Platform
Platform
Drop-In Authentication
Passkeys
Phishing-resistant, FIDO2/WebAuthn
Biometric authentication
Face and device-native biometrics
WhatsApp OTP
Global reach, lower cost than SMS
Email OTP
Universal second factor
App push authentication
Native device push notifications
Palm biometrics
Contactless identity verification
All authentication methods
KEY FEATURES
No-code rules engine
Step-up auth, risk policies, alerts
User observability
Audit trails, dynamic linking
Risk-based authentication
Adaptive MFA by context
Session management
Persistent sessions across channels
Digital credentials API
Verify sovereign digital IDs
Pre-built UI
Fastest deployment path
Passkeys
Deploy phishing-resistant passkeys across web and mobile in days
Solutions
Solutions
USE CASE
Account Takeover Prevention
Stop ATO without adding friction
Go Passwordless
Replace passwords with passkeys
Account Recovery
Secure self-service recovery flows
Call Centre Authentication
Verify callers without KBA
SMS Cost Optimisation
Cut OTP costs up to 90%
Existing Apps (Drop-In)
Add auth without re-architecting
Palm biometric payments
Contactless in-store payments
INDUSTRY
Financial Services & Banking
Secure high-value transactions
Healthcare
Authentication for ePHI access
Loyalty Programs
Protect points and member accounts
ROLE
Engineering
Fast integration, flexible SDKs
Product
No-code flows, conversion insights
Cybersecurity
Risk policies, compliance, audit trails
PricingCustomers
Resources
Resources
LEARN
Blog
Guides
Regulatory
Templates
Docs
COMPANY
About Us
Why Authsignal
Partners
Careers
Security
Contact
INTEGRATIONS
Amazon Cognito
Auth0
Azure AD B2C
Custom identity provider
Duende IdentityServer
All integrations
Docs
Start a trial
Book a callLogin
AUS Flag

Authsignal secures millions of passkey transactions out of our hosted Sydney region.

AUS Flag

Authsignal secures millions of passkey transactions out of our hosted Sydney region.

Join us today!
Right icon
Blog
/
Current article
Compliance
Financial services
Multi-factor authentication
The Essential Eight
FSC

What does "FSC Standard No. 29" mean for Australian Superannuation Funds? - Protecting customers through Multi-factor Authentication (MFA).

Ben Rolfe
⬤
May 14, 2025
Share
What does "FSC Standard No. 29" mean for Australian Superannuation Funds? - Protecting customers through Multi-factor Authentication.

Australia's Financial Services Council (FSC) has taken a significant step towards protecting consumers from financial harm by releasing FSC Standard No. 29: Fraud and Scam Mitigation Measures for Superannuation Funds. This standard sets clear expectations for superannuation funds to adopt robust measures to mitigate fraud and scams, emphasizing the importance of multifactor authentication (MFA) in securing high-risk transactions.

What is FSC Standard No. 29?

FSC Standard No. 29 outlines comprehensive measures for superannuation funds to protect their customers from scams and fraudulent activities. The standard, effective from July 1, 2024, on a voluntary basis and mandatory from July 1, 2026, covers the following key areas:

  • Creation of Mitigation Policies: Superannuation funds must establish and implement policies specifically targeting the prevention, detection, and resolution of fraud and scam incidents.
  • High-Risk Transactions: Special attention is given to high-risk transactions requiring robust authentication processes.
  • Customer Communication: Funds must ensure transparent communication with customers about their fraud and scam mitigation measures and the importance of these protections.

The Role of Multifactor Authentication (MFA)

Multifactor authentication is a cornerstone of FSC Standard No. 29, particularly for high-risk transactions. MFA requires at least two of the following factors to verify identity:

  • Something known: A password or PIN.
  • Something possessed: A hardware or software token or an SMS code.
  • Something inherent: A biometric identifier, such as a fingerprint or facial recognition.
The definition of Multifactor Authentication (MFA)

MFA significantly enhances security by ensuring that only legitimate users can access accounts or authorize transactions, even if some data has been compromised. To prevent unauthorized access and fraudulent activity, MFA is essential for high-risk transactions, such as changes to key contact details or bank account information.

FSC Standard No. 29

‍

‍

How Authsignal Can Help

Authsignal is a drop-in identity and authentication platform that enables enterprises, including superannuation funds, to integrate advanced security measures like MFA seamlessly. Here's how Authsignal can help superannuation funds comply with FSC Standard No. 29:

  1. Rapid Integration: Authsignal's solution can be integrated quickly into any existing identity stack via a single API or OpenID Connect (OIDC), allowing superannuation funds to implement MFA without extensive development work.
  2. Flexible and Risk-Based Authentication: Authsignal provides a flexible MFA service that adapts to various risk levels, ensuring that superannuation funds can apply appropriate security measures based on transaction risk.
  3. No-Code Rules Engine: Authsignal's powerful no-code rules and policy engine allows fraud and product teams to swiftly deploy and manage fraud mitigation policies, reducing the time and effort required to maintain compliance with FSC Standard No. 29.
  4. Comprehensive Customer Journey Observability: Authsignal offers complete visibility of customer actions through detailed audit trail reporting dashboards for effectively monitoring and responding to potential fraud and scam events.
  5. Diverse Multifactor Authentication support: Authsignal supports a wide range of use cases by offering SMS OTP, Whatsapp OTP, passkeys, passwordless authentication, biometric authentication, and more. This provides superannuation funds with various options to secure their customers' accounts.
  6. Enhanced Customer Experience: Authsignal's MFA solutions are created to minimize customer friction, enhance customer experience, and elevate high-security standards, thereby boosting overall customer satisfaction and trust.

Built to integrate with any identity stack through a single API or OpenID Connect (OIDC). Our system works with various identity platforms/stacks, including AWS Cognito, Auth0, Azure B2C, Duende IdentityServer, ForgeRock, etc.

Integrate Authsignal into any stack

‍

Read More: What is Passwordless Authentication? 

Also read: Essential Eight Updates: The rise of phishing-resistant MFA

Moving Forward with Confidence

With scammers becoming increasingly sophisticated, the superannuation industry must stay ahead of the curve in fraud prevention. FSC Standard No. 29 provides a robust framework for superannuation funds to protect their customers' retirement savings, and Authsignal offers the tools needed to meet these stringent requirements effectively.

By integrating Authsignal's authentication solutions help, superannuation funds can ensure they comply with FSC Standard No. 29 and provide their customers with the highest level of security and frictionless user experience. Implementing these measures early demonstrates a commitment to safeguarding customers' financial futures.

Question icon
Have a question?
Talk to an expert
NewsletterDemo PasskeysView docs
Compliance
Financial services
Multi-factor authentication
The Essential Eight
FSC

You might also like

The passkey UX patterns that drive adoption in 2026
Passkeys
Passkeys implementation

The passkey UX patterns that drive adoption in 2026

July 2, 2026
What is silent network authentication, and how does it work?
Silent Network Authentication
SNA

What is silent network authentication, and how does it work?

June 26, 2026
HIPAA MFA requirements and what to do before the final rule lands
Passkeys
Step up authentication
Adaptive MFA
SMS Alternative

HIPAA MFA requirements and what to do before the final rule lands

July 4, 2026

Secure your customers’ accounts today with Authsignal

Passkey demoCreate free account
Authsignal Purple Logo

Authsignal is a drop-in authentication and orchestration layer for consumer-facing businesses. Passkeys, adaptive MFA, and omnichannel verification on top of your existing identity stack. Deployed in weeks, not quarters.

AICPA SOCFido Certified
LinkedInTwitter
Platform
Drop-In Authentication
PasskeysBiometric authenticationWhatsApp OTPEmail OTPApp push authenticationPalm biometricsSMS OTPEmail OTPMagic LinksAuthenticator apps (TOTP)
View all auth methods
KEY FEATURES
No-code rules engineUser observabilityRisk-based authenticationSession managementDigital credentials APIPre-built UI
All authentication methods
Pricing
Customers
Solutions
USE CASE
Account takeovers (ATO)
Go passwordless
Call center
SMS cost optimization
Existing apps
Palm biometric payments
View all use cases
industry
Financial services
Healthcare
Marketplace
View all use cases
ROLE
Engineering
ProductCybersecurityDocs
Compare
Twilio Verify vs AuthsignalAuth0 vs AuthsignalAWS Cognito vs Authsignal + AWS Cognito
Resources
LEARN
BlogGuidesRegulatoryTemplatesDocs
COMPANY
About usWhy AuthsignalPartnersCareersSecurityContact
Integrations
Amazon Cognito
Azure AD B2C
Duende IdentityServer
Keycloak
Auth0
NextAuth.js
Custom identity provider
All integrations
United States
+1 214 974-4877
Ireland
+353 12 676529
Australia
+61 387 715 810
New Zealand
+64 275 491 983
© 2026 Authsignal - All Rights Reserved
Terms of servicePrivacy policySecuritySystem statusCookies