londonbridge
Established Member
- Joined
- 30 Jun 2010
- Messages
- 1,472
I’ve just received the following email from TFL. Fares advice seems the most appropriate place for this, haven’t checked the other forums so if it’s already been posted elsewhere then mods please move/delete as appropriate.
From 14:00 on Monday 15 May, Oyster and contactless services via the web and mobile app will be unavailable to make improvements to our service. This work is due to be completed by the morning of Tuesday 16 May. Check our website for any changes and updates.
Oyster and contactless customer services centres will also be unavailable during these works.
We advise that if you need to access your account to top up your Oyster card, ensure your contactless card is approved for travel, apply for a refund or view journey history, that you do this before Monday 15 May.
The improvements taking place are to launch Multi-Factor Authentication (MFA) to TfL Oyster and contactless accounts to help ensure that your account and personal details are kept safe.
Further information about the introduction of MFA can be found on our website.
Protecting your Oyster and contactless accounts
We've been working on an even more secure way to sign in to your Oyster and contactless accounts.
- Details of the change
- Getting ready for the change
- What you need to do
- Forgotten details/error
- From outside the UK and Europe
- Why we're using SMS authentication
To strengthen the existing security measures for your account, we're introducing multi-factor authentication (MFA) from Tuesday 16 May 2023. After that, we'll ask you to set up MFA by providing a mobile phone number the next time you sign in to or create an Oyster or contactless account.
While the upgrade is taking place you will not be able to access your Oyster or contactless account. It will start at 14:00 on Monday 15 May 2023 and run overnight.
Details of the change
If you do not have access to a mobile phone, we can still support you. Call us on 0343 222 1234 (TfL call charges) for any questions about Oyster and contactless.
MFA
- You will enter your username and password as before, but you will also need a one-time code to sign in to your account. This will be sent by SMS (text message) to a registered mobile phone
- MFA adds an extra layer of security to the sign-in process. It helps to confirm you are who you say you are when signing in to your TfL account, providing additional protection for your personal information
- You will need to have your registered mobile phone available every time you sign in to your account
TfL website
- As part of this update, we have redesigned parts of our website. Some screens will look a little different, including the personal details dashboard for Oyster and contactless accounts
Your mobile phone
- We need a mobile phone number to verify your identity and set up MFA on your account
- You will need this phone to receive text messages (SMS) from us every time you sign in to your Oyster or contactless account online or on the TfL Oyster and contactless app
- All SMS messages with the one-time code will show 'TfL' as the sender
- We will not use your mobile number for any purpose other than to text you codes so you can use your account (unless you have provided us with the same number when contacting us for another reason)
- You can use a non-UK mobile number to authenticate your account. When adding your mobile number select the appropriate country code from the drop-down list
Getting ready for the change
- Download the latest versions of the TfL Oyster and contactless app and web browsers on your devices
- Use a secure, strong password made up of different characters and numbers, ensuring it doesn't include any personal information
- Use separate passwords for your accounts
- Remember to sign out of your account, especially if using a shared or public device
What you need to do
Signing in to an existing account
- You'll be prompted to set up MFA the first time you sign in after the upgrade - we'll email you a one-time code to verify you own the account you're trying to sign in to
- When you next sign in, enter your email address and password as you do now - we'll then send a 6-digit code to your registered mobile phone
- You will need to enter the code texted to your registered mobile phone every time you sign in
- You may be asked to authenticate again when accessing personal information
Creating a new account
Make sure you sign in to or create your:
- To create a new account, you will enter an email address - the email address must have fewer than 100 characters
- You must have access to the email address to receive a one-time code for the initial set up
- Once you have entered the correct one-time code, you will be asked to provide your personal details including a mobile number to set up MFA
- When you first sign in to the account, we'll send a 6-digit code to your registered mobile phone. Enter the code in the sign in tool to confirm you are the account owner
- You will need to enter the code texted to your registered mobile phone every time you sign in
- You may be asked to authenticate again when accessing personal information
Update any saved bookmarks or favourites to ensure you're using the correct links to access your account.
- Oyster account on the Oyster cards page
- Contactless account on the Contactless and Oyster page
- Oyster or contactless account on the TfL Oyster and contactless app
Updating personal details
You'll be able to update your personal details, including the mobile number you registered for MFA:
- Personal details: select 'Personal details' in the menu on the right-hand side of the screen and then select the personal details to update. The personal details dashboard has been updated
- Registered mobile number: select 'change mobile number' when you sign in. You will need to verify your old mobile number to change to your new mobile number. Make sure you can receive text messages on your old number first. If you don't have access to your old mobile phone number, call us on 0343 222 1234
Forgotten details/error
Forgotten password
If you forget your password you can reset it as you do now:
- App: Click 'reset password' before signing in to change your password. Enter your email address so that the reset password instructions can be sent to you
- Website: Click 'forgot password' before signing in to change your password. Enter your email address so that the reset password instructions can be sent to you
Forgotten email address
Contact TfL Customer Services on 0343 222 1234 (TfL call charges)
- Contactless: 08:00-20:00 Monday to Friday (09:00-17:30 Saturday to Sunday)
- Oyster: 08:00-20:00 Monday to Sunday
Error messages
If you receive an error message and can't sign in, try closing your browser. If that doesn't work, try again later.
From outside the UK and Europe
Accessing Oyster and contactless services
Protecting our customers' data is paramount and we want to ensure personal accounts remain safe. As part of this ongoing work, Oyster and contactless online accounts can only be accessed within Europe.
Customers from outside Europe can continue to contact us for help. In London you will still be able to travel using an Oyster or contactless card, as well as top up the cards at a ticket machine or an Oyster Ticket Stop.
Receiving SMS when you are outside the UK
If you're trying to access your account from outside the UK you can still receive an SMS from us with a 6-digit one-time code, but the sender might not show as 'TfL'.
If you have any concerns, you can call us on +44 343 222 1234 (charges may apply - check with your operator).
Why we're using SMS authentication
- SMS multi-factor authentication adds an accessible and commonly used layer of security to protect our online services
- We continue to review our security to find the best balance between protection and usability
- We may consider additional authentication methods in the future
Last edited: