Authentication General Terms

1. Introduction

These Authentication General Terms ("Terms") govern the use of authentication methods and security protocols when accessing your Neo Blockchain Bank account and related services. By using any authentication method to access our services, you agree to be bound by these Terms.

2. Authentication Methods

Neo Blockchain Bank offers multiple authentication methods to secure your account:

2.1 Password Authentication

Your account password is the primary method of authentication. You are responsible for:

• Creating a strong, unique password that meets our security requirements
• Keeping your password confidential and not sharing it with anyone
• Changing your password immediately if you suspect it has been compromised
• Not using the same password for multiple accounts or services

2.2 Two-Factor Authentication (2FA)

We strongly recommend enabling two-factor authentication for enhanced security. Available 2FA methods include:

• SMS Verification: One-time passwords sent to your registered mobile number
• Authenticator Apps: Time-based one-time passwords generated by approved authenticator applications
• Email Verification: Verification codes sent to your registered email address

2.3 Biometric Authentication

Where supported by your device, you may use biometric authentication methods including:

• Fingerprint recognition (Touch ID)
• Facial recognition (Face ID)
• Other biometric methods supported by your device

3. Security Requirements

3.1 Password Requirements

Your password must meet the following minimum requirements:

• Minimum of 8 characters in length
• At least one uppercase letter
• At least one lowercase letter
• At least one number
• At least one special character
• Must not contain easily guessable information (e.g., your name, birthday, common words)

3.2 Device Security

You are responsible for maintaining the security of devices used to access your account:

• Keep your device's operating system and applications up to date
• Use device lock features (PIN, pattern, biometric)
• Do not use jailbroken or rooted devices
• Install and maintain reputable security software
• Avoid accessing your account on public or shared devices

4. Account Access and Sessions

4.1 Session Management

For your security, we implement the following session management practices:

• Automatic session timeout after a period of inactivity
• Ability to view and manage active sessions
• Option to terminate all active sessions remotely
• Notification of new device logins

4.2 Failed Authentication Attempts

To protect against unauthorized access:

• Multiple failed authentication attempts may result in temporary account lockout
• You will be notified of failed authentication attempts
• Account recovery procedures may be required after multiple failed attempts

5. Your Responsibilities

You agree to:

• Keep all authentication credentials confidential
• Notify us immediately if you suspect unauthorized access to your account
• Not share your authentication credentials with any third party
• Use only secure and trusted networks when accessing your account
• Log out of your account when using shared or public devices
• Regularly review your account activity for any unauthorized transactions

6. Account Recovery

If you lose access to your account or forget your authentication credentials:

• Use the "Forgot Password" feature to initiate account recovery
• Verify your identity through our secure recovery process
• Contact our support team if you are unable to complete the recovery process

Account recovery may require additional identity verification, including but not limited to:

• Verification of personal information
• Submission of identity documents
• Video verification call
• Security questions

7. Security Notifications

We will notify you of security-related events including:

• Successful login from a new device or location
• Changes to your authentication settings
• Password changes
• Failed authentication attempts
• Account lockouts

Ensure your contact information is up to date to receive these important notifications.

8. Third-Party Authentication

We may offer authentication through third-party services (e.g., social login). When using third-party authentication:

• You are subject to the terms and privacy policies of the third-party provider
• We are not responsible for the security practices of third-party providers
• Compromised third-party accounts may affect your access to our services

9. Changes to Authentication Methods

We reserve the right to:

• Introduce new authentication methods
• Discontinue existing authentication methods with reasonable notice
• Require additional authentication for certain transactions or activities
• Modify security requirements based on evolving threats

10. Compliance with Regulations

Our authentication practices comply with applicable regulations including:

• Strong Customer Authentication (SCA) requirements
• Payment Services Directive (PSD2) where applicable
• Data protection regulations
• Industry security standards

11. Limitation of Liability

To the maximum extent permitted by law, Neo Blockchain Bank shall not be liable for:

• Unauthorized access resulting from your failure to protect authentication credentials
• Losses arising from compromised third-party authentication services
• Service interruptions due to security measures or maintenance
• Actions taken in good faith to protect your account security

12. Contact Information

For security-related inquiries or to report suspicious activity: