Security and trustOperational

Trusted devices

Manage devices and sessions and respond to a lost phone or an unfamiliar device.

Last reviewed: For: Individual · Merchant · Security team

What is a trusted device?

A trusted device is linked to the account after successful sign-in and verification. Trust does not grant unlimited authority forever; session, role, operation, and limits remain independent controls.

When adding a device

Review device type, time, and approximate location when available. Never approve a prompt you did not initiate. Give devices recognizable names, especially for points of sale and branches.

Device review

Remove old devices, disable devices belonging to transferred staff, and avoid shared devices with shared accounts. For business use, bind each device to an approved operating point and branch, then monitor unusual context changes.

Lost phone

  1. Use a secure device to access account recovery.
  2. Revoke sessions and trust for the lost device.
  3. Review activity since the last time you controlled it.
  4. Report unknown transactions without trying to reverse them through a manual transfer.
  5. Change the sign-in method when exposure is possible.

Unfamiliar device

Treat it as a potential incident: revoke the session, change credentials, review memberships and permissions, then escalate with time, device type, and available safe reference.

Review Account security and verification and Support escalation.