お知らせ

As of November 2nd, all store owners using Shopify Payments will be required to enable two-step verification on their accounts. This is to increase the security of your account and prevent fraudsters from taking over your account, leading to payment theft.

If you haven't enabled two-factor authentication yet, you'll see a yellow banner on the home page of your Shopify admin, asking you to complete two-factor authentication setup. Store owners will also receive emails from us about setting up two-factor authentication.

Two-factor authentication (2SA), also known as multi-factor authentication, makes it much more difficult for unauthorized people to access your account. Users must enter their account credentials (email and password) and then authenticate their login attempt using a mobile device or security key.

Since account breaches are most often caused by lost or stolen account information, data shows that enabling two-factor authentication prevents 99.9% of account breaches. Enabling this extra layer of security reduces the chances of your account being compromised and your payments being redirected to a rogue bank account.

If you believe your account has been compromised or would like to take precautions to prevent account compromise, you can take the following steps:

1. Update or reset your password to something you have never used before.
2. Enable two-factor authentication. App-based biometric authentication is stronger than SMS authentication where messages can be intercepted or redirected through communication networks.
3. Update your password and enable two-step verification on your email account as well.
4. Please check your banking details and update if necessary. Since updating your banking information requires you to enter your current banking details, if your banking information is updated unexpectedly, you can assume that your original banking details have been compromised. increase. In this case, please contact your bank regarding the protection of your bank account information.
5. Check your general account settings to make sure all the information is correct.
6. Scan your device for any potential malware that may have been added.
7. If you do not know the sender of the email, do not click on links or download attachments from the email. If you don't know that the email came from Shopify, contact the Shopify support team and refer to the Protecting your account from phishing page in the Shopify Help Center for what to do.

You can also use the website haveibeenpwned.com to see if your email address or phone number has been detected in a data breach.

For more information about two-step verification and how to set it up, see the Shopify Help Center's Securing your account with two-step verification page.