MACO authentication is separate from the one-time passcode and device registration required when MFA is activated. MACO authentication replaces the need to enter a password and security question answer, but it does not replace the need to use MFA to login to online banking.

After you activate MFA for your members, MFA (when required) will become the final step in authentication, regardless of whether a fingerprint, voice, photo ID, or PIN was already entered earlier as part of the same authentication process.
  • Your credit union can set the device registration to expire after a certain number of days in the credit union level configuration in CU*BASE. In this case, the member may not need to use the one-time passcode each time they log in, but rather whenever their device registration expires. Different number of days for registration expirations can be set for members who log in via a browser versus the mobile app.
  • Members can also opt to leave the device registration box unchecked at the device level and, therefore, set their device to require a one-time passcode each time they log into online banking.