Utilities
In the Utilities section, you have access to the Users and Token subsections. In these pages you can perform different actions related to the users of an app and their associated tokens, that must be executed mainly due to security issues or the registration of a new user. Refer to the table below to learn more about each subsection and their pages.
Users are created during the app onboarding process. A new user will be created when the bank customer signs up in the mobile bank app and their data is verified. The Users subsection in AS includes the options to set a user password, to block and unblock specific users, or delete a user. | |
Once the user register in the app, a token is created and assigned to that user. A token is an identifier generated when the app user creates their user ID, which is it is later used to generate OTPs in two-factor authentications. ImportantA token will be created only if the project includes the creation of tokens as part of the two-factor authentication method. |
Users
Users are created during the app onboarding process. That is to say, a new user will be created when the bank customer signs up in the mobile bank app and their data is verified.
The Users subsection in AS includes the Set User Password, the Block User, the Unblock User and the Delete User pages. Refer to the sections below to learn more about each of these actions available.
On the Set User Password page (Utilities > Users > Set User Password), you can configure a new password for a specific app user. Use this feature whenever an app user requests a password reset. Refer to the instructions below to learn how to set a password.
Go to the Set User Password page (Utilities > Users >Versions).
The page opens, where you configure the settings to set a new password.
In the Domain field, click the arrow and select a domain from the drop-down menu. The domain corresponds to the segment to which the user is associated. If only the default domain exists, select it.
In the User ID field, enter the ID of the user for whom you want to set the password.
In the Mode field, click the arrow and select an option to define the action related to the password setting. Select Password set to change so that the password is temporary—it will allow the user to log in, but they will be required to change the password before they can operate. Select Password set activated so that the password allows the user to operate normally and they won't be required to change the password.
In the Password field, enter the password. By default, the characters appear hidden as you type. Click the eye icon to show the password.
In the Confirm Password, enter the password again, which must match the text in the Password field. By default, the characters appear hidden as you type. Click the eye icon to show the password.
Note
All the fields in this page are mandatory.
Click Confirm. A pop-up message appears informing you that the password for that user was successfully changed.
If there are any issues with the user or domain, a message pops up reading User/Domain not found and all the fields will clear so you can try setting the password again.
On the Block User page (Utilities > Users > Block User), you can block one or more active users. Refer to the instructions below to learn how to block a user.
Caution
Once an active user is blocked, they won't be able to access the app and can no longer operate unless they are unblocked. Depending on the project conditions, a blocked user won't be able to either validate their password or enter a token.
Go to the Block User page (Utilities > Users > Block User).
The page opens, where you configure the settings to block a user.
In the Domain field, click the arrow and select a domain from the drop-down menu.
In the User ID field, enter the ID of the user you need to block. Click the field and enter the user ID of the user you want to block. Once you enter the full user ID, enter ";" so that the text turns into a chip. To eliminate a user ID, click the X icon. You can enter up to ten user IDs.
If the system was able to block the user or all the users you entered, a success message appears. If the system couldn't block one or more users, a message indicates that some users were not blocked.
Then, you are redirected to the Block User page, which shows a list of the users you attempted to block and their status together with a description. The Status can be Blocked or Unblocked. If the user was successfully blocked, the Description field appears empty, and if the user couldn't be blocked, this field shows the associated error code.
If you need to retry blocking a user or block more users, click Block more users.
On the Unblock User page (Utilities > Users > Unblock User), you can unblock one or more users. Refer to the instructions below to learn how to unblock a user.
Caution
Once a user is unblocked, they become an active user and can start operating in the app again.
Go to the Unblock User page (Utilities > Users > Unblock User).
The page opens, where you configure the settings to unblock a user.
In the Domain field, click the arrow and select a domain from the drop-down menu.
In the User ID field, enter the ID of the user you need to block. Click the field and enter the user ID of the user you want to block. Once you enter the full user ID, enter ";" so that the text turns into a chip. To eliminate a user ID, click the X icon. You can enter up to ten user IDs.
In the Mode field, select the mode under which the app user will be unblocked. The modes available result from the rule USER_PSW_SET_MODE_ENABLED_LIST.
Click the arrow and select an option from the drop-down menu, which includes actions that must be performed by the app user once it is unblocked: select No password so that the app user has to configure a new password to operate; select Temporary password, so that the app user has to change the temporary password before the time limit set by the rule expires; or select Confirmed password so that the app user is able operate using the password previously defined and is not required to change it.
If the system was able to unblock the user or all the users you entered, a success message appears. If the system couldn't unblock one or more users, a message indicates that some users were not blocked.
Then, you are redirected to the Unblock User page, which shows a list of the users you attempted to block and their status together with a description. The Status can be Unblocked or Not Unblocked. If the user was successfully unblocked, the Description field appears empty. If the user couldn't be unblocked, this field shows the associated error code.
If you need to retry unblocking a user or unblock more users, click Unblock more users.
On the Delete User page (Utilities > Users > Delete User), you can delete one or more active users. Refer to the instructions below to learn how to delete a user.
Go to the Block User page (Utilities > Users > Delete User).
The page opens, where you configure the settings to delete a user.
In the Domain field, click the arrow and select a domain from the drop-down menu.
In the User ID field, enter the ID of the user you need to delete. Click the field and enter the user ID of the user you want to delete. Once you enter the full user ID, enter ";" so that the text turns into a chip. To eliminate a user ID, click the X icon. You can enter up to ten user IDs.
If the system was able to delete the user or all the users you entered, a success message appears. If the system couldn't delete one or more users, a message indicates that some users were not eliminated.
Then, you are redirected to the Block User page, which shows a list of the users you attempted to block and their status together with a description. The Status can be Deleted or Not Deleted. If the user was successfully deleted, the Description field appears empty. If the user couldn't be deleted, this field shows the associated error code.
Token
Once the user register in the app, a token is created and assigned to that user. A token is an identifier generated when the app user creates their user ID, which is it is later used to generate OTPs in two-factor authentications.
Important
A token will be created only if the project includes the creation of tokens as part of the two-factor authentication method.
Important
A token will be created only if the project includes the creation of tokens as part of the two-factor authentication method.
The Token subsection in AS includes the Disable Token and Destroy Token pages. Refer to the sections below to learn more about each of these actions available.
You might need to disable or destroy tokens based on security issues. On one hand, in the case of a request reported by an app user, so that they are not able to operate with their tokens; for example, if they had their device or user information stolen. On the other hand, if an unsual activity is identified in the monitoring system; for example, if the user attempts to execute a large number of transactions in a short period of time.
Important
Each user has only one token.
Disable Token
On the Disable Token page, (Utilities > Token> Disable Token), you can disable one or more active tokens, each associated to a different user under a specific domain. Refer to the instructions below to learn how to disable a token.
Caution
Once an active token is disabled, the app user can no longer operate with that token under the domain where the user was created.
Go to the Disable To page (Utilities > Token> Disable Token).
The page opens, where you configure the settings to disable a token.
In the Domain field, click the arrow and select a domain from the drop-down menu.
In the User ID field, enter the user ID to which the token you want to disable is associated. Once you enter the full user ID, enter ";" so that the text turns into a chip. To eliminate a user ID, click the X icon. You can enter up to ten IDs.
In the Status field, click the arrow and select an option from the drop-down menu, which refers to the action required to reset the token. Select Soft Resync Required so that the token requires a token resynchronization through software, or Hard Resync Required so that the token requires a token resynchronization through hardware.
If the system successfully disabled the tokens associated to all the users you entered, a success message appears. If the system couldn't disable one or more tokens, a message indicates that some tokens were not disabled.
Then, you are redirected to the Disable Token page, which shows a list of the tokens you attempted to disable, the User ID associated to them and their status together with a description. The Status can be Disabled or Not Disabled. If the token was successfully disabled, the Description field appears empty and if the token couldn't be disabled, this field shows the associated error code.
Note
All the fields in this page are mandatory.
Destroy Token
On the Destroy Token page, (Utilities > Token> Destroy Token), you can destroy one or more active tokens, each of which is associated to a different user. Refer to the instructions below to learn how to delete a token.
Go to the Destroy Token page (Utilities > Token> Destroy Token).
The page opens, where you configure the settings to destroy a token.
In the Domain field, click the arrow and select a domain from the drop-down menu.
In the User ID field, enter the user ID to which the token you want to disable is associated. Once you enter the full user ID, enter ";" so that the text turns into a chip. To eliminate a user ID, click the X icon. You can enter up to ten IDs.
If the system successfully destroyed the tokens associated to all the users you entered, a success message appears. If the system couldn't destroy one or more tokens, a message indicates that some tokens were not destroyed.
Then, you are redirected to the Destroy Token page, which shows a list of the tokens you attempted to destroy, the User ID associated to them and their status together with a description. The Status can be Destroyed or Not Destroyed. If the token was successfully destroyed, the Description field appears empty. If the token couldn't be destroyed, this field shows the associated error code.