24/7 Support: 800.608.6482

How To Guides

Try our new AI assistant by clicking the chat icon in the lower right corner.

How To Guides

Browser Verification

1. Overview

2. Browser Verification Process

3. Verification Email

4. API Users

5. Phased Roll-Out

Overview

Browser verification is a new security feature available in Miva 9.10. It adds an additional layer of protection to prevent someone logging into your Miva administrative interface with stolen login credentials. Across the industry, online fraud and credit card theft continues to rise. Attacks to steal login credentials include phishing, malware and malicious activity. Browser verification add an important layer of protection preventing someone who is not you from using your credentials to log in to your Miva admin.

Each time you login to the Miva admin via a new device or browser you’ll be required to enter in a verification code which is emailed to the email associated with your user.

Once entered, a cookie will be set on that browser which by default last 1 year. You’ll be required to do this process for each browser you use to login to Miva with (Chrome, FireFox, etc). For example if you used your home computer to login into Miva to check orders, the very first time you login you’ll need to verify your browser by entering in the authentication code which is emailed to you.

This process also has the benefit of notifying you if someone is trying to use your login credentials as you’re receive an email notifying of their IP address. If this login attempt was not made by you, you’ll then want to change you admin password as someone other then you is attempting to use your credentials to login to the Miva admin.

Browser Verification Process

“Browser

  1. Login to Miva
  2. Check Email for 6 Digit Verification Code

    3. “Verification

  3. Enter Code

    4. “Verification

Verification Email

The browser verification email will be sent to the email address associated with each admin user. The email address is a new required field (as of 9.10) for each user. It's important that each admin user setup in your Miva store have the correct email address. If a user does not have an email address, the verification code will be sent to the domain email address under Domain Settings as a fallback.

The Verification email contains 3 important pieces of information in addition to the verification code:

  1. Domain Name - This tells you which store or domain the login is being made on
  2. IP Address - This is the individual IP address who is attempting to login. If this is not your IP address you should reset your password.
  3. User Agent - The user agent is unique to each browser and helps you identify the browser the login attempt is being made on. A list of common User Agents can be found here.

API Users

If you are using a Miva username and password to push and pull data via any sort of integration including, Dynamic Order Export, Stone Edge, Shipstation, Shipworks, etc you will not be able to use Browser Verification for those individual users. Please contact Email Support and we will provide instructions on how to configure those admin users to disable browser verification.

Phased Roll Out

Browser Verification is being rolled out in a couple phases. Miva 9.10 will introduce the new functionality to all stores however, it will only be enforced for new users created after 9.10 is installed. It will not automatically be activated for all existing users until a future update. This phased roll out gives Miva Store owners the ability to go through their current admin users, associate emails with each user and train employees on the upcoming changes.

Looking for Developer Docs?

We have a whole section for that, including: Developer Training Series, Template Language docs, Module Development tutorials and much, much more.

Head to the Developer Section

Copyright © 1997 – 2024 Miva®, Miva Merchant®, MivaPay®, MivaCon®, Camp Miva®, Miva Connect®, Miva, Inc. All Rights Reserved.