Introduction

Zivver tries to ensure that all the recipients of Zivver messages go through a two-factor authentication (2FA) process before they access their Zivver messages. The sender must share this second authentication factor with the recipient. The form of this second factor is a numeric code or other secret string. The supported methods of recipient authentication are as follows:

Verification completed

Existing Zivver account

One method is available for secure messages to existing Zivver users:

• Zivver account - If the recipient has a Zivver account, this method is automatically chosen, because all the Zivver accounts are protected with 2FA already. The recipient can read the message immediately.

Verification level 3

Verification by SMS

An access code is sent via SMS when the recipient requests it. Available methods are:

• SMS to new number - Choose this method if you know the mobile phone number of the recipient but the recipient doesn’t have a Zivver account. The recipient will receive a numeric code via SMS and must fill it in a form to open the message. Unlike with most other authentication methods used by Zivver, the sender does not need to choose a code - it is chosen automatically by Zivver in a secure manner.
• SMS to phonenumber - Choose this method if you want Zivver to send a new code via SMS to a recipient’s phone number that is already known. The recipient will receive a numeric code via SMS and must fill it in a form to open the message. Unlike with some other authentication methods used by Zivver, the sender does not need to choose a code - it is chosen automatically by Zivver in a secure manner.

Read more on how to open a Zivver message when you have received an access code via SMS.

Verification level 2

Verification by access code

The sender shares with the recipient (by telephone or other means) a code which can be used to open Zivver messages. The code should not e-mailed, as this would severely degrade the security of the message. Available methods are:

• Set up organization access code - Choose this method if you wish to have one access code usable by all senders within your organization when communicating with a specific recipient. When the recipient receives the Zivver message, they must enter that code. Thus, make sure that you communicate that code to the recipients before you send Zivver messages.
• Organization access code code - Choose this method if you want your recipients to be able to use an existing access code that your organization set up for them. When the receiver receives the Zivver message, they must enter that code.
• Access code - Choose this method if you do not have the mobile phone number of the recipient. But you can contact the recipient in a way different from e-mail. Choose a code, enter the code, and communicate it to the recipient by a method different from email. When the recipient receives the Zivver message, they must enter the code.
• Access code code - Choose this method if you want the recipient to be able to use an access code that you sent to them by other means. When the recipient receives the Zivver message, they must enter the code.

Read more about how to open a Zivver message when you received an access code.

Verification level 1

Verification by email

Use this method only if none of the other methods is practicable:

• Verification email - Choose this option only if you cannot use a different options. Zivver sends an access code by email. The recipient can open their Zivver message with the access code that they receive in the verification e-mail. The code is valid for one time use. However, the recipient can request a second verification email that contains a new code. Then, they can open their message again. This is the least secure method.

• Automatically fall back to verification email - Choose this option to automatically choose a verification email when no mobile phone number or access code is known. If a mobile phone number or an access code is known, they are automatically selected in the order: first mobile phone number, then the access code. Senders can always deviate from the automatically selected verification email and use another available authentication method for the recipient.

Read more about how to open a Zivver message when you received a verification e-mail.