Authenticator Applications for MFA rollout
- Christopher
Converge is in the process of rolling out Multi Factor Authentication for all Consultants and Associates when accessing Converge internal Apps like Phoenix, UCM and the Clinical Governance Portal. These changes ensure Customer data is protected via Multi factor Authentication.
Multi Factor Authentication (MFA) for Associates and Consultants means when you login, you’ll need to enter a verification code which is displayed via an Authenticator App on your own smartphone. You are permitted to use any Authenticator application of your own preference - as you may already use an Authenticator for other uses - or you can use our preferred Authenticator App; Okta Verify.
Okta Verify (Converge preferred)
Okta Verify is an authenticator app which is preferred by Converge. Converge MFA is managed by the Okta Platform and using this authenticator app provides the most seamless experience for Consultants when using on a day-to-day basis.
With Okta Verify:
Converge can validate when it’s been setup correctly on your smartphone and can remotely revoke access (if you lose access to that device)
You can install Okta Verify App on multiple smartphones or tablets, and they can all display the verification code.
You can install Okta Verify App on your Desktop or Laptop computer (most PC’s and all Macs running the latest Operating System)
You can have Okta verify provide push notifications - this means when you access the MFA portal to sign in, a notification will appear on your phone to accept or deny the access request - instead of entering a code.
Third party Authenticators
As mentioned, you can choose to use your own preferred authenticator app - you may already use one for other purposes, and if you choose a third party authenticator app you already use, you can simply add the Converge MFA service to it.
Some third party authenticator apps:
Google Verify
Microsoft Authenticator
OTP Auth
Apple Passkeys (iOS 18 and newer only)
With third party authenticator apps:
You’ll open the authenticator app to get the verification code
Some authenticator apps are available on desktop PC’s and Laptop (PC and Mac)
Some authenticator apps are built into your web-browser and will fill the code automatically
You can add the Converge MFA service to a third party app you already use
Remember, with third party authenticators:
Converge cannot assist you with troubleshooting or maintenance or support with these third party apps
Converge can’t see the status of the setup and won't be able to assist if there’s an issue (other than assisting you with using Okta Verify as an alternative
Mobile (SMS) delivery
If approved and enabled, you will be presented with a Mobile option to receive the code by SMS to a single nominated mobile number.
With Mobile (SMS) delivery:
This option is only available if enabled by Converge and only if approved. If you don’t see this option you’ll need to select one of the other methods (Okta Verify App or a third party authenticator app)
The code is delivered to your nominated mobile number
Mobile (SMS) delivery of verification codes can be setup in addition to an Authenticator App, as a back up option
Remember, with Mobile (SMS) delivery:
Only one mobile number can be nominated
If you don’t have good mobile coverage or if there’s a mobile outage in your area, you won’t be able to access any Converge service until you can receive the code, unless you have also setup an Authenticator App.
This option is not allowed for Clincial Practices that have more than one person accessing a nominee’s account (such as a Practice Admin and the nominee)
Important:
Mobile (SMS) delivery option should always be selected as a secondary option - if you loose access to your mobile or if you are out of coverage, Converge will need to manually verify your identity before allowing you to regain access.
You won’t be compensated by Converge if you miss end of month appointment completion timelines if you’ve only selected Mobile as the option for receiving verification codes and have an issue with receiving codes outside of Converges' control (such as a mobile outage or device issue)
Setup Okta Verify
When clicking the activation code in your Converge MFA email, after creating a password, you’ll be asked to select an Authenticator Application.
You’ll be able to select “Google Authenticator” (which means any third party authenticator) or “Okta Verify”.
After selecting Okta verify, you then will be asked to open the Okta Verify App on your smartphone and scan the QR code.
View the detailed guide here:
Setup your MFA login (Associates)
Setup your MFA account (Employees)
Setup a third party authenticator app
When clicking the activation code in your Converge MFA email, after creating a password, you’ll be asked to select an Authenticator Application.
You’ll be able to select “Google Authenticator” (which means any third party authenticator) or “Okta Verify”.
After selecting Google Authenticator, you then will be asked to open your third party authenticator to scan the QR code presented on your computer display.
You’ll then be asked to enter the verification code on your smartphone third party app on your computer screen to confirm the setup was successful.
View the detailed guide here:
Setup your MFA login (Associates)
Setup your MFA account (Employees)
FAQ
Why can’t I choose to receive the code by email as before?
Converge has updated our Polices to require codes be delivered via an authenticator app on your smartphone or computer. Once setup, an Internet connection is not required to view the code in the app - it will work offline. Email authentication has a higher risk profile and this has been deemed an unacceptable risk by Converge.
If you don’t have access to a smartphone, you’ll need to get approval from a Clinical Manager or Converge authorised person. There are some ongoing requirements on your side that you’ll need to adhere to, including auditing your access.
All new onboarded Consultants and Associates are required to have access to a Computer and Smartphone to complete work for Converge, with no exceptions to this policy.
Can I access the verification code without an internet connection?
Okta Verify and most third-party authenticators allow access to receive the code without an internet connection. This will be suitable for those with low internet connections and working in remote or rural locations for on-site work. An internet connection will be required during initial setup and as standard procedure, access the internet will be required at some point during your week to access our internal apps to complete services in the portal.
Can I setup multi factor authentication on more than one device?
You can setup MFA on up to two different authenticator services (e.g. Okta Verify and Google Authenticator). Each of these authenticator services allows you to have multiple devices accessing your authentication service from that provider - so yes, you can have multiple devices setup to receive codes.
Can I setup multi factor authentication on my desktop computer or laptop?
If your selected authenticator has an accompanying app for computer devices (like Windows PC, Laptop, Mac, etc.), you can setup MFA on those devices too. You usually will be required to setup MFA on a smartphone first, before enabling on a different device.
What if I lose access to my smartphone?
If you lose access to your smartphone or replace your smartphone before transferring MFA from your old device to a new one, contact Converge User Support via convergeinternational.com.au/mfa - raise a ticket or book a call back and we’ll need to verify your information, then we can assist you with resetting your MFA.