Security Token User Guide - Standard Chartered · PDF fileSecurity Token User Guide ... Rese...
Transcript of Security Token User Guide - Standard Chartered · PDF fileSecurity Token User Guide ... Rese...
Security Token User Guide
Security Token User Guide
Version July 2015 Page 2 of 19
TABLE OF CONTENTS
1 INTRODUCTION ............................................................................................................................................. 3
1.1 FUNCTIONS OF THE TOKEN .................................................................................................................................. 3
1.2 SECURITY FEATURES OF THE TOKENS ..................................................................................................................... 3
1.3 TOKEN INTERFACE ............................................................................................................................................. 3
1.4 VASCO TOKEN REPLACEMENT ............................................................................................................................. 4
1.5 DEFINITIONS AND ACRONYMS............................................................................................................................. 4
2 LOGIN TO STRAIGHT2BANK WEB ................................................................................................................... 5
2.1 ACTIVATE TOKEN .............................................................................................................................................. 5
2.2 ACTIVATE MULTIPLE USER ID USING SAME TOKEN ................................................................................................... 6
2.3 LOGIN TO STRAIGHT2BANK WEB ......................................................................................................................... 7
2.4 UNLOCK TOKEN FOR LOGIN ................................................................................................................................ 8
3 AUTHORISE A TRANSACTION IN STRAIGHT2BANK WEB ............................................................................. 10
3.1 ACTIVATE TOKEN ............................................................................................................................................ 10
3.2 AUTHORISE A TRANSACTION ............................................................................................................................. 12
3.3 UNLOCK TOKEN FOR AUTHORISING A TRANSACTION ............................................................................................. 13
4 CUSTOMER ADMINSTRATOR FUNCTIONS .................................................................................................. 15
4.1 EDIT AND AUTHORISE USER PROFILE ................................................................................................................. 15
4.2 RESET USER WITH PASSWORD LOCKED STATUS ................................................................................................... 16
5 CHANGE TOKEN ACCESS PIN ....................................................................................................................... 18
6 DISCLAIMER ................................................................................................................................................ 19
Security Token User Guide
Version July 2015 Page 3 of 19
1 INTRODUCTION
The Vasco Security Token (hereafter referred to as the token) is a portable physical security device which
will enable you to login to Straight2Bank Web and authorise your transactions with an added layer of
security without compromising on your convenience.
1.1 Functions of the Token
1. To login to Straight2Bank Web (covered in Section 2 of this User Guide)
2. To authorise transactions in Straight2Bank Web (covered in Section 3 of this User Guide) 3. To perform customer administrator functions (covered in section 4 of this User Guide):
Edit, create new user Reset user with password locked status
1.2 Security Features of the Tokens
The Token provides multi-factor authentication based on: Something you have (the token itself), and
Something you know (the PIN code to access the token) Both factors help to ensure that you are authenticating or signing onto Straight2Bank Web and not
unauthorised party. The token is also extremely portable, allowing for security anytime and anywhere.
1.3 Token Interface
1.3.1 Description of Token Interface buttons
1. Token Screen: Displays messages and token responses 2. DP 260 On/Enter/Off Button: Used to Switch On or Off the token and Enter PIN and security
codes to generate token response and also to clear the last entered digit.
3. DP 275 – Press and hold green button for two seconds and release to turn device on and off. The Backspace button in red is used to clear the last entered digit.
Note: The token switches off automatically after 1 minute of inactivity
Security Token User Guide
Version July 2015 Page 4 of 19
1.4 Vasco Token Replacement
Each token has a battery life span of 3 to 5 years from the time of initialization, depending on usage.
When the battery is running low for a token, the following warning messages will be displayed on the
LCD for about 2 seconds, every time that the user turns on the token.
Warning Message on LCD
Meaning
BATT5
4 weeks estimated battery life remaining
BATT4
3 weeks estimated battery life remaining
BATT3
2 weeks estimated battery life remaining
BATT2
1 week estimated battery life remaining
BATT1
Battery life is exhausted
When the BATT2 warning starts to flash, please fill in the PIP form (available for download from
Straight2Bank Help) and send it to your local solution delivery representative to request for a new token.
1.5 Definitions and Acronyms
1.
Encrypted String
A secured string of characters (alphabets and letters) that
is required to activate the token for the first time.
2.
One Time Password (OTP)
Numeric response generated by the token and required
to login into Straight2Bank Web.
3.
Personal Identification Number
(PIN)
Numeric personal code (set by the user) required to
access the token each time.
4.
Personal Identification Phrase
(PIP) or Shared Secret
A secret phrase generated by system and sent to user
which is needed to map and activate a token. This
phrase is also used to unlock a token.
5.
Token Response
Numeric code generated by the token and required to
authorise a transaction in Straight2Bank Web.
6.
Unlock Code
A numeric code displayed on the token screen after five
consecutive wrong entries of the token PIN.
Security Token User Guide
Version July 2015 Page 5 of 19
2 LOGIN TO STRAIGHT2BANK WEB
If you are set-up to login to Straight2Bank Web using a security token, you will need to use it every time you
login.
2.1 Activate Token
Step 1: Receive emails from Straight2Bank Web Admin titled “Straight2Bank Web Security Token Activation” and “Shared secret for VASCO token” Once you have been set up in the system as a Vasco token user, you will receive an email from
Straight2Bank Web Admin with the title “Straight2Bank Web Security Token Activation” which will contain an “encrypted string”, which is a secured string of characters that you need to use to activate your
token.
You will also receive another email from Straight2Bank Web Admin with the title “Shared secret for VASCO token” which will contain the “shared secret” that is mapped to the security token. Step 2: Login to Straight2Bank Web Go to Straight2Bank Web - https://s2b.standardchartered.com Enter your
Group ID
User ID and click the ‘Login’ button
Step 3: On the next screen, click on ‘Initialise PIN’
Security Token User Guide
Version July 2015 Page 6 of 19
Step 4: System will prompt you to enter:
1. ‘Encrypted String’ received from Straight2Bank Web Admin (Step 1)
2. ‘Shared Secret’ (PIP) received from Straight2Bank Web Admin (Step 1) 3. Click ‘Submit’, as shown below. The system will generate an initial PIN which will be displayed as shown below.
Step 5: Activate Token
Press on the ‘ON’ button
Input the initial PIN (generated in Step 3)
Token will prompt you to change the Pin and display ‘Change Pin’
Enter your new numeric security PIN Token will display message ‘PIN CONF’
Enter the ‘New Pin again to confirm the change of PIN Click ‘Proceed’ on the screen. Your Vasco Token is now activated. You can proceed to login to
Straight2Bank Web by using One-Time Password (OTP) (see section 2.2 on how to use the token to Login to Straight2Bank Web).
2.2 Activate multiple user ID using same token
Step 1: Login to Straight2Bank Web Go to Straight2Bank Web - https://s2b.standardchartered.com Enter your Group ID
User ID and click the ‘Login’ button
Security Token User Guide
Version July 2015 Page 7 of 19
Step 2: On the next screen, click on ‘Initialise PIN’
Step 3: Click ‘Vasco OTP’ button Step 4: Generate Token One-Time Password (OTP)
Press on the ‘ON’ button
Token screen will display message ‘_ _ _ _ _ _ ’
Input your numeric personal security PIN Token will display ‘APPLI -’
Press BUTTON ‘1’ (which is meant for OTP)
Token will generate the password (OTP) and display it on the token screen
Step 5: Enter ‘OTP’ generated by the token on the Straight2Bank Web screen as shown below Step 6: Click ‘Proceed’ to Login to Straight2Bank Web Home Page
Note: Your user ID will be activated upon first successful login. You may repeat Section 2.2 steps to
activate other user ID using the same token, should there be any.
2.3 Login to Straight2Bank Web
Step 1: After activating your Token (Section 2.1), when you need to subsequently login to Straight2Bank
Web, go to the Straight2Bank Web login screen - https://s2b.standardchartered.com Enter your
Group ID User ID and click the ‘Login’ button.
Security Token User Guide
Version July 2015 Page 8 of 19
The system will prompt you for your one-time password (OTP). Step 2: Generate Token One-Time Password (OTP)
Press on the ‘ON’ button
Token screen will display message ‘_ _ _ _ _ _ ’
Input your numeric personal security PIN Token will display ‘APPLI -’
Press BUTTON ‘1’ (which is meant for OTP)
Token will generate the password (OTP) and display it on the token screen Step 3: Enter ‘OTP’ generated by the token on the Straight2Bank Web screen as shown below
Step 4: Click ‘Proceed’ to Login to Straight2Bank Web Home Page
2.4 Unlock Token for Login
For added security from the token getting into the hands of an unauthorised person, there is a lock token feature. The token will get locked on 5 wrong personal PIN entries.
A locked token will constantly display the ‘unlock code’ on its screen. You need this code to unlock your
token. Step 1: Please call your local solution delivery representative to unlock your token.
Step 2: Receive emails from Straight2Bank Web Admin Once your token has been reactivated, you will receive an email from Straight2Bank Web Admin with the
title “Straight2Bank Web Security Token Activation” which will contain an “encrypted string”, which is a secured string of characters that you need to use to activate your token.
You will also receive another email from Straight2Bank Web Admin with the title “Shared secret for
VASCO token” which will contain the “shared secret” that is mapped to the security token. Step 3: Go to Straight2Bank Web - https://s2b.standardchartered.com Enter your
Group ID User ID and click the ‘Submit’ button.
The system will prompt your for your OTP. Click on the “Vasco Unlock Token” button as shown below.
Security Token User Guide
Version July 2015 Page 9 of 19
Step 4: Enter the following:
Encrypted String’ received from Straight2Bank Web Admin (Step 2)
2. ‘Shared Secret’ (PIP) received from Straight2Bank Web Admin (Step 2)
3. ‘Unlock Code’ (as displayed in the token screen of the locked token) and click ‘Submit’ as shown below.
The system will display a PIN to unlock the token. Step 5: Use the PIN to re-activate your token as follows: On the token (token screen will display “Unlock resp”, followed by the numeric ‘unlock code’)
Press on the ‘ON’ button
Token display “Unlock resp”
Enter PIN as displayed on Straight2Bank Web screen
Token is unlocked Token will prompt you to change the PIN and display ‘NEW PIN’
Enter your new personal numeric PIN Token will display message ‘PIN CONF’ Enter the New Pin again to confirm the change of PIN
Security Token User Guide
Version July 2015 Page 10 of 19
3 AUTHORISE A TRANSACTION IN STRAIGHT2BANK WEB
If you are an approver who has been set-up to use a Vasco Token for approving transactions in Straight2Bank Web, you will need to use your token every time you have to authorise a transaction.
3.1 Activate Token
Note: If you are an authoriser who needs a token to login to Straight2Bank Web, you do not need to perform
these steps as your token would have been activated as part of the login procedure (refer to Section 2.1) Step 1: Receive emails from Straight2Bank Web Admin titled “Straight2Bank Web Security Token Activation” and “Shared secret for VASCO token” Once you have been set up in the system as a Vasco token user, you will receive an email from Straight2Bank Web Admin with the title “Straight2Bank Web Security Token Activation” which will
contain an “encrypted string”, which is a secured string of characters that you need to use to activate your token.
You will also receive another email from Straight2Bank Web Admin with the title “Shared secret for VASCO token” which will contain the “shared secret” that is mapped to the security token. Step 2: Login to Straight2Bank Web Go to Straight2Bank Web - https://s2b.standardchartered.com Enter your
Group ID User ID and click the ‘Login’ button Enter your Straight2Bank Web password (in the subsequent screen) and click ‘Proceed’
You will be taken to the Straight2Bank Web Home Page.
Security Token User Guide
Version July 2015 Page 11 of 19
Step 3: Use Vasco Pin Decryptor Function Go to Vasco Pin Decryptor function located under Cash Management - Transactions- Utilities menu as
shown in the screen below. System will prompt you to enter
1. ‘Encrypted String’ received from Straight2Bank Web Admin (Step 1)
2. ‘Shared Secret’ (PIP) received from Straight2Bank Web Admin (Step 1)
3. Click ‘Submit’, as shown below.
The system will generate an initial PIN which will be displayed as shown below.
Security Token User Guide
Version July 2015 Page 12 of 19
Step 4: Activate Token
Press on the ‘ON’ button
Token screen will display message ‘_ _ _ _ _ _’
Token screen will display message ‘Initial Pin’
Input the initial PIN (generated in Step 3) System will prompt you to change the Pin and display ‘NEW PIN ’
Enter your new personal numeric Pin System will display message ‘PIN CONF ’
Enter the New Pin again to confirm the change of PIN Your token is now activated.
3.2 Authorise a Transaction
For authorisation your operator(s) will inform you of the batch number that requires authorisation with
support documents. Alternatively you will receive an e-mail alert to log into Straight2Bank Web for
authorisation if you have subscribed to it. (Refer to the “Approver Easy Reference Guide” in Straight2Bank
Web help for more details on the authorisation process).
Step 1: Once you have clicked the “Save” button after authorising a batch or a single payment, the
‘challenge and response’ screen will be shown:
Step 2: Generate Vasco Token Response for Authorisation as described below:
Press on the ‘ON’ button
Token screen will display message ‘PIN’
Enter your personal numeric PIN Token screen will display ‘APPLI _’
Enter Button ‘2’ to select Transaction authentication
Enter the ‘CHALLENGE NUMBER’ from the ‘Challenge And Response’ screen
Token will generate the token response
Step 3: Enter the response generated by the Token in the ‘Response' field and click ‘Submit’.
12345678 Upon successful verification, the payments batch status will be updated to either Partially Signed status or
Fully Signed according to your signing arrangement.
Security Token User Guide
Version July 2015 Page 13 of 19
3.3 Unlock Token for Authorising a Transaction
For added security from the token getting into the hands of an unauthorised person, there is a lock token
feature. The token will get locked on 5 wrong personal PIN entries. A locked token will constantly display the ‘unlock code’ on its screen. You need this code to unlock your token. Step 1: Please call your local solution delivery representative to unlock your token.
Step 2: Receive emails from Straight2Bank Web Admin Once you have been set up in the system as a Vasco token user, you will receive an email from Straight2Bank Web Admin with the title “Straight2Bank Web Security Token Activation” which will
contain an “encrypted string”, which is a secured string of characters that you need to use to activate/reactivate your token.
You will also receive another email from Straight2Bank Web Admin with the title “Shared secret for VASCO token” which will contain the “shared secret” that is mapped to the security token.
Step 3: Go to Straight2Bank Web - https://s2b.standardchartered.com Enter your
Group ID User ID and click the ‘Login’ button Enter your Straight2Bank Web password (in the subsequent screen) and click ‘Proceed’ to login to
Straight2Bank Web
Step 4: On Straight2Bank Web Home Page, access Vasco Unlock Token, under Cash-Transactions-
Utilities menu as shown below.
Security Token User Guide
Version July 2015 Page 14 of 19
You will be taken to the following screen: Step 5: Enter the following
Encrypted String’ received from Straight2Bank Web Admin (Step 2)
2. ‘Shared Secret’ (PIP) received from Straight2Bank Web Admin (Step 2)
3. ‘Unlock Code’ (as displayed in the token screen of the locked token) and click ‘Submit’ as shown below.
Step 6: System will display numeric PIN to unlock token
Step 7: Use the PIN to re-activate your token as follows: On the token (token will display “Unlock resp”, followed by a numeric unlock code)
Enter response code as displayed on Straight2Bank Web screen Token is unlocked Token will prompt you to change the PIN and display ‘NEW PIN’
Enter your numeric personal PIN Token will display message ‘PIN CONF’ Enter the ‘New Pin’ again to confirm the change of PIN
Security Token User Guide
Version July 2015 Page 15 of 19
4 CUSTOMER ADMINSTRATOR FUNCTIONS
If you are a customer administrator, you would need your Vasco token to create and edit user profiles as well as to reset users with ‘locked password’ status on Straight2Bank Web.
4.1 Edit and Authorise User Profile
Step 1: After editing a user profile, click ‘Save User’ and a pop up box titled ‘User Authentication’ will appear
on top left corner requesting for your Vasco OTP. Step 2: Generate the Vasco OTP using the following steps (same process as login):
Press on the ‘ON’ button
Token screen will display message ‘_ _ _ _ _ _’
Enter your personal security PIN Token screen will display ‘APPLI _’
Enter Button ‘1’ to select OTP generation Token will generate the password (OTP) and display it on the token screen Step 3: Enter the OTP in the ‘Vasco OTP’ box and click Submit The user record will be authorised and saved.
Security Token User Guide
Version July 2015 Page 16 of 19
4.2 Reset User with Password Locked Status
If a user keys in 3 invalid OTP at login stage, their status will changed from ‘Active’ to ‘Password Locked’. In
order to reset the profile for a ‘locked’ user, you as a Customer Administrator needs to perform the following
steps:
Step 1: Login to Straight2Bank Web using your Customer Admin User Id and Vasco token OTP. Step 2: Go to Administration → Manage Users and select the user that needs to be reset and click
on the ‘Reset User’ button.
You will be taken to the ‘Reset User Record’ screen with a pop up window on the left hand corner of the screen prompting for the OTP (as shown below).
Security Token User Guide
Version July 2015 Page 17 of 19
Step 3: Use your Vasco token to generate the OTP
Press on the ‘ON’ button
Token screen will display message ‘_ _ _ _ _ _’
Enter your numeric personal security PIN Token screen will display ‘APPLI _’
Enter Button ‘1’ to select OTP generation Token will generate the password (OTP) and display it on the token screen Step 4: Enter the OTP in the “Vasco OTP” field in the pop-up window and click ‘Submit’ button.
The transaction will be authorised and the system will display “User Password has been successfully reset “.
Security Token User Guide
Version July 2015 Page 18 of 19
5 CHANGE TOKEN ACCESS PIN
To change your token access PIN, perform the following steps:
Press on the ON button.
Token screen will display message ‘_ _ _ _ _ _ ‘
Input your numeric personal security PIN Token screen will display ‘APPLI _’ Now PRESS on the ON button continuously for 5 seconds.
Token will prompt for a ‘NEW PIN’ Enter your new numeric PIN
Token will display ‘PIN CONF’ now
Repeat your new PIN again to confirm the PIN change Continue to access and use the token using the new PIN inorder to login to Straight2Bank Web or authorise
transactions in Straight2Bank Web.
Security Token User Guide
Version July 2015 Page 19 of 19
6 DISCLAIMER
This document is issued by Standard Chartered Bank (“SCB”). While all reasonable care has been taken in preparing this document, no responsibility or liability is accepted for any errors of fact, omission or for any opinion expressed herein. You are advised to exercise your own independent judgment (with the advice of your professional advisers as necessary) with respect to the risks and consequences of any matter contained herein. SCB expressly disclaims any liability and responsibility for any losses
arising from any uses to which this document is put and for any errors or omissions in this document. This document contains information that is proprietary to SCB and should not be circulated to third parties without SCB’s prior written approval.
All services provided by Standard Chartered, its subsidiaries or related companies, are subject to applicable
laws and regulations in each territory concerned. Please check the availability of specific services in a
particular country with your relationship manager.
This document is provided for information only and is subject to change without notice.
No part of this document may be reproduced or transmitted in any format by any means (electronic or mechanical) for any purpose without the permission of Standard Chartered.