Working around BNZ MFA issues for Yodlee bank feeds

Yodlee bank feeds have dropped support for Bank of New Zealand's NetGuard image as a form of multi-factor authentication. Prior to this, the image was being sent to PocketSmith without the required coordinates within the image, meaning users were unable to see the required coordinates from the NetGuard card when syncing their connection.
This article discusses two ways to work around the problem: 1. using the mobile app for authentication instead of NetGuard, and 2. disabling NetGuard for login requests, while leaving it in place for other actions.

In this user guide

Workaround 1: authenticate with the BNZ Mobile app

Our recommendation is to authorise Yodlee’s bank feed access via your BNZ mobile app instead of using NetGuard. This is done by first ensuring that your BNZ account is in "BNZ mobile authentication" mode, and not "NetGuard co-ordinate" mode, you can do this by selecting the authentication type when you sign in to your BNZ online banking. You can then turn off automatic syncing at PocketSmith, so that you don't get authentication requests when we perform syncing in the background for your BNZ connections.

The steps for using the mobile app for authentication are listed below:


Click here to sign into BNZ online banking


During the sign-in process, use the link on the bottom left to change to Authenticate with the BNZ Mobile app instead


This will then show the below screen, complete the authentication via the mobile app and log into the app


At this stage, your BNZ account will be "mobile authentication" mode. The intention is to keep it in this mode, so that when you sign into PocketSmith and trigger a bank feed sync, Yodlee starting the sync process will trigger an authentication request to your phone.
If you confirm authentication via the mobile app within 20 seconds or so, Yodlee will be able to continue the sync without NetGuard input. If access isn't confirmed within 20 seconds, NetGuard will be switched back to in the above flow automatically, and the NetGuard coordinates will be sent to PocketSmith for you to complete.
So in order to ensure that your BNZ feed only syncs while you're present with the application with your mobile phone, you'll need to:
Turn off automatic sync for your BNZ feed in PocketSmith. Head to the Connection options page for your BNZ feed ( Manage > Bank Feeds > three-dot menu for your BNZ connection > Connection options, and then untick the Automatic sync checkbox.
This ensures that the background processes for syncing won't trigger automatically when you're not in front of your computer, which might cause the BNZ connection to fall back to NetGuard authentication mode. Full instructions for this can be found here.
The last step is to  have your phone handy when you log into PocketSmith and  trigger a sync in the future. 


If you miss the authentication request via your BNZ Mobile app, you'll need to sign back into BNZ to switch back to Authenticate with the BNZ Mobile app again, as per Step 2.

Workaround 2: temporarily turn off NetGuard for logins

If you'd prefer to not authenticate with the BNZ Mobile app, another option is to disable NetGuard for sign-ins within BNZ online banking, while still retaining the extra layer of security for all other actions initiated. This means that your NetGuard will still be required for all actions within the BNZ website (such as making new payments etc), but won't be required when you sign in.

Please consider this option carefully as it does alter the level of security around your bank accounts. For added security of your bank feed, we recommend the option of authentication via your BNZ Mobile app, while BNZ are actively blocking Akahu’s access to your data, and Yodlee aren’t able to reliably provide the NetGuard image.

The steps for removing two-factor authentication at login are listed below:
Click here to sign in to BNZ online banking
Once logged in, navigate to Menu on the top left and Settings at the bottom of the page

Under the Security section, click the At login text next to Two-step authentication, to change your two-step options

Perform the additional security action required to change these settings by following the on-screen instructions

Switch the radio button that appears from "at login" to " for particular actions" and click Update


Once the popup is closed, verify that For particular actions is displayed in the security section

Then, head back to PocketSmith and click Try again on your BNZ connection to attempt another sync. This should proceed without asking you for any NetGuard coordinates.

Still need help? Contact Us Contact Us