Security Token User Guide

Similar documents
Single Sign On Customer Administrator User Guide

MULTI-FACTOR AUTHENTICATION SET-UP

STEP BY STEP GUIDE TO USING LARGE BUSINESS TOKENS. Large Token (Vasco DP250) Activation on Account. Activate Token Once Obtained

Cash Management. Getting Started Guide

Cash Management 5.0 User Guide

Business ebanking - User Sign On & Set Up

Provider Express Obtaining Login Access. Information for Network Providers

Hang Seng Business e-banking. New Security Device. Frequently Asked Questions

Welcome to Business Internet Banking

DPH TOKEN SELF SERVICE SITE INSTRUCTIONS:

Provider OnLine. Log-In Guide

MCBDirect Corporate Logging on using a Soft Token

Device LinkUP + Desktop LP Guide RDP

CitiDirect BE. Getting Started Kit. Solution Corporate and Public Sector Clients in Singapore. Welcome to CitiDirect BE!

How do I contact someone if my question is not answered in this FAQ?

Business Mobile Banking

MULTI-FACTOR AUTHENTICATION SET-UP

Digipass Plug-In for IAS. IAS Plug-In IAS. Microsoft's Internet Authentication Service. Getting Started

Business Online Banking Quick Users Guide

Gate City Bank Online Business Banking i

account multiple solutions

Identikey Server Getting Started Guide 3.1

Resource Online User Guide JUNE 2013

Security Upgrade FAQs

SafeNet MobilePASS Version 8.2.0, Revision B

Security Upgrade FAQs

September 25, Programming YubiKeys for Okta Adaptive Multi-Factor Authentication

Technology Manager Non-Seller Admin Guide Creating and Managing Fannie Mae User IDs

Corporate Solution e-services User Manual for Members. Version 3.0 July 2013

BUSINESS NETTELLER ONLINE BANKING USER GUIDE

Mobile and Text Customer Experience Online Banking Training Guide. i 2015 ChoiceOne Bank

BlackShield Authentication Service

iii. You will not be able to access their iocbc account without a valid OTP token from 1 Nov 2012 onward.

Online Statements. About this guide. Important information

AESDIRECT ACCOUNT ADMINISTRATION USER GUIDE

Flexible Identity. Tokenless authenticators guide. Multi-Factor Authentication. version 1.0

Business Manager Company Administrator s Guide Peoples Bank Customer Support

CipherLab 5100 Time Attendance Utility Manual

User Guide. SafeNet MobilePASS for Windows Phone

Account Activation. Guide

How do I enroll in the password portal?

User Self-Service Configuration Overview

Common Questions about NetTeller Internet Banking

Merchant Operating Guide

onecard Smart Data OnLine Getting Started Guide for Program Administrators

Netteller: Online Banking User Guide

The easy way to accept EFTPOS, Visa and MasterCard payments on the spot. Mobile Users Charging your PayClip. 2. Downloading the PayClip app.

BUSINESS ONLINE BANKING QUICK GUIDE For Company System Administrators

Self-service password management user guide

ProgressBook CentralAdmin User Guide

CentreSuite Expense Management Cardholder USER GUIDE

ANZ TRANSACTIVE GETTING STARTED GUIDE AUSTRALIA & NEW ZEALAND

Kitsap Bank Mobile Banking, Mobile Deposit and Text Banking FAQ s

Reporting User Guide. Version Oct 2011 Page 1 of 65

7. In the boxed unlabeled field, enter the last 4 digits of your Social Security number.

U.S. Bank Secure Mail

i-mobile Multi-Factor Authentication

Business On Line File Gateway Guide for Customers

RITS Training. Accessing RITS Password Administration Certificate Administration

Deltek Touch Time & Expense for GovCon. User Guide for Triumph

Online Service Management Center

REMOTE ACCESS - OUTLOOK WEB APP

Using Premium Automatic Call Distribution for Call Centers

Instructions for the Integrated Travel Manager (ITM) Self Service Password Reset (May 2011)

Element. Payment Processing. Integration of Element. using N-Site Applications 7/12/2011

Multi-Factor Authentication (MFA)

Apps for Android. Apps for iphone & ipad INS584-3

Our website Internet Banking

Guideline on Access Control

4. Backup Assistant will ask you to verify the PIN you assigned to your account, and will remind you to record your PIN for future use.

MCU Online and MFA (Multi Factor Authentication)

Quick Start Guide to Logging in to Online Banking

Citrix Remote Access Work Instructions

Business Mobile App User Guide

Can I transfer money to accounts I have at other Financial Institutions through Mobile Banking? No, we don t currently offer this service.

account multiple solutions

Cathay Business Online Banking

Department of Supply & Services (CIMS) RSA Web Express User Guide v1.2

Two-Factor Authentication

Online eopf Self-service Feature for Login ID and Password Retrieval for New Users

Student Registration Instructions

Electronic Questionnaires for Investigations Processing (e-qip)

DIGIPASS Authentication for Sonicwall Aventail SSL VPN

QSF Creator Tool. Task Sheet. Logging Into Hosted Millennium

Two Factor Authentication and PKI Token (for Windows)

Published by Murphy & Company, Inc Barrett Office Dr Suite 206 St. Louis, MO

Rocky Mountain Health Plans Provider Documentation

Online Banking Guide

User Guide for Payroll Service (APS+)

Strong Authentication for Juniper Networks SSL VPN

Customer Management Services (CMS)

Two Factor Authentication. Software Version (SV) 1.0

Internet Banking Frequently Asked Questions (FAQs) Version 1.0

Internet Banking - FAQ -

BRAC Bank Internet Banking FAQ

Diamante WiFi Wireless Communication User Guide. Linksys E1200

FIRST HOPE BANK BUSINESS ONLINE BANKING DIRECT CONNECT WITH QUICKBOOKS

Instructions for Registering on MyHealth

First Data Global Gateway Virtual Terminal User Manual. Version 1.0

Supply Chain Finance WinFinance

Transcription:

TABLE OF CONTENTS 1 INTRODUCTION... 3 1.1 FUNCTIONS OF THE TOKEN... 3 1.2 SECURITY FEATURES OF THE TOKENS... 3 1.3 TOKEN INTERFACE... 3 1.4 VASCO TOKEN REPLACEMENT... 4 1.5 DEFINITIONS AND ACRONYMS... 4 2 LOGIN TO STRAIGHT2BANK WEB... 5 2.1 ACTIVATE TOKEN... 5 2.2 ACTIVATE MULTIPLE USER ID USING SAME TOKEN... 6 2.3 LOGIN TO STRAIGHT2BANK WEB... 7 2.4 UNLOCK TOKEN FOR LOGIN... 8 3 AUTHORISE A TRANSACTION IN STRAIGHT2BANK WEB... 10 3.1 ACTIVATE TOKEN... 10 3.2 AUTHORISE A TRANSACTION... 12 3.3 UNLOCK TOKEN FOR AUTHORISING A TRANSACTION... 13 4 CUSTOMER ADMINSTRATOR FUNCTIONS... 15 4.1 EDIT AND AUTHORISE USER PROFILE... 15 4.2 RESET USER WITH PASSWORD LOCKED STATUS... 16 5 CHANGE TOKEN ACCESS PIN... 18 6 DISCLAIMER... 19 Version July 2015 Page 2 of 19

1 INTRODUCTION The Vasco Security Token (hereafter referred to as the token) is a portable physical security device which will enable you to login to Straight2Bank Web and authorise your transactions with an added layer of security without compromising on your convenience. 1.1 Functions of the Token 1. To login to Straight2Bank Web (covered in Section 2 of this User Guide) 2. To authorise transactions in Straight2Bank Web (covered in Section 3 of this User Guide) 3. To perform customer administrator functions (covered in section 4 of this User Guide): Edit, create new user Reset user with password locked status 1.2 Security Features of the Tokens The Token provides multi-factor authentication based on: Something you have (the token itself), and Something you know (the PIN code to access the token) Both factors help to ensure that you are authenticating or signing onto Straight2Bank Web and not unauthorised party. The token is also extremely portable, allowing for security anytime and anywhere. 1.3 Token Interface 1.3.1 Description of Token Interface buttons 1. Token Screen: Displays messages and token responses 2. DP 260 On/Enter/Off Button: Used to Switch On or Off the token and Enter PIN and security codes to generate token response and also to clear the last entered digit. 3. DP 275 Press and hold green button for two seconds and release to turn device on and off. The Backspace button in red is used to clear the last entered digit. Note: The token switches off automatically after 1 minute of inactivity Version July 2015 Page 3 of 19

1.4 Vasco Token Replacement Each token has a battery life span of 3 to 5 years from the time of initialization, depending on usage. When the battery is running low for a token, the following warning messages will be displayed on the LCD for about 2 seconds, every time that the user turns on the token. Warning Message on LCD BATT5 BATT4 BATT3 BATT2 BATT1 Meaning 4 weeks estimated battery life remaining 3 weeks estimated battery life remaining 2 weeks estimated battery life remaining 1 week estimated battery life remaining Battery life is exhausted When the BATT2 warning starts to flash, please fill in the PIP form (available for download from Straight2Bank Help) and send it to your local solution delivery representative to request for a new token. 1.5 Definitions and Acronyms 1. Encrypted String A secured string of characters (alphabets and letters) that is required to activate the token for the first time. 2. One Time Password (OTP) Numeric response generated by the token and required to login into Straight2Bank Web. 3. Personal Identification Number (PIN) Numeric personal code (set by the user) required to access the token each time. 4. Personal Identification Phrase (PIP) or Shared Secret A secret phrase generated by system and sent to user which is needed to map and activate a token. This phrase is also used to unlock a token. 5. Token Response Numeric code generated by the token and required to authorise a transaction in Straight2Bank Web. 6. Unlock Code A numeric code displayed on the token screen after five consecutive wrong entries of the token PIN. Version July 2015 Page 4 of 19

2 LOGIN TO STRAIGHT2BANK WEB If you are set-up to login to Straight2Bank Web using a security token, you will need to use it every time you login. 2.1 Activate Token Step 1: Receive emails from Straight2Bank Web Admin titled Straight2Bank Web Security Token Activation and Shared secret for VASCO token Once you have been set up in the system as a Vasco token user, you will receive an email from Straight2Bank Web Admin with the title Straight2Bank Web Security Token Activation which will contain an encrypted string, which is a secured string of characters that you need to use to activate your token. You will also receive another email from Straight2Bank Web Admin with the title Shared secret for VASCO token which will contain the shared secret that is mapped to the security token. Step 2: Login to Straight2Bank Web Go to Straight2Bank Web - https://s2b.standardchartered.com Enter your Group ID User ID and click the Login button Step 3: On the next screen, click on Initialise PIN Version July 2015 Page 5 of 19

Step 4: System will prompt you to enter: 1. Encrypted String received from Straight2Bank Web Admin (Step 1) 2. Shared Secret (PIP) received from Straight2Bank Web Admin (Step 1) 3. Click Submit, as shown below. The system will generate an initial PIN which will be displayed as shown below. Step 5: Activate Token Press on the ON button Input the initial PIN (generated in Step 3) Token will prompt you to change the Pin and display Change Pin Enter your new numeric security PIN Token will display message PIN CONF Enter the New Pin again to confirm the change of PIN Click Proceed on the screen. Your Vasco Token is now activated. You can proceed to login to Straight2Bank Web by using One-Time Password (OTP) (see section 2.2 on how to use the token to Login to Straight2Bank Web). 2.2 Activate multiple user ID using same token Step 1: Login to Straight2Bank Web Go to Straight2Bank Web - https://s2b.standardchartered.com Enter your Group ID User ID and click the Login button Version July 2015 Page 6 of 19

Step 2: On the next screen, click on Initialise PIN Step 3: Click Vasco OTP button Step 4: Generate Token One-Time Password (OTP) Press on the ON button Token screen will display message Input your numeric personal security PIN Token will display APPLI - Press BUTTON 1 (which is meant for OTP) Token will generate the password (OTP) and display it on the token screen Step 5: Enter OTP generated by the token on the Straight2Bank Web screen as shown below Step 6: Click Proceed to Login to Straight2Bank Web Home Page Note: Your user ID will be activated upon first successful login. You may repeat Section 2.2 steps to activate other user ID using the same token, should there be any. 2.3 Login to Straight2Bank Web Step 1: After activating your Token (Section 2.1), when you need to subsequently login to Straight2Bank Web, go to the Straight2Bank Web login screen - https://s2b.standardchartered.com Enter your Group ID User ID and click the Login button. Version July 2015 Page 7 of 19

The system will prompt you for your one-time password (OTP). Step 2: Generate Token One-Time Password (OTP) Press on the ON button Token screen will display message Input your numeric personal security PIN Token will display APPLI - Press BUTTON 1 (which is meant for OTP) Token will generate the password (OTP) and display it on the token screen Step 3: Enter OTP generated by the token on the Straight2Bank Web screen as shown below Step 4: Click Proceed to Login to Straight2Bank Web Home Page 2.4 Unlock Token for Login For added security from the token getting into the hands of an unauthorised person, there is a lock token feature. The token will get locked on 5 wrong personal PIN entries. A locked token will constantly display the unlock code on its screen. You need this code to unlock your token. Step 1: Please call your local solution delivery representative to unlock your token. Step 2: Receive emails from Straight2Bank Web Admin Once your token has been reactivated, you will receive an email from Straight2Bank Web Admin with the title Straight2Bank Web Security Token Activation which will contain an encrypted string, which is a secured string of characters that you need to use to activate your token. You will also receive another email from Straight2Bank Web Admin with the title Shared secret for VASCO token which will contain the shared secret that is mapped to the security token. Step 3: Go to Straight2Bank Web - https://s2b.standardchartered.com Enter your Group ID User ID and click the Submit button. The system will prompt your for your OTP. Click on the Vasco Unlock Token button as shown below. Version July 2015 Page 8 of 19

Step 4: Enter the following: Encrypted String received from Straight2Bank Web Admin (Step 2) 2. Shared Secret (PIP) received from Straight2Bank Web Admin (Step 2) 3. Unlock Code (as displayed in the token screen of the locked token) and click Submit as shown below. The system will display a PIN to unlock the token. Step 5: Use the PIN to re-activate your token as follows: On the token (token screen will display Unlock resp, followed by the numeric unlock code ) Press on the ON button Token display Unlock resp Enter PIN as displayed on Straight2Bank Web screen Token is unlocked Token will prompt you to change the PIN and display NEW PIN Enter your new personal numeric PIN Token will display message PIN CONF Enter the New Pin again to confirm the change of PIN Version July 2015 Page 9 of 19

3 AUTHORISE A TRANSACTION IN STRAIGHT2BANK WEB If you are an approver who has been set-up to use a Vasco Token for approving transactions in Straight2Bank Web, you will need to use your token every time you have to authorise a transaction. 3.1 Activate Token Note: If you are an authoriser who needs a token to login to Straight2Bank Web, you do not need to perform these steps as your token would have been activated as part of the login procedure (refer to Section 2.1) Step 1: Receive emails from Straight2Bank Web Admin titled Straight2Bank Web Security Token Activation and Shared secret for VASCO token Once you have been set up in the system as a Vasco token user, you will receive an email from Straight2Bank Web Admin with the title Straight2Bank Web Security Token Activation which will contain an encrypted string, which is a secured string of characters that you need to use to activate your token. You will also receive another email from Straight2Bank Web Admin with the title Shared secret for VASCO token which will contain the shared secret that is mapped to the security token. Step 2: Login to Straight2Bank Web Go to Straight2Bank Web - https://s2b.standardchartered.com Enter your Group ID User ID and click the Login button Enter your Straight2Bank Web password (in the subsequent screen) and click Proceed You will be taken to the Straight2Bank Web Home Page. Version July 2015 Page 10 of 19

Step 3: Use Vasco Pin Decryptor Function Go to Vasco Pin Decryptor function located under Cash Management - Transactions- Utilities menu as shown in the screen below. System will prompt you to enter 1. Encrypted String received from Straight2Bank Web Admin (Step 1) 2. Shared Secret (PIP) received from Straight2Bank Web Admin (Step 1) 3. Click Submit, as shown below. The system will generate an initial PIN which will be displayed as shown below. Version July 2015 Page 11 of 19

Step 4: Activate Token Press on the ON button Token screen will display message Token screen will display message Initial Pin Input the initial PIN (generated in Step 3) System will prompt you to change the Pin and display NEW PIN Enter your new personal numeric Pin System will display message PIN CONF Enter the New Pin again to confirm the change of PIN Your token is now activated. 3.2 Authorise a Transaction For authorisation your operator(s) will inform you of the batch number that requires authorisation with support documents. Alternatively you will receive an e-mail alert to log into Straight2Bank Web for authorisation if you have subscribed to it. (Refer to the Approver Easy Reference Guide in Straight2Bank Web help for more details on the authorisation process). Step 1: Once you have clicked the Save button after authorising a batch or a single payment, the challenge and response screen will be shown: Step 2: Generate Vasco Token Response for Authorisation as described below: Press on the ON button Token screen will display message PIN Enter your personal numeric PIN Token screen will display APPLI _ Enter Button 2 to select Transaction authentication Enter the CHALLENGE NUMBER from the Challenge And Response screen Token will generate the token response Step 3: Enter the response generated by the Token in the Response' field and click Submit. 12345678 Upon successful verification, the payments batch status will be updated to either Partially Signed status or Fully Signed according to your signing arrangement. Version July 2015 Page 12 of 19

3.3 Unlock Token for Authorising a Transaction For added security from the token getting into the hands of an unauthorised person, there is a lock token feature. The token will get locked on 5 wrong personal PIN entries. A locked token will constantly display the unlock code on its screen. You need this code to unlock your token. Step 1: Please call your local solution delivery representative to unlock your token. Step 2: Receive emails from Straight2Bank Web Admin Once you have been set up in the system as a Vasco token user, you will receive an email from Straight2Bank Web Admin with the title Straight2Bank Web Security Token Activation which will contain an encrypted string, which is a secured string of characters that you need to use to activate/reactivate your token. You will also receive another email from Straight2Bank Web Admin with the title Shared secret for VASCO token which will contain the shared secret that is mapped to the security token. Step 3: Go to Straight2Bank Web - https://s2b.standardchartered.com Enter your Group ID User ID and click the Login button Enter your Straight2Bank Web password (in the subsequent screen) and click Proceed to login to Straight2Bank Web Step 4: On Straight2Bank Web Home Page, access Vasco Unlock Token, under Cash-Transactions- Utilities menu as shown below. Version July 2015 Page 13 of 19

You will be taken to the following screen: Step 5: Enter the following Encrypted String received from Straight2Bank Web Admin (Step 2) 2. Shared Secret (PIP) received from Straight2Bank Web Admin (Step 2) 3. Unlock Code (as displayed in the token screen of the locked token) and click Submit as shown below. Step 6: System will display numeric PIN to unlock token Step 7: Use the PIN to re-activate your token as follows: On the token (token will display Unlock resp, followed by a numeric unlock code) Enter response code as displayed on Straight2Bank Web screen Token is unlocked Token will prompt you to change the PIN and display NEW PIN Enter your numeric personal PIN Token will display message PIN CONF Enter the New Pin again to confirm the change of PIN Version July 2015 Page 14 of 19

4 CUSTOMER ADMINSTRATOR FUNCTIONS If you are a customer administrator, you would need your Vasco token to create and edit user profiles as well as to reset users with locked password status on Straight2Bank Web. 4.1 Edit and Authorise User Profile Step 1: After editing a user profile, click Save User and a pop up box titled User Authentication will appear on top left corner requesting for your Vasco OTP. Step 2: Generate the Vasco OTP using the following steps (same process as login): Press on the ON button Token screen will display message Enter your personal security PIN Token screen will display APPLI _ Enter Button 1 to select OTP generation Token will generate the password (OTP) and display it on the token screen Step 3: Enter the OTP in the Vasco OTP box and click Submit The user record will be authorised and saved. Version July 2015 Page 15 of 19

4.2 Reset User with Password Locked Status If a user keys in 3 invalid OTP at login stage, their status will changed from Active to Password Locked. In order to reset the profile for a locked user, you as a Customer Administrator needs to perform the following steps: Step 1: Login to Straight2Bank Web using your Customer Admin User Id and Vasco token OTP. Step 2: Go to Administration Manage Users and select the user that needs to be reset and click on the Reset User button. You will be taken to the Reset User Record screen with a pop up window on the left hand corner of the screen prompting for the OTP (as shown below). Version July 2015 Page 16 of 19

Step 3: Use your Vasco token to generate the OTP Press on the ON button Token screen will display message Enter your numeric personal security PIN Token screen will display APPLI _ Enter Button 1 to select OTP generation Token will generate the password (OTP) and display it on the token screen Step 4: Enter the OTP in the Vasco OTP field in the pop-up window and click Submit button. The transaction will be authorised and the system will display User Password has been successfully reset. Version July 2015 Page 17 of 19

5 CHANGE TOKEN ACCESS PIN To change your token access PIN, perform the following steps: Press on the ON button. Token screen will display message Input your numeric personal security PIN Token screen will display APPLI _ Now PRESS on the ON button continuously for 5 seconds. Token will prompt for a NEW PIN Enter your new numeric PIN Token will display PIN CONF now Repeat your new PIN again to confirm the PIN change Continue to access and use the token using the new PIN inorder to login to Straight2Bank Web or authorise transactions in Straight2Bank Web. Version July 2015 Page 18 of 19

6 DISCLAIMER This document is issued by Standard Chartered Bank ( SCB ). While all reasonable care has been taken in preparing this document, no responsibility or liability is accepted for any errors of fact, omission or for any opinion expressed herein. You are advised to exercise your own independent judgment (with the advice of your professional advisers as necessary) with respect to the risks and consequences of any matter contained herein. SCB expressly disclaims any liability and responsibility for any losses arising from any uses to which this document is put and for any errors or omissions in this document. This document contains information that is proprietary to SCB and should not be circulated to third parties without SCB s prior written approval. All services provided by Standard Chartered, its subsidiaries or related companies, are subject to applicable laws and regulations in each territory concerned. Please check the availability of specific services in a particular country with your relationship manager. This document is provided for information only and is subject to change without notice. No part of this document may be reproduced or transmitted in any format by any means (electronic or mechanical) for any purpose without the permission of Standard Chartered. Version July 2015 Page 19 of 19

2024 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information