Hello @Harlequins,

As an alternative to 2-step verification to a cell phone, you can add an Authentication app such as Authy, Google Authenticator or Microsoft Authenticator. In your particular case where you don’t want your staff using their cell phones, I would recommend downloading the Authy app for Mac / PC or iPad. The initial setup for the Authy app on a computer or tablet will involve a phone number (cell phone or landline) but using it to generate 2FA codes for logging in will not require phone access.

Follow these steps to Enable an Authentication app as your Square account’s 2FA method. Once you do, you will no longer be prompted to add your phone number as a 2FA method.

Although not available yet, we are working on 2-step verification delivered via an automated voice call. Look out for product updates as we can then deliver these codes to your business’s landline phone number.

Hi @Ellen70,

Is this related to a Square Card? If so, please send me a private message.

If it’s related to a different card, I would recommend contacting the card issuer directly (usually a bank or AmEx, for example). Since you don’t have the card anymore, you can try the issuer’s official website and look for their support center phone number.

Hi @Brad9, we took a look at your payment declines YTD and almost 80% of them were due to either human error (buyer put in the wrong card info and bank declined it) or manually voided. Do you have any set up on your end that voids payments? You can respond to me by private message if you want to take the conversation off of this public forum.

Same thing is happening to me. I’m hoping it resolves and my funds become available again before the first of the month so I can pay my rent! 

Hi @brown17, thanks for bringing this to our attention.

You can forward these spoof emails to spoof@squareup.com to report the incident. Do not include any other information in the email you forward. The appropriate team will investigate and take action if needed.

Sorry to hear that due to the suspicious activity review, you were unable to use your card over the holiday weekend. We are continuously making improvements to the way we block fraudulent login attempts, detect account takeover fraud and lock the bad actors out of our sellers’ accounts. We are also investing in an enhanced self-service recovery experience so that sellers can unlock their own accounts on their own time, without having to call Square support.

Hi @alesya and @Thebarndoor (who had a similar question), if you suspect that your card was used by somebody else, please contact us via phone at your earliest convenience to proceed with the account review.

We will work with you to do what it takes to keep your account and funds safe and issue a new card quickly. We are also working on an enhanced self-service recovery experience so that sellers can unlock their own accounts on their own time, without having to call Square support.

Hi @Marjirawson,

We’re sorry to hear that you had this negative experience. Now we can’t go into specifics about your case on this public forum, but feel free to send me a private message and we can schedule time for a call.

As you mentioned, 2-step verification is a highly recommended defense against account takeover fraud. While 2-step verification to a mobile phone number is the easiest method, we recommend downloading and using an Authentication app as the stronger method.

We also recommend setting a long, unique password for Square (and all your online accounts). This way, if another website has a data breach and your email address and password are leaked, the bad actors would not be able to use that password to get into your Square account. Password managers make it easy to generate long, unique passwords for all of your online accounts and store them for easy retrieval later. Learn more about password best practices here.

We are continuously making improvements to the way we block fraudulent login attempts, detect account takeover fraud and lock the bad actors out of our sellers’ accounts. We are also investing in an enhanced self-service recovery experience so that sellers can unlock their own accounts on their own time, without having to call Square support.

i would like to talk to you about these options to better secure my account. I am not the most technically savvy person, so i would be really grateful if we could discuss and implement over the phone. How can this be accomplished ?

Thank you! 

Marji Rawson 

Hi @Headphonz, I was able to find your Weebly site on Google and access it today. Were you able to resolve the problem since then?

Hi @ajeyakum, great question!

Square is dedicated to working with sellers to ensure that your ecommerce sales are protected from buyer fraud. There are three forms of protection available for Square sellers:

1. Our Account Services Team: We want to prevent you from dealing with a payment dispute, so we periodically review your transactions to help protect you from fraud. If we determine a transaction(s) on your account is likely to be the work of scammers, we’ll alert you via email. Once you receive an alert via email, we ask that you refund/not process the order(s) being investigated and decline further payments from the customer in question until you hear back from us. In the meantime, we’ll look into the details of your transaction(s) and compare them with other known fraud patterns we’ve identified.This review process is typically completed within 1 business day. We’ll send a second email to let you know the outcome of the review, or if we need any additional information from you.
   
   
2. Machine Learning Systems: To keep your account safe, Square uses machine learning to look at payments from across our ecosystem and adjust our algorithms to account for new trends in fraud. Live transaction monitoring and human expertise work hand-in-hand to adapt our technology to the shifting fraud landscape every day. Our team of fraud experts contact you if we notice anything unusual.
   
   
3. Risk Manager: Square understands ecommerce sellers want other ways to manage their risk profile. Square’s Risk Manager feature is a tool that helps you spot and manage potential fraud from online payments processed with Square. You can create rules in Square Dashboard to trigger your own fraud alerts or to automatically decline suspicious payments. When you set up risk alerts, you can view additional details about suspicious payments, as well as options to issue a refund, block the payment card, or dismiss the alert. Risk Manager also gives sellers the option to implement rules that trigger 3D Secure on qualifying purchases.