Why we use two-step verification

Stronger security than just a password

We use the two-step verification method to help you protect your account. It means that if someone other than you was trying to access your account, they would need more than just your username and password.

It's easier for scammers to get access to passwords for online accounts than you think. The second step of verification means that even if someone gets access to your username and password, they still won't be able to access My Telstra.

One quick step stops scammers from targeting you

In 2021, Australians reported losing $211 million to scams involving identity theft, an 89% increase from 2020. Source: ACCC report .

If a scammer or unauthorised person gets access to your account, they can try to access your payment details or your phone number. Two-step verification can stop them in their tracks.

How two-step verification works

Step 1. You enter your password

Your Telstra ID username and your password are the first layer of security.

Step 2. You verify a second way

Either with something you have

(using biometrics or Telstra PIN on your mobile device)


something only you know

(One-time code)

Using two-step verification

You can use the below methods to protect your digital identity with Telstra. The two-step verification process provides you with a stronger and more secure way to sign in to the My Telstra app or via the web, as well as verifying your identity when interacting with us on the phone, via messaging and in store.

Wondering which method applies to you?

We recommend biometrics, but if you don’t have access to biometric technologies like Face or Fingerprint ID, you can log in to My Telstra via the app or via the web using a Telstra PIN or one-time code.

Biometrics (Face & Fingerprint ID)

Biometric authentication is commonly used in many industries to ensure that only you can access your account on your mobile device. Telstra does not store your biometric authentication information during this process, such as fingerprints or face images, we simply use your device features to add more security to your account.

On supported Android devices you can use Face or Fingerprint ID. On supported iOS devices (like iPhones and iPads) you can use Face ID or Touch ID.
You’ll be prompted to set up biometrics when you enable your Telstra PIN. If you opt out of biometrics, you can enable them later:

To enable Face and Fingerprint ID:

  1. Sign in to the My Telstra app
  2. Select Profile
  3. Select Security Settings
  4. Select Telstra PIN and Face/fingerprint ID
  5. Switch it 'on'.
  6. Switch the toggle for Face ID or Fingerprint ID to 'on'.

If you use a smartphone that does not support biometrics, or if you are using a web browser, you can log into your account using your Telstra PIN or a one-time code.

Telstra PIN

Another way to protect your identity is to enable your Telstra PIN. You can do this easily in the mobile app or via the web.

We'll never ask you to provide your PIN verbally to anyone, so if someone asks you to do that, hang up immediately.

To enable Telstra PIN:

  1. Sign in to the My Telstra app or via the web
  2. Select Profile
  3. Go to Security Settings
  4. Select Telstra PIN and Face/fingerprint ID
  5. Follow the prompts to set up your PIN.

If you’re using a mobile phone that is not a smartphone you can log into your account using a one-time code via your feature phone if it has a browser, or on your computer via the My Telstra website.

One-time code

When interacting with Telstra online, over the phone, via messaging or in-store, you may be asked to provide a one-time code to verify your identity. We'll send this to either your contact mobile number or email address that you have registered with us. We will never ask you to provide your Telstra PIN on a phone call, or via email, social media or messaging services.

To use this security feature, check your contact details with us are correct.

To check your contact details:

  1. Sign in to the My Telstra app
  2. Select Profile
  3. Select Personal Details

Verify my identity

An in-app challenge allows you to verify your identity, as well as assuring you that you are talking to an agent from Telstra instead of a scammer. It’s different from the regular sign in process.

1. Select the push notification

We send a push notification to your device from the My Telstra app.

2. Open the app

Tapping the notification will open the My Telstra app.

Verify your identity using your biometric (using Face or Fingerprint ID), or if you don't have biometrics enabled, we'll ask you to enter your Telstra PIN, then follow the prompts.

If you don’t have notifications enabled, you can:

  1. Open the My Telstra app and sign in using either your biometric or Telstra PIN
  2. Tap the person icon in the top right corner
  3. Tap on the panel that says 'Identity verification' to accept the verification request.

3. Accept the verification request

Tap YES when requested, to complete the verification request and confirm it's really you.

What to do if you suspect fraud

If you suspect fraudulent activity on your Telstra account you should:

  1. Let us know by reporting the scam

  2. Contact your bank

  3. Change your password