Multi-factor authentication (MFA) is an authentication method that requires the user to provide two or more verification factors to gain access to a resource such as F&I Café, the Revolos platform or US Dealer Services. The goal of MFA is to create a layered defense that makes it more difficult for an unauthorized person to access a target, such as a physical location, computing device, network or database.
The main benefit of MFA is it will enhance your organization's security by requiring your users to identify themselves by more than a username and password. Enforcing the use of an MFA factor like a thumbprint or physical hardware key means increased confidence that your organization will stay safe from cyber criminals.
It’s an essential step to helping protect dealerships from the threat of cyberattacks. This presents a more difficult environment for hackers to attack and avoiding the potential to become victim of a ransomware attack.
You will be prompted initially after you register your account to authenticate, and future prompts to authenticate will be based on conditional access, which means if the environment you are logging in from is medium to high risk, you may be prompted to authenticate more frequently. This simply means that MFA is doing its job, and it identified that the system would benefit from the additional security measure.
Yes. All devices where you access a Protective website (F&I Café, the Revolos platform or US Dealer Services) may be subject to multi-factor authentication.
When you authenticate, you will only be prompted for SMS/Text or a phone call to obtain your security code validation, not email.
F&I Café: Once in F&I Café, go to the Settings menu, and select User Settings. You will see the phone number field to update and confirm. If you are not able to log in to F&I Café to update the phone number, the admin user at the dealership can update the phone number related to your account.
The Revolos platform: Users with access can go to the "Users" page (under the Maintenance menu) to edit any existing user's info including the phone number.
The application that we use for multi-factor authentication is a Microsoft product, Azure Active Directory B2C, so when you select the phone call as your option to receive a code, there will be a reference to Microsoft.
Every user will need individual login credentials. Then once the MFA process is implemented, you will encounter a registration page where you need to provide your email address as well as a phone/mobile number. After creating a secure account, you will login in with your email address and your new password that meets password complexity rules going forward.
In cases where dealers shared a login for F&I Café/the Revolos platform/US Dealer Services system, it will be important going forward that each user has individual user ID/credentials. Each user of the Protective web platform will need to go through a multi-factor authentication process, and therefore having a unique login will be critical. Failure to do this will result in a user getting locked out of accessing the website.
If you have not been given a unique login to the Protective web platform you use, please see the admin user at the dealership. You will need individual login credentials going forward.
F&I Café: The individual who has been assigned the admin user role within the dealership can add and remove access and roles for all the users at the dealership. To remove access, click on the user’s profile and “deactivate” the user in F&I Café.
The Revolos platform: Users with access can go to the "Users" page (under the Maintenance menu) and disable or delete any user no longer needed.
After MFA is implemented, users who share credentials will run the risk of being LOCKED OUT of your account. If you still use a shared login, please get with your admin user at the dealership or your Protective Sales Representative to create a unique user ID for your use.
There is no limit to the number of users within a dealership.
The menu vendor that you use may have an MFA process in place. Otherwise, Protective’s MFA process will not impact users rating and contracting through a menu vendor/third-party.
Initially after getting your unique user ID, you will not see any MFA prompts until Protective implements the MFA requirement. At this time, you are setting yourself up with unique credentials for when MFA is turned on, then there will be no disruption in your access to the web portal.
You will be prompted the first time you log in after the multi-factor authentication has been turned on. Then each additional prompt for MFA will be conditional access based, meaning it will occur when the process detects a high-risk connection.
While you can share the same phone line in the multi-factor authentication process, we recommend a best practice to be a unique phone number or cell number to obtain your security validation code.
We will be implementing MFA in all Protective web platforms in phases, F&I Café first, followed by the Revolos platform and lastly, US Dealer Services. After implementation, you will use your email as the login to all systems. You will only be prompted to MFA once if you use more than one system. By the end of 2022, all Protective portals will have MFA.
Please contact the admin user at the dealership, and they will create a new user ID for you or contact your Protective Representative.
As long as the dealers are grouped within Protective administration system, you will be able to authenticate your credentials once and then you can access the multiple locations within the group without having to authenticate multiple times. If you are not certain whether your dealers are grouped, please contact your Protective Representative.
It is a best practice to utilize your business email address, and to also be consistent with the email address across all applications that you access Protective web pages. This consistent use of one email address with Protective will ensure the ability to connect the user to all Protective applications that require MFA.
Once you are registered for MFA, this set of credentials should be used to login to every platform. (i.e., if you’re registered for MFA in F&I Cafe with email address email@example.com you should use firstname.lastname@example.org to login to US Dealer Services as well). You do NOT have to re-register for MFA.
If you are unable to login because you initially entered an incorrect phone number and are unable to receive your MFA code, an admin user at the dealer can do this for you.
If you are able to login, follow the below steps:
Once in F&I Café, go to the Settings menu, and select User Settings. You will see the phone number field to update and confirm. If you are not able to log in to F&I Café to update the phone number, the admin user at the dealership can update the phone number related to your account.
The Revolos platform:
Users with access can go to the "Users" page (under the Maintenance menu) to edit any existing user's info including the phone number
US Dealer Services:
Once in US Dealer Services, select your Dealer number. Select 'Update User Profile', update your phone number and click 'Update'.
Try closing your browser and reopen to start fresh. Use a Preferred browser such as Microsoft Edge. Clear cache if necessary. You may search how to clear the cache in your specific browser.
For Edge, instructions are below:
• Open Microsoft Edge, select Menu (3 dots icon on top right corner of the browser) > Settings > Privacy & services
• Under Clear browsing data, select Choose what to clear
• Select the Cached images and files check box and then select Clear
For the Revolos platform ONLY:
After entering your email address you must click “send verification code” (Selecting “Continue” will result in a “Claim not verified” error message).
Do not hit “Enter” on your keyboard after entering your email address. You must click the “Continue” button to proceed and login.