Protecting your account with two-step verification
Zip has now enabled two-step verification (2SV) as an extra layer of security on the Merchant Dashboard. This helps to protect sensitive data and gives you more control over the safety of your account.
This is currently optional, but highly recommended to enable account security.
This feature will be available for all merchants by December 2025.
FAQS:
What is 2-step verification?
2-step verification (2SV) is an extra layer of security used to ensure that only authorised users can access an account. After entering a password, users must verify their identity through a second step by entering a code sent to their phone or email. This makes it harder for unauthorised people to gain access if a password is compromised.
What types of 2SV are available?
You can opt to receive a verification code via SMS or a trusted email.
How can I switch this on for my account?
If you are an Admin user, you can enable 2SV for your business in the Zip Merchant dashboard here.
Will 2SV stop me from signing in?
No, at this stage you have the option to skip this during setup, however, we strongly recommend enabling it for enhanced account security. You can always turn this on in the User Settings at a later time.
Where is my data stored?
Zip takes data security very seriously. Your 2SV data is stored securely within Australia, adhering to strict privacy and security standards. Your mobile number/email address used for verification will not be used for any marketing purposes.
How often do I need to authenticate?
Reauthentication is required approximately every 30 days, however, you may be prompted to reauthenticate if there's unusual activity on your account.
Can I set this up from overseas?
At present, 2SV is only available to set up within Australia. If you have already been set up and travel overseas, your authentication will still be required. We are actively working on expanding this feature to other countries soon.