Two-step verification

Stronger security for your Telstra account 

Want to know what two-step verification is and why we use it? You'll find the answers here.

Why we use two-step verification

Stronger security than just a password

We use the two-step verification method to help you protect your account. It means that if someone other than you was trying to access your account, they would need more than just your username and password. 

It's easier for scammers to get access to passwords for online accounts than you think. The second step of verification means that even if someone gets access to your username and password, they still won't be able to access My Telstra. 

Helping stop scammers from targeting you

In 2021, Australians reported losing $211 million to scams involving identity theft, an 89% increase from 2020. Source: ACCC report

If a scammer or unauthorised person gets access to your account, they can try to access your payment details or your phone number. Two-step verification can stop them in their tracks. 

How two-step verification works

When you log into My Telstra (app or browser)

  1. Enter your Telstra ID username and password.
  2. Verify a second way.

If you're logging into the My Telstra app, you can verify your identity with your Telstra PIN, a one-time code, or biometrics like face and fingerprint recognition (if your device supports it).

If you're logging into My Telstra via a browser, you can verify your identity with your Telstra PIN, a one-time code, or an in-app challenge if you have access to the My Telstra app.

When you talk to us on the phone, via messaging or in store

A Telstra employee may ask you to verify your identity if you need them to look into your account over the phone, via messaging or while you're in store.

There are 3 ways they may ask you to verify:

  1. by sending a one-time code to the email address or phone number associated with your Telstra account
  2. by sending you an in-app challenge in the My Telstra app (if you use the My Telstra app)
  3. by asking you to provide photo ID if you're in a store.

Two-step verification methods

You can use any of the below methods to protect your digital identity with Telstra. If you want to use biometrics, make sure your device supports it.

Telstra PIN

You can help protect your identity by enabling your Telstra PIN. You can do this easily in the My Telstra app or via My Telstra in a browser.

We'll never ask you to provide your PIN verbally to anyone, so if someone asks you to do that, end the conversation immediately.

To enable Telstra PIN: 

  1. Sign in to the My Telstra app or via My Telstra in a browser
  2. Select Profile
  3. Go to Security Settings
  4. Go to Telstra PIN
  5. Follow the prompts to set up your PIN.

One-time code

A one-time code can be sent to your contact mobile number or email address that you have registered with us. This will verify your identity when interacting with Telstra over the phone, via messaging or in store, and when logging into My Telstra in a browser.

To use this security feature, check that your contact details with us are correct. 

To check your contact details:

  1. Sign in to the My Telstra app or My Telstra in a browser
  2. Select Profile
  3. Select Personal Details 

Biometrics (Face & Fingerprint ID) - My Telstra app only

Biometric authentication uses your face or fingerprint to identify you. Telstra does not store your biometric information like fingerprints or face images during this process.

On supported Android devices, you can use Face or Fingerprint ID. On supported iOS devices (like iPhones and iPads), you can use Face ID or Touch ID.  

To enable Face and Fingerprint ID:

  1. Sign in to the My Telstra app
  2. Select Profile
  3. Select Security Settings
  4. Select Telstra PIN and Face/Fingerprint ID
  5. Toggle on Face ID, Fingerprint ID, or Touch ID (depending on your device).

In-app challenge

What is the in-app challenge

You can use the My Telstra app to verify your identity when logging into My Telstra in a browser, or while talking to a Telstra agent via messaging, on the phone or in store. It also assures you that you are talking to an agent from Telstra instead of a scammer.

To do so, you'll need to complete an in-app challenge that will be sent to the My Telstra app.

The in-app challenge is only available to people using the My Telstra app. If you don't use the app, you can use a one-time code instead. A Telstra agent will never ask for your Telstra PIN.

How to use the in-app challenge

1. Select the notification

We send a notification to your device from the My Telstra app. 

2. Open the app

Tapping the notification will open the My Telstra app.

Verify your identity using biometrics (Face or Fingerprint ID), or if you don't have biometrics enabled, you can enter your Telstra PIN, then follow the prompts.

3. Accept the verification request

Tap YES when requested to complete the verification request and confirm it's really you.

Completing the in-app challenge without a notification

If you don’t have notifications enabled or you don't want to use the notification, you can:

  1. open the My Telstra app and sign in using either your biometrics or Telstra PIN 
  2. tap the person icon in the top right corner
  3. tap on the panel that says 'Identity verification' to accept the verification request.

What to do if you suspect fraud

If you suspect fraudulent activity on your Telstra account you should:

  1. Contact our Fraud Customer Care Team

  2. Contact your bank

  3. Change your password