Skip to content

The Yellow Card scheme has introduced multi-factor authentication and a re-platformed mobile app to enhance user experience and security. Please find further information using the link below.

Yellow Card system enhancements

YellowCard
Making medicines and medical devices safer

Yellow Card system enhancements

Important updates to user accounts: enhanced security and updated app experience

What’s changing?

In February 2026, the Yellow Card scheme introduced two technical upgrades to enhance your experience and security:

  • Multi-factor authentication (MFA): All registered account users are required to use MFA to log in. This means after entering your email and password, you will be required to choose a second authentication method—SMS, Authenticator app, or automated voice call—to receive a code and complete your login.

  • Progressive web app (PWA): The app has been upgraded to a progressive web application, providing a seamless experience across devices, automatic updates and additional functionality including alignment with the new MFA feature. The app mirrors the Yellow Card website, ensuring access to the latest features and information.

Who is affected?

All registered and app users—public, patients and healthcare professionals—will be required to use MFA and benefit from the new app platform. Guest users can still submit reports without an account, as these changes do not apply to them.

Users who do not update the Yellow Card app will be unable to sign in to their existing account or register for a new one. Guest users will still be able to use the existing version app as normal; however, we encourage all users to update the app via the App Store or Google Play store. This will allow access to Yellow Card scheme accounts in addition to upgraded features.

Key benefits

  • Enhanced protection for your data with MFA

  • Seamless access to Yellow Card scheme services across any device

  • Automatic updates—no more manual app downloads

  • Improved accessibility, including options for users who prefer voice calls for authentication

Timeline

  • February 2026: MFA and progressive web app rollout

  • April 2026: MFA mandatory for all account users

What do you need to do?

  • Ensure your contact details are up to date in your Yellow Card scheme account

  • Review the MFA options and choose your preferred method

  • Download or update the app update from your app store

  • Look out for further communications on this web page and app updates in your app store

Accessibility and support

Accessibility is a priority. If you prefer not to use SMS or an app, you can opt for a voice call to receive your authentication code. If you have any problems, our customer service team is here to help. Guest reporting remains available for those unable to access their account. For more information and updates, please visit this page regularly. If you need further help, please contact our Customer Experience Centre via the contact us page.

More information

Progressive web app (PWA) features

App additional features:

  • Consistent user experience – The app now mirrors the Yellow Card website, ensuring a seamless experience on any device.

  • Real time updates – improvements appear instantly, with no need to download app updates.

  • Expanded reporting – Users can now report issues with defective medicines and counterfeit products directly in the app.

  • Greater access to information – view data publications within the the app.

  • Reduced app download size – saving space on your device.

Multi-factor authentication

MFA adds a robust layer of security, safeguarding sensitive personal data in your Yellow Card scheme account. It requires verification beyond your username and password before granting access.

Login changes

When logging in, you’ll verify your identity using a second authentication factor, helping to prevent unauthorised access even if your password is compromised. Initially, users can defer MFA setup during a short grace period. After this, MFA will be mandatory.

Authentication methods

  • Mobile authenticator app: the most secure method. Generates a one-time 6-digit code, works offline and abroad, and can require biometrics. Examples include Microsoft authenticator, Google authenticator and Authy.

  • SMS (text message) - Receive a one-time 6-digit code via text to your mobile phone.

  • Voice call - Receive a one-time 6-digit code via automated call, suitable for mobiles or landlines.

A step-by-step guide on how to use MFA for the Yellow Card scheme can be located here.