Security in Commerce Media Tech for Publishers

Commerce Media Tech has two security features available that help to protect your account from getting hacked:

• New login sessions
• Two-factor authentication

Opt-in by default, you are notified by email anytime a new device logs into your Commerce Media Tech account. Once notified, you can act on any suspicious sign-ins by suspending your account and resetting the password.

Suspending your account will:

1. Send you an email with a new password
2. Terminate all active sessions
3. Pause any feeds
4. Suspend any financial transactions
5. Require a member of Commerce Media Tech Support to reactivate your account

Two-Factor Authentication (2FA) is a method of signing in to the CMT platform that requires more than just a password. Using only a password to sign in to any website is vulnerable to security threats because a malicious user only needs one piece of information to gain access to your account. 2FA places an extra layer of security on your account by requiring both your password and a second authentication code while signing in. The only way a user can sign in to your account is if they have your password and the authentication code from your registered mobile device(s). For CMT, the additional authentication code will be generated by a Time-based One-Time Password (TOTP) mobile app.

Before you start turning on Two-Factor Authentication for your CMT account, it is required to download and install a Time-based One-Time Password (TOTP) application. The TOTP application automatically generates authentication codes that expire and refresh after certain periods of time. TOTP applications are more reliable than using SMS authentication, so 2FA on the CMT platform will utilize the TOTP authentication only.

Download one of the following mobile applications:

• For Android, iOS, and Blackberry: Google Authenticator
• For Android and iOS: Duo Mobile
• For Windows Phone: Authenticator

After installing the TOTP application on your mobile device, set 2FA in the CMT platform:

1. Go to the Account in your profile.
2. Go to the Security tab.
3. In the Security tab, click the TURN ON button to apply Two-Factor Authentication for your account. The 2FA startup page will show up.
4. After reading the information about how the authentication process looks, click the Start setup button.
5. Scan the barcode image in the pop-up page using the TOTP application. If you cannot scan the QR code from your computer screen, you can always use a text code option. Click the text code in step 1. in the Two-factor authentication pop-up window, and next, type the text code in the mobile application field.

   Commerce Media Tech Tip: To configure 2FA on multiple devices, you need to follow this step for all devices in the same session; just scan the same QR code on all devices. If 2FA is already enabled for a device and you want to add another device, you’ll have to reconfigure all devices again. You need to follow the next step only on one of the devices.

6. Input the six-digit code from the application into the field in step 2.
7. To complete the verification, click the Continue button.
8. You will see that the Two-Factor Authentication status is turned on.