days or so you will need to send an SMS message to access Cloud POS – the exact design of the screen may vary depending on which part of the platform you're logging into e.g. Cloud MT, Cloud Reports, Back Office, Point of Sale etc.

Authenticator App Verification

1) Once the SMS Verification is ‘Enabled’, you will need to contact the Citrus-Lime Support Team to reset your 2FA credentials, for you to be able to setup a Two-Factor Authenticator App.

2) You now need to connect the Cloud POS 2FA with an authenticator app. 

Cloud POS 2FA supports all 2FA applications such as Google Authenticator, Microsoft Authenticator, Duo Mobile etc.

You can either scan the QR code (in the app itself, not just with your phone camera) or you can use the Manual Entry Code:

3) Once the authenticator app is set up, click on the cross to close this pop-up.

4) Enter the Authentication Code in the box on the right and click on Verify:

5) Once you're verified, you will be directed to the Back Office/Point of Sale. CloudPOS will then remember your 2 Factor Authentication for up to 7 days (unless you clear your cache and cookies in your web browser).

For subsequent logins, every 7 days or so you will need to enter a code to access Cloud POS – the exact design of the screen may vary depending on which part of the platform you're logging into e.g. Cloud MT, Cloud Reports, Back Office, Point of Sale etc.

How do I login when I have completed the 2FA setup?

Once you have completed the 2FA setup for both verification methods, you will be directed a screen that looks something like this when logging in:
 

You can verify using the SMS Verification or Authenticator App.