Coastal Federal Credit Union implementing MFA for aggregators


Quicken, FYI, 02/2024

2.2.2024 | Member Tips

Account aggregator services are an
easy way for consumers to connect all of their various financial
relationships. If you are using a non-Coastal app or website to interact
with your Coastal account or view balances, an aggregator is working in
the background to connect your Coastal account to that site or
application. As a convenience to our members, we have not been requiring
multifactor authentication (MFA) for aggregators, which go through an
initial validation process, and often automatically log in daily to
update account data.

However, because of the recent uptick in fraudulent transactions
using stolen credentials within these aggregator services, Coastal is
increasing MFA for aggregators. This affects anyone using services like
Quicken, Mint, TurboTax, PayPal, etc., as well as other credit unions or
banks that might connect to your Coastal account.

The next time you connect to Coastal via a service that uses an
aggregator, you will be asked to complete a security challenge in order
to proceed. You’re already familiar with this process, which may include
authentication via one-time confirmation code, knowledge-based identity
challenge questions or user-defined challenge questions that you’ve
previously set up.

For additional security, Coastal recommends that you:

  • Don’t reuse usernames and passwords on multiple websites.
  • Remember that Coastal will never contact you and ask for your
    username, password, PIN, CVV security code, or full Social Security
    Number. Read more. 

While this may require a small amount of effort on your part, it will
go a long way to helping Coastal protect you and our other members from
fraud. Thank you for doing your part!


Digital BankingFraudSecurit


  • Quicken Jasmine

    Hello @Ben Antanaitis,

    Thank you for coming to share this information with other Quicken users!

    -Quicken Jasmine

    Make sure to sign up for the email digest to see a round-up of your top posts.

  • Ben Antanaitis
    Ben Antanaitis Unconfirmed ✭✭

    No problem……. ' forewarned is forearmed'

  • rjlawlerjr
    rjlawlerjr Member ✭✭

    I want to correct the post above. Its not "The next time you connect to Coastal via a service that uses an aggregator…", it's more like "Every time you connect to Coastal via a service that uses an aggregator….

    I've contacted CFCU support and was told, yes that is the new expected behavior. I even asked Coastal to change their documentation to say "every time" now, as the next time is very misleading. Apparently, they don't believe so as it hasn't changed (yet?).

    Please correct me if I am wrong, but gone are the days of overnight (unattended) Quicken downloads at CFCU.

  • astro14c
    astro14c Member ✭✭
    edited March 14

    After CFCU implemented the MFA for 3rd party access, I was able to request/submit a one-time code to download my transactions. Within the last week, it seemed to download without prompting for a code (at least a few times). Today, Quicken (Mac version) does not prompt me for a code, but also does not connect to CFCU.

    I received the following Quicken message: "You are using a multi-factor security process at Coastal Federal Credit Union that prevents Quicken from connecting. For example a token or one-time code. You would need to change this bank security setting to connect. (FDP-192)"

    Is this a Quicken change to not prompt? Or did CFCU modify something with MFA? Thanks for suggestions.

    Update now seems to be working - I was prompted for a code and Quicken downloaded CFCU accounts.

  • Bob Gabor
    Bob Gabor Member ✭✭

    I'm having the same problem, starting last night.

  • davidff
    davidff Member ✭✭

    My experience has been the same as @astro14c - last fall couldn't connect, then could connect in Dec, in Feb started getting MFA texts to access accounts that worked fine. Then late last week no MFA texts. Updated Quicken and now no MFA prompt but getting error for unknown MFA.

    Quicken for Mac - Version 7.6.1 (Build 706.52627.100)

  • rjlawlerjr
    rjlawlerjr Member ✭✭

    Some experience for me. Quicken had been communicating for a while after new behavior to supply a one time pass code. Which meant I could not schedule my updates, but at least things were working again.

    Then for the past few days, that requirement was gone and a one time pass code was not necessary, but I was still relying on manual updates.

    Today, manual updates won't work. The error says "Quicken is unable to update you account because Coastal Federal Credit Union is using an unsupported authentication method".

    I'm using Quicken Deluxe vR54.16, Build (Win 10).

    Very frustrating….

  • davidff
    davidff Member ✭✭

    I contacted Coastal Federal Credit Union- they stated they were having issues with their connections from Quicken - they have since solved the issue and now the connection works seamlessly for me once again

  • rjlawlerjr
    rjlawlerjr Member ✭✭

    Agreed. Something happened over night (3/14/2024) and Quicken can connect to CFCU again. No 'unsupported authentication method' errors and no one-time passcode required.

This discussion has been closed.