Authentication Policy

This policy is the Authentication Policy referred to in the UK Participation Agreement between Digital Completion UK Limited and (as applicable) the Participant or the Customer (Participation Agreement).

Terms which are defined in the Participation Agreement have the same meaning when used in this Authentication Policy.

The Participant or Customer (as applicable) must ensure that:

  1. User passwords contain a minimum of eight (8) characters and satisfy at least three of the following:
    1. the password includes at least one (1) uppercase letter;
    2. the password includes at least one (1) lowercase letter;
    3. the password includes at least one (1) number (0-9); and
    4. the password includes at least one (1) special character;
  2. Users cannot use a previously used password when setting a new password;
  3. Users are locked out after multiple consecutive incorrect login attempts;
  4. the unlock process is secure and involves User verification;
  5. the password reset process is secure;
  6. password expiry periods are enforced;
  7. there is a system idle lockout duration in place;
  8. Multi-factor authentication is required for application access;
  9. Users require an organisational VPN for application access; and
  10. Users who have left the organisation are deactivated from the organisation’s network in a timely manner.

PEXA is the trading name of Digital Completion UK Limited.
Registered Office: 5th Floor, West One, 114 Wellington Street, Leeds, LS1 1BA.
Registered in England and Wales. Company No. 12830944.
VAT Registration Number: GB 455 8225 75

Our website uses cookies to make your browsing experience better. By using our site you agree to our use of cookies. Learn more.