Security Upgrade Notification #1

Hello gamers!

Today we are publishing the first edition of our security upgrade notifications.

The aim of these publications are to deliver transparency and awareness to the security measures we put in place to keep a safe and operational platform.

Below are the measures we have implemented and short instructions on how to enable them.

1. Email Security
   We have implemented a standard email security code for all AGG user accounts.
   
   Once signed into your Auto Game Gold account, visit your account settings to enable email security.
   
   Enable "Email security code" by toggling the switch.
   
   
   
   Once toggled, you will be prompted to input a confirmation code, you can request your code using the button "Get Code".
   
   
   
   Input the code that is sent to your registered email address to successfully complete the enabling process.
   
   Congratulations, you have now successfully configured email security codes for your account.
   Email security codes will be requested upon login, payouts, claiming referral rewards, changing passwords, deleting your account and enabling/disabling other security measures.
   
   
2. TOTP Two-factor Authentication
   We have implemented a TOTP 2FA feature for all AGG user accounts.
   
   Note: You must have a 3rd party authenticator such as Google authenticator or Authy to enable 2FA.
   
   Once signed into your Auto Game Gold account, visit your account settings to enable 2FA.
   
   Enable "Two-factor authentication" by toggling the switch.
   
   
   
   Once toggled, you will be met with an interface for pre-enabling 2FA on your account.
   
   
   
   Here you will see a number of important things that you must take note of:
   
   1. We provide up-to date links to IOS and Android Appstores for Google Authenticator as the recommended mobile authenticator.
   2. You will see a copy of your private key, incase you cannot scan the QR code. Use this to enter manually into your chosen authenticator.
   3. You will be given an option to download a backup of your private key in PDF format. Please do so and keep it somewhere safe.
   4. You will be asked to confirm that you have stored your private key safely before continuing.
   
   Once you are ready, scan the QR code provided and confirm to continue.
   
   You will then be prompted to enter the code provided on your authenticator application to complete the enabling process.
   
   
   
   Congratulations, you have now successfully configured two-factor authentication for your account.
   2FA codes will be requested upon login, payouts, claiming referral rewards, changing passwords, deleting your account and enabling/disabling other security measures.
   
   
3. 0Auth Account Binding
   We have implemented our 0Auth Account Binding System, now you will be able to connect multiple 3rd party applications to your AGG account.
   
   Once signed into your Auto Game Gold account, visit your account settings to bind a 3rd party application.
   
   Here you can choose to connect any of the available platforms by simply pressing the connect button.
   
   
   
   You may also choose to disconnect at any time by using the X button circled in the image.
   
   Congratulations, connecting multiple forms of 3rd party authentication increases the security and accessibility of your account, providing safe and known login methods for your convenience.
   
   

To follow up, we will also describe our immediate plans for future security developments and what we aim to achieve by implementing them:

• Account Recovery System
  We aim to add an account recovery form for our users to assist with recovering lost or stolen accounts.
  
  
• Account Security Questions
  This will enable users to enter questions and answers that are known to them, in order to be assessed during the account recovery process.
  
  
• Web Based Authentication (for AGG Desktop Miner)
  This will effectively remove the email/password input from the application, and instead open a browser session for the user to directly authenticate via the website, from there our API protocol will authenticate the users desktop application.

Thank you,

Auto Game Gold Team