You should not voluntarily disclose any account password, one-time password(OTP), 2 Factor authentication code (2FA) to any third party except as instructed by Xfers to initiate or execute any payment transaction.
You are also advised not to keep records of any account password, one-time password(OTP), 2 Factor authentication code (2FA) in a way that allows any third party to easily misuse.
Where you are using a device to access your Xfers account, please make sure you have done the following:
Update the device’s browser to the latest version available;
Patch the device’s operating systems with regular security updates provided by the operating system provider;
Install and maintain the latest anti-virus software on the device, where applicable; and
Use strong passwords, such as a mixture of letters, numbers and symbols