By default, Brevio uses a secure login link, also known as a magic link, for My Page access. This authentication method enables users to securely access the web application without needing to remember or enter a password.
Here’s how it works:
1. Request secure link: A bank employee may order a secure link from any ordinary audit request.
2. Email secure link: Brevio generates a unique link (the "magic link") and sends it to the banks prevalidated email address.
Since the email with the magic link is only sent to a pre-validated email address, the bank can easily control access by managing who has access to the inbox.
3. User clicks on the link: The user opens the email, finds the message, and clicks on the magic link.
4. Automatic login: Upon clicking the link, the user is redirected to My Page is and automatically logged in. The unique token embedded in the magic link verifies their identity.
5. Expiration: To ensure security, the link expires every Sunday.
This method allows the bank to maintain control over access while simplifying the login process for users. By replacing traditional passwords with a secure link sent directly to their email, it offers both convenience and enhanced security.
Technical implementation: Each bank gets a token generated, based on a secure randomization algorithm, which is valid for at most one week. New token is generated every Monday and sent to the bank.