The brokerage firm has introduced TOTP to protect investors and their data as there has been a spike in cases of phishing since the lockdown in late March.
India's largest brokerage firm Zerodha on June 9 introduced a mandatory time-based one-time password (TOTP ) to wall up against a recent surge in phishing frauds.
Since the COVID-19 lockdown in late March, illicit pages of top brokerages had been set up that mimic the look and feel of the login pages of their trading platforms, Zerodha said.
These links are then sent to unsuspecting investors via SMS messages, emails or social media with contact data stolen from various sources.
To prevent such frauds, Zerodha had temporarily blocked trading in all illiquid risky contracts. TOTP is its way to keep its investors and their data safe.
"TOTP stands for 'time-based one-time password'. Unlike a traditional OTP that is delivered to you via email or SMS, a TOTP is generated by a TOTP app that is already on your phone," the brokerage said in a blog post.
"This TOTP is valid only for a short duration (usually 30 seconds) and is regenerated every 30 seconds."
Here's how you can set up TOTPTo directly set up TOTP, you'll need to login on Kite web. Once you set it up, you can log in using this TOTP on the web as well as mobile.
You have to use apps like Google Authenticator, Microsoft Authenticator, or Authy on your mobile phone to generate a 6-digit TOTP for every login.
A step by step guide:> Log into Kite, and click on your client ID on the top right-hand corner of the page and select ‘My Profile’ from the drop-down;
> Click on ‘Password & Security’;
> Click on ‘Password & Security’;
> Enter the OTP received on your registered email ID;
> Install Google Authenticator or Microsoft Authenticator or Authy on your phone. You can find this on the Play Store or iOs;
> Select ‘scan a barcode’ under the add account option and click on 'Begin';
> Allow access to your phone camera and scan the bar code shown on the profile page on Kite. Once you scan it, the account will be added to your authenticator app. Enter the OTP shown on the app on Kite along with your password and click on ‘Enable’.
> Once you click on ‘Enable’, you’ll get a notification confirming the TOTP set up;
> You will have to enter the TOTP shown on your authenticator app instead of PIN from the next login onward.
