Here is the professional English version tailored for institutional clients, maintaining strict adherence to the operational flow and the platform's security logic:
Advanced Account Protection: Institutional Two-Factor Authentication (2FA) Setup Guide
Two-Factor Authentication (2FA) serves as the core line of defense protecting institutional assets from unauthorized access. For high-risk operations such as asset transfers, withdrawals, or password modifications, 2FA provides a critical second layer of security beyond your standard login credentials. The UMX platform supports a multi-layered combinations of Identity Authenticators (e.g., Google Authenticator), SMS Authentication, and Email Authentication (configurable via "User Center" "Security Center" "Verification Methods", as shown below).
Core 2FA (Authenticator App) Activation Flow
Among all 2FA methods, an Identity Authenticator (utilizing a Time-based One-Time Password or TOTP mechanism) offers the highest tier of security. The standard setup can be completed in four streamlined steps:
Locate the Entry Point: Log into your UMX institutional account, navigate to "User Center" "Security Center," and locate the "Identity Authenticator" section under "Verification Methods" (as shown above).
Download App & Backup Key: Click "Manage" (or Setup) on the right. Download Google Authenticator or a preferred secure authentication app onto your mobile device. You must securely back up the "16-digit Backup Key" displayed on the screen.
Link & Bind: Open your authenticator app, scan the provided QR Code, or manually input the 16-digit Backup Key to successfully link your UMX account to the app.
Dual Verification To Activate: On the web portal, enter your current account login password, the verification code sent to your email/phone, and the live 6-digit dynamic token generated by your authenticator app. Click confirm to enforce 2FA immediately.
⚠️ Institutional Risk Control Notice (Critical)
24-Hour Withdrawal Lock: To eliminate risks associated with session hijacking and malicious asset draining, any initial binding, unbinding, or resetting of 2FA configurations (including authenticator apps or phone numbers) will trigger an automated platform freeze. All withdrawal functions for the account will be suspended for 24 hours.
Backup Key Governance: The 16-digit Backup Key is the sole credential used to recover your 2FA access if a mobile device is lost or compromised. Institutional administrators must record this key offline in a secure, non-digital environment (e.g., a physical safe or an encrypted offline drive). Never take screenshots or save it on network-connected devices to avoid catastrophic unauthorized exposure.