The New York State Department of Labor today announced a new multi-factor authentication (MFA) initiative is now in use throughout the unemployment insurance (UI) system to provide top tier cyber protection for New Yorkers. This coincides with October being Cybersecurity Awareness Month, as designated by Governor Hochul. MFA is a security technology that requires multiple methods of authentication, such as a code sent via text message or as a push notification on a mobile app, to verify a user's identity for login purposes. It is used increasingly on websites and applications to protect an individual’s data if their login information is compromised. This new security measure will help ensure that UI data and information can be accessed only by customers and their established helpers. This enhanced cybersecurity provides added protection against criminals seeking to defraud the UI system.
“Protecting New Yorkers’ sensitive information remains our top priority,” said New York State Department of Labor Commissioner Roberta Reardon. “Our new multi-factor authentication is the best possible technology to secure our UI system against breaches. This new measure enhances our ongoing effort to safeguard this critical lifeline to support New Yorkers during their time of need.”
Since launching on Sept. 21, more than 261,000 users have enrolled in MFA. New York State Information Technology Services intends to use this process as a blueprint when expanding the security feature to other areas. All users are now prompted to set up MFA when using the NY.gov Unemployment Services portal, requiring users to provide a second form of authentication. MFA is required for customers who use the online portal to:
- Certify for benefits online,
- View payment history,
- Update banking information,
- Update mailing address,
- Update or view tax information, and more.
The MFA launch included an extensive communications plan used to inform New Yorkers of the change in system and how they can enroll. To make MFA easily accessible, there are currently four options for enrolling:
- Okta Verify: A mobile app that sends customers a push notification when logging into the UI portal
- Google Authenticator: A mobile app that sends customers a single-use code when logging into the UI portal
- SMS Authentication (or text message authentication): A single-use code sent to mobile phones via text when customers log into the UI portal
- Voice call authentication: Instructions sent via a voice call to customers’ phone number when logging into the UI portal
Additional information, including Frequently Asked Questions, video tutorials, and user guides, are available on the NYSDOL MFA webpage in multiple languages.
MFA development is part of NYSDOL’s ongoing 4 year modernization plan.