Increasing MMS Security via Two-Factor Authentication

MongoDB
June 4, 2014 | Updated: January 20, 2017
#Cloud

As of May 28th, the MongoDB Management Service (MMS) requires Two Factor Authentication (2FA) for all MMS users. Two-factor authentication requires you to know your password and have a physical item that proves your identity. In our implementation, that second factor is your phone. So when you log in, after you enter your password correctly, MMS will prompt you for a code that proves you have your phone.

There are multiple ways to receive a 2FA code in real time:

  • Google Authenticator for Android or Apple iOS on your smartphone. Google Authenticator produces time-based codes that do not require a connection to the internet. You seed the Google Authenticator app by scanning a QR code shown to you by MMS during setup. Once seeded, the Google Authenticator app will show you the current code whenever it is running.
  • Text message to a cellphone number. When you set up your MMS account, you can provide a cell phone number to receive your 2FA codes. Whenever you need to login, MMS will send you a code via SMS. SMS works well for most users, however, certain network providers and countries may impose delays on SMS messages. If you’re using text messaging, you’ll also have to have cell service whenever you want to log in to MMS. For example, you may want to log in on an airplane or when traveling internationally. In these cases, Google Authenticator is a good alternative since it does not require a network connection.
  • Voice call to a cell phone. This option is almost exactly like text messaging. When you try to log in, you will get an automated phone call that reads out the 2FA code required to login.

As a backup, you can also generate recovery codes when setting up 2FA within MMS. These are longer codes that can be used in place of a 2FA code when you don’t have access to a phone or your Google Authenticator app. Each recovery code can be used exactly once, and you should save these codes in a secure place. Additionally, you can re-generate your recovery codes in your Two Factor Authentication link under Settings->Profile in MMS. When you generate new recovery codes, you invalidate previously generated ones.

MMS 2FA requires a little extra work but we believe that it provides a significantly improved level of security to MMS users. If you run into any problems setting up your 2FA, please reach out to the MMS Support team.

← Previous

Big data Visualization Using SAP Lumira

Today at SAPPHIRE NOW in Orlando, FL, SAP Executive Board member Bernd Leukert announced a collaboration between MongoDB and SAP’s easy-to-use data visualization software, SAP Lumira . Business intelligence (BI) solutions such as SAP Lumira provide an easy, accessible way for enterprise leaders to view, transform, and manipulate their data. However, most BI products today support only tabular formats, such as those found in relational databases, and the large majority of enterprise data (80%) is non-tabular in nature. This leaves organizations with few options that will enable them to visualize all their information. By collaborating, SAP and MongoDB – the two leaders in BI and modern databases, respectively – will provide customers an enterprise-grade solution for elegantly visualizing big data from all sources. The integration represents a major step forward in enterprise BI support for non-relational technologies. “In a year where we strengthened several of our strategic partnerships, we are excited to announce a new collaboration with a company that is helping many of our customers build modern applications that previously were unimaginable,” said Steve Lucas, President, Platform solutions at SAP. “Delivering this integration with MongoDB in SAP Lumira eliminates barriers and creates a richer data visualization experience for our customers.” MongoDB CEO Max Schireson will speak more about the collaboration in his keynote at MongoDB World on June 24th in New York City. “SAP has demonstrated its leadership as a leading BI vendor by giving customers an easy way to visualize MongoDB’s rich, non-tabular data that increasingly dominates enterprise applications,” said Schireson. “The interoperability of the leading big data and BI technologies presents a big win for our customers in visualizing the rich data capabilities of MongoDB.” Today customers can connect to MongoDB via a JDBC connection using the latest version of SAP Lumira. Targeted for the upcoming release of SAP Lumira (version 1.17) the relationship will see SAP provide sample code and document the integration between SAP Lumira and MongoDB Enterprise via the Data Acquisition Extension framework. Future development includes native integration for SAP Lumira to connect to MongoDB Enterprise planned for a future release of SAP Lumira.

June 4, 2014
Next →

Accelerating to T+1 - Have You Got the Speed and Agility Required to Meet the Deadline?

On May 28, 2024, the Securities and Exchange Commission (SEC) will implement a move to a T+1 settlement for standard securities trades , shortening the settlement period from 2 business days after the trade date to one business day. The change aims to address market volatility and reduce credit and settlement risk. The shortened T+1 settlement cycle can potentially decrease market risks, but most firms' current back-office operations cannot handle this change. This is due to several challenges with existing systems, including: Manual processes will be under pressure due to the shortened settlement cycle Batch data processing will not be feasible To prepare for T+1, firms should take urgent action to address these challenges: Automate manual processes to streamline them and improve operational efficiency Event-based real-time processing should replace batch processing for faster settlement In this blog, we will explore how MongoDB can be leveraged to accelerate manual process automation and replace batch processes to enable faster settlement. What is a T+1 and T+2 settlement? T+1 settlement refers to the practice of settling transactions executed before 4:30pm on the following trading day. For example, if a transaction is executed on Monday before 4:30 pm, the settlement will occur on Tuesday. This settlement process involves the transfer of securities and/or funds from the seller's account to the buyer's account. This contrasts with the T+2 settlement, where trades are settled two trading days after the trade date. According to SEC Chair Gary Gensler , “T+1 is designed to benefit investors and reduce the credit, market, and liquidity risks in securities transactions faced by market participants.” Overcoming T+1 transition challenges with MongoDB: Two unique solutions 1. The multi-cloud developer data platform accelerates manual process automation Legacy settlement systems may involve manual intervention for various tasks, including manual matching of trades, manual input of settlement instructions, allocation emails to brokers, reconciliation of trade and settlement details, and manual processing of paper-based documents. These manual processes can be time-consuming and prone to errors. MongoDB (Figure 1 below) can help accelerate developer productivity in several ways: Easy to use: MongoDB is designed to be easy to use, which can reduce the learning curve for developers who are new to the database. Flexible data model: Allows developers to store data in a way that makes sense for their application. This can help accelerate development by reducing the need for complex data transformations or ORM mapping. Scalability: MongoDB is highly scalable , which means it can handle large volumes of trade data and support high levels of concurrency. Rich query language: Allows developers to perform complex queries without writing much code. MongoDB's Apache Lucene-based search can also help screen large volumes of data against sanctions and watch lists in real-time. Figure 1: MongoDB's developer data platform Discover the developer productivity calculator . Developers spend 42% of their work week on maintenance and technical debt. How much does this cost your organization? Calculate how much you can save by working with MongoDB. 2. An operational trade store to replace slow batch processing Back-office technology teams face numerous challenges when consolidating transaction data due to the complexity of legacy batch ETL and integration jobs. Legacy databases have long been the industry standard but are not optimal for post-trade management due to limitations such as rigid schema, difficulty in horizontal scaling, and slow performance. For T+1 settlement, it is crucial to have real-time availability of consolidated positions across assets, geographies, and business lines. It is important to note that the end of the batch cycle will not meet this requirement. As a solution, MongoDB customers use an operational trade data store (ODS) to overcome these challenges for real-time data sharing. By using an ODS, financial firms can improve their operational efficiency by consolidating transaction data in real-time. This allows them to streamline their back-office operations, reduce the complexity of ETL and integration processes, and avoid the limitations of relational databases. As a result, firms can make faster, more informed decisions and gain a competitive edge in the market. Using MongoDB (Figure 2 below), trade desk data is copied into an ODS in real-time through change data capture (CDC), creating a centralized trade store that acts as a live source for downstream trade settlement and compliance systems. This enables faster settlement times, improves data quality and accuracy, and supports full transactionality. As the ODS evolves, it becomes a "system of record/golden source" for many back office and middle office applications, and powers AI/ML-based real-time fraud prevention applications and settlement risk failure systems. Figure 2: Centralized Trade Data Store (ODS) Managing trade settlement risk failure is critical in driving efficiency across the entire securities market ecosystem. Luckily, MongoDB integration capabilities (Figure 3 below) with modern AI and ML platforms enable banks to develop AI/ML models that make managing potential trade settlement fails much more efficient from a cost, time, and quality perspective. Additionally, predictive analytics allow firms to project availability and demand and optimize inventories for lending and borrowing. Figure 3: Event-driven application for real time monitoring Summary Financial institutions face significant challenges in reducing settlement duration from two business days (T+2) to one (T+1), particularly when it comes to addressing the existing back-office issues. However, it's crucial for them to achieve this goal within a year as required by the SEC. This blog highlights how MongoDB's developer data platform can help financial institutions automate manual processes and adopt a best practice approach to replace batch processes with a real-time data store repository (ODS). With the help of MongoDB's developer data platform and best practices, financial institutions can achieve operational excellence and meet the SEC's T+1 settlement deadline on May 28, 2024. In the event of T+0 settlement cycles becoming a reality, institutions with the most flexible data platform will be better equipped to adjust. Top banks in the industry are already adopting MongoDB's developer data platform to modernize their infrastructure, leading to reduced time-to-market, lower total cost of ownership, and improved developer productivity. Looking to learn more about how you can modernize or what MongoDB can do for you? Zero downtime migrations using MongoDB’s flexible schema Accelerate your digital transformation with these 5 Phases of Banking Modernization Reduce time-to-market for your customer lifecycle management applications MongoDB’s financial services hub

May 25, 2023