Managed Access Gateway One-Time Password Guide Version 1.0 February 2017

Similar documents
Copyright 2017 Exostar LLC. All rights reserved. Phone One-Time Password User Guide October 2017

Phone-Based One-Time Password User Guide November 2017

Phone-Based One-Time Password without Proofing (Level 2) User Guide November 2017

Hardware One-Time Password User Guide November 2017

Hardware One-Time Password User Guide August 2018

Secure Access Manager User Guide December 2017

How to Obtain a Medium Level of Assurance Hardware or Software Digital Certificate it is necessary to Complete Webcam Proofing

Exostar Identity Access Platform (SAM) User Guide September 2018

Exostar Identity Access Platform (SAM) User Guide July 2018

Managed Access Gateway One-Time Password Hardware Tokens. User Guide

Electronic Prescribing for Controlled Substances. EPCS with NewCrop e-prescribing Identity Proofing with Exostar. Setup and User Guide

Managed Access Gateway. User Guide

Managed Access Gateway. User Guide

Secure Access Manager User Guide September 2017

Identity and Access Management (IAM) Platform User Guide

Identity and Access Management (IAM) Platform User Guide

Copyright May 2017 Exostar, LLC All rights reserved.

Partner Information Manager (PIM)

E X O S T A R, LLC D A T E : M AY V E R S I O N : 4.0

13241 Woodland Park Road, Suite 400 Herndon, VA USA A U T H O R : E X O S T A R D ATE: M A R C H V E R S I O N : 3.

Partner Information Manager Supplier Guide October 2017

ALDI. Contractor Management System. User Guide for registering your company

Getting Started with Cloudamize Manage

Enhanced new user experience with simple to use navigation and better buying experience. Trade accounts will see current order status, and history

Electronic Prescribing for Controlled Substances. EPCS with erx e-prescribing Identity Proofing with Exostar Setup Guide

Managed Access Gateway. Request Management Guide (For Administrators)

Supplier Info Pack. Light Account PUBLIC. Rev. 07/20/2017

Wells Fargo Merchant Services. Wells Fargo Mobile Merchant User Guide for Apple ipad Version 3.2

PROFESSIONAL DEVELOPMENT ADVISOR (PDA) USER GUIDE

IMEI Database. Manufacturer / Brand Owner User Guide. Version September Copyright Notice. Copyright 2015 GSM Association

OLLI Online Registration Training

Light Account Supplier Quick Guide. Version: 1.0 / July 2018

[Document subtitle] Mladen Mandrapa [Date] [Course title]

FAQ ON GST ENROLMENT PROCESS AS PROVIDED BY GSTN AT

PLEXUS PAY PORTAL YOUR HOW-TO GUIDE

How to Order a Four Panel Brochure through Print Services. Go to the Print Services Web Page and select the Online Store link.

Do It Yourself VOI Tool for Property Transfers User Manual

Online Banking Overview

HOW TO REGISTER FOR THE TEAS ASSESSMENT

Ordering, Contracting & Billing for Webex Teams Calling

How to Register for e-permits

TABLE OF CONTENTS ACCOUNT REGISTRATION

WEBSITE TRAINING GUIDE MY OFFICE PRODUCTS. Office Supplies & Business Print

Verizon Enterprise Center Registration/Login User Guide

Re-registering and Adding a New Facility in ReposiTrak

Enterprise Access Gateway Management for Exostar s IAM Platform June 2018

Club Automation: Online Portal

MD Helicopters, Inc. On-line Publications Ordering Applications Guide

At merchants that have not yet signed up for your card will continue to work without the need to use an OTP.

Welcome to the QParents Portal... 2

New BoundTree.com User Guide Fall Version 6

1. Logging onto E-Way ( Enter your User ID and Password (see password policy) in the LOGIN section, then click on the arrow.

MYCIBSE USER GUIDE. Contents

Re-registering in ReposiTrak

Supplier Info Pack. Light Account PUBLIC. Rev. 07/20/2017

Martin Baker Secure Source-to-Pay How to Access and Log In

Higher Reach Online Registration

Table of Contents. Buyer Functions Buyer Responsibilities: Create and submit orders for approval and manage personal profile and preferences.

Register for a HCQIS Access Roles and Profile (HARP) Account

SIDC Online Application Portal

Connecting VirtueMart To PayPal (Live)

User Manual HPCSA Registration Renewal

Using the Telstra T-Suite Management Console. Customer Administrator s Reference Manual

Managed Access Gateway

STEPS FOR CANDIDATE FOR SCHEDULING ITB EXAM

Welcome to First Security Mobile

AutomationDirect.com Order Import Feature

ECA Trusted Agent Handbook

Oracle Banking Digital Experience


Finding an Account. Contents Finding an Account Finding an Account. Creating a New Account and Placing an O365 Order... 2

Managed Access Gateway Third-Party Credential User Guide August 2017

HOW TO PURCHASE A TEAS TRANSCRIPT

Invoice Gateway Customer Enrollment

Secure Access Manager (SAM) Administrator Guide December 2017

T-Dot Tumblers Online Registration User Guide

Online Ordering Instructions

PERSONAL ACCOUNT-HOLDER

How to create and order individual pages. 1. Once you open the My Memories Suite software, choose the Design icon.

SMARTGOV PORTAL - PUBLIC USER GUIDE

GARAGE SALE PERMIT APPLICATION ON LINE

How to Request Courses (First Phase: Course Requests Lottery)

SAP Sourcing/ Exostar - How To

How to Search and Register for Continuing Education Programs

ETSY.COM - PRIVACY POLICY

FORUM Business Online Banking

Access auto, commercial, home, and life solutions from a single entry point.

Security Settings for Students and Parents/Other Payers. Last updated: October 12, 2018

User guide. Bloomberg Legal Entity Identifier (LEI) web platform

MSEDCL e-tendering Contractor Registration Guide

TIS HELP VCCS TECHNICAL INFORMATION SHOP (TIS) INSTRUCTION FOR INDEPENDENT OPERATORS

eshop Installation and Data Setup Guide for Microsoft Dynamics 365 Business Central

Picshare Party Privacy Policy

Trojan Professional Services

COVENTRY MEDICARE CERTIFICATION TRAINING CENTER

Frequently Asked Questions

Instructions for First Time Users

Frequently Asked Questions: Cisco Certification Exam Discount Vouchers

How to Download Software or Data Updates from the Pitney Bowes Software estore locations (US/Canada, Latin America and Brasil)

MyFloridaNet-2 (MFN-2) Remote Access VPN Reference Guide

Transcription:

1 Managed Access Gateway One-Time Password Guide Version 1.0 February 2017

2 Contents About One Time Password (OTP)... 3 OTP Credential Types... 3 What is the Proofing Upgrade?... 3 How to Determine if You Require the Proofing Upgrade... 3 About the Registration Process... 4 Purchasing... 4 Purchasing an OTP Credential through your MAG Account... 4 Registering OTP Credentials... 10 Adding the Proofing Upgrade to OTP Credentials... 11 About Live Video Proofing... 13 Rescheduling a Video Proofing Appointment... 16 Completing Identity Proofing and Activating Your OTP Credential... 17 About Credit Bureau-Based Proofing... 17 Completing Credit Bureau-Based Proofing... 18 Activating your OTP Credential after Completing Credit Based-Bureau Proofing... 20 Registering OTP Credentials without the Proofing Upgrade... 20 Registering the OTP Hardware Token without the Proofing Upgrade... 20 Registering Phone OTP without the Proofing Upgrade... 23 Credential Elevation... 25 Elevating Using the OTP Hardware Token... 26 Elevating Using Phone OTP... 27 Additional OTP User Guides... 28

3 About One Time Password (OTP) A One Time Password (OTP) credential generates a single-use password on a physical credential each time you log into Exostar's Managed Access Gateway (MAG) to access an application. Shared MAG user accounts, phone numbers or devices are NOT permitted. The OTP credential is used in combination with your MAG user ID and password. Using this two-factor authentication (password + OTP credential) reduces the risk of unauthorized access to your account and provides added security. OTP Credential Types Depending on the credential requirement for the partner application you are accessing, you will require an OTP Hardware Token without the proofing upgrade, OTP Hardware Token with the proofing upgrade, Phone OTP without the proofing upgrade or Phone OTP with the proofing upgrade. What is the Proofing Upgrade? Upgrading the credential includes adding identity proofing to the credential. The proofing upgrade increases the Level of Assurance (LOA) Exostar and application owners have about your identity when using the credential. Identity proofing is the process of verifying your identity with Exostar. Users in the US are prompted to answer questions about their credit history provided by a credit bureau. Users outside of the US, or those in the US who are unable to complete credit bureau-based questions will be required to complete agent-based proofing with a proofing agent via webcam, someone in your company, or someone within your buyer s organization. How to Determine if You Require the Proofing Upgrade Users can determine if they require an OTP credential with the proofing upgrade credential based on the application(s) that they access through Exostar s Managed Access Gateway (MAG). Most partner applications will require OTP with the proofing upgrade. However, several of the BAE Systems applications accept the OTP credential without the proofing upgrade. Please note that the credential requirement for a partner application is determined by the partner and not Exostar. If you are unsure what the credential requirement is please contact Exostar Tier I Support.

4 About the Registration Process In order to obtain an OTP credential, a purchase is required. Once the purchase has been completed and payment has been received, the purchaser will receive a license key via email. This is required as part of the OTP registration process. The license key you purchase will determine whether you are guided through Identity Proofing as part of the OTP registration process. After the license key has been entered, you will need to complete registration. Purchasing Before completing a purchase, please ensure that you have or will have access to the application that requires the OTP credential. If you are unsure if you require access to the application, please work with your buyer partner or your MAG Application Administrator. If you are an existing MAG account holder, you can purchase OTP credentials by logging into your Exostar Managed Access Gateway (MAG) account and click on Billing and Support. If you are certain that you require an OTP credential but do not have a MAG account, please visit the Exostar Webstore. Purchasing an OTP Credential through your MAG Account Log into your Exostar Managed Access Gateway (MAG) account and click on Billing and Support.

5 If you have never logged into your MAG account, you will need to complete First Time Login. After clicking on Billing & Support, click on Exostar Webstore-Home Page. You will be able to purchase OTP Credentials or the upgrade from Exostar s webstore. You will need to select the OTP credential that you require and click Purchase Now. If you are purchasing an upgrade, click on the credential that you currently have that you wish to add the upgrade to.

6 If purchasing Phone Based OTP, select the partner that you are doing business with and then make the appropriate selection. If purchasing OTP Hardware Token, select the partner that you are doing business with and then make the appropriate selection.

7 Once you have made your selection, click Add to Cart. If you have purchased an upgrade, you will need to select the users that you want to purchase the upgrade for. You will be unable to select users who do not require the upgrade. After making your upgrade selections, click Add to Cart. After you click Add to Cart, the item will appear in your cart. Click Proceed to Checkout.

8 You will be presented with the Payment Information page. You will have the option to pay by credit card or by invoice. Enter your payment information and click Continue. Note: If you select the invoice option, your payment must be received and processed before you will receive the license key to complete the activation of your OTP credential. Additionally, if you have a Reference or PO Number for your invoice, you must submit it to transactions@exostar.com. Please review your order and the disclaimer. Before submitting your order, you will need to check the box acknowledging you have read and agree to the disclaimer.

9 You will receive an order confirmation page with your sales order. You will also receive an order email notification. Once payment has been received, you will receive a second email with the activation for your license key. You need this license key before you initiate the process of registering your OTP credential. If you have purchased an upgrade, you will not receive a license key. IMPORTANT: A single license key may contain one or more licenses, depending on the quantity purchased (e.g. if the purchaser purchases five licenses within a single transaction, one license key will be issued that can be used by five different MAG users). Once a license key has been utilized by a MAG user to begin the OTP registration process, one license will be applied to that MAG user s account and the number of licenses on that key will be reduced by one. However, if the MAG user needs to restart the registration process, the user may use the same license on the license key again as long as they are restarting the registration process with the user id that was previously used.

10 Registering OTP Credentials Log into your Exostar Managed Access Gateway (MAG) account with your username and password. Once you are logged in, select the My Account tab and then the Manage OTP sub-tab. If you are activating a telephone-based credential (Phone OTP), you will have the opportunity to test your phone s ability to receive SMS (text) messages or voice calls from Exostar before you start the registration process. Testing your phone allows you verify that your mobile telephone or land-line telephone is able to receive messages.

11 Before beginning the registration process, please click What is required of me and review the information. Check I understand what is required of me when you are ready to proceed. Enter the license key that you received via email in the License Key field and click Register. If you are registering an OTP Hardware Token, please reference the OTP Hardware Token User Guide. If you are registering a Phone OTP credential please reference the Managed Access Gateway Phone One-Time Password Guide. Adding the Proofing Upgrade to OTP Credentials Once a purchase has been completed and payment has been received for the upgrade, the user will need to complete identity proofing. Users who registered an OTP credential that went through the Boeing vetting process prior to June 2016 already have a proofing upgraded licensed to their accounts and will be able to upgrade proofing without having to complete a purchase. Identity proofing is the process of verifying your identity with Exostar by answering credit bureaubased questions. Users who are unable to complete credit bureau-based questions will be required to complete agent-based proofing with a proofing agent via webcam, someone in your company or someone within your buyer s organization. If you are based internationally, you will have to complete live video proofing. Answering credit bureau-based questions is not an available option for international users.

12 Log into your MAG account and select Manage OTP. From the Proofing Upgrade section, review the information and check the I understand what is required of me box. Click Upgrade. Note: In order for user to proceed with an upgrade from the Manage OTP section of their MAG account, a purchase and payment are required. Users who registered an OTP credential that went through the Boeing vetting process prior to June 2016 already have a proofing upgraded licensed to their accounts and will be able to upgrade proofing without having to complete a purchase. You will need to confirm your legal first and last name. You will also need to select your country. After completing these actions, click Next.

13 A. If you are located in the United States, you will be asked to answer questions about your credit history to prove your identity. B. If you do not answer the questions correctly but the credit bureau is able to locate you with your personal information (e.g. name and address), you will receive the activation code via postal mail. C. Users in the US who cannot be located by the credit bureau, those in the US who opt out of credit history proofing, or those outside of the US will be required to complete agent-based proofing with a proofing agent via webcam. To opt out of credit history proofing, click I Disagree, you will need to follow the steps to be routed to schedule a live video proofing appointment. Once clicking on I Disagree, you cannot be routed back to complete credit bureau-based questions. Credit history proofing and video proofing are described in detail in the sections below. About Live Video Proofing Exostar s Live Video Proofing requires you to present valid Government issued photo identification to prove your identity to an Exostar Proofing Agent over a live webcam-based proofing session. Please review the Acceptable Documentation requirements. Exostar Live Video Proofing takes place within an encrypted Cisco Webex meeting. Before your appointment we highly recommend performing the Webex System Test on your machine, as there will be very limited time during the proofing session to troubleshoot your system configuration. Excessive troubleshooting time during the proofing appointment will likely result in the need to reschedule. For additional information about live video proofing requirements including acceptable documentation and troubleshooting, please reference the Live Video Proofing Resource page. Mobile devices running the Cisco WebEx app may also be used.

14 Scheduling a Video Proofing Appointment You will need to review the information and confirm that you have a functioning webcam (by checking the box) before clicking Next. To schedule your proofing appointment, click Click! to Schedule. Select an appointment date and time from the calendar.

15 Once you have selected a date and time, click Continue. Enter your contact information and click Confirm.

16 You will receive an appointment confirmation page. You should also receive an appointment confirmation email. You will be contacted by an Exostar Proofer on your scheduled appointment date. The proofing appointment can take up to 30 minutes. Rescheduling a Video Proofing Appointment If you need to reschedule your proofing appointment, from your MAG account, select the My Account tab, Manage OTP and click Reschedule Proofing.

17 You will be presented with the option to schedule a new appointment date. Completing Identity Proofing and Activating Your OTP Credential On your scheduled appointment date, you will be contacted by an Exostar Proofer. You will be required to answer a series of yes or no questions and provide your acceptable, unexpired identification via a webcam to the proofer. If you successfully complete proofing, you will be provided with an activation code. The activation code will be required to complete the registration process for your mobile or land-line telephone. If you do not successfully complete the proofing appointment, you will need to reschedule your appointment from your MAG account. The Exostar Proofer will not be able to schedule a new proofing appointment on your behalf. To complete the activation of Phone OTP Credential after completing live video proofing, please reference the Managed Access Gateway Phone One-Time Password User Guide. To activate your OTP Hardware Token after completing live video proofing, please reference the OTP Hardware Token User Guide. About Credit Bureau-Based Proofing Exostar s credit bureau-based proofing requires to verify your identity by answering questions about your credit history to register your credential. If you successfully complete these questions, you will be instructed to register your credential. Credit Bureau-Based Proofing is only available for users located in the United States.

18 Completing Credit Bureau-Based Proofing After entering your license key (illustrated on page 8), you will need to confirm your legal first and last name. You will also need to select your country. After completing these actions, click Next. If you are located within the United States, you have the option to answer credit bureau-based questions. Enter the required information and review the credit bureau consent document before clicking on I Agree.

19 You will be presented with a list of questions. After selecting your responses, click Next.

20 Note: If you do not answer the questions correctly but the credit bureau is able to locate you with your personal information (e.g. name and address), you will receive the activation code via postal mail (for additional information about being directed to the mail option during the phone OTP activation process, please see the FAQs). Activating your OTP Credential after Completing Credit Based-Bureau Proofing If you successfully answer the questions, you will be directed to register your OTP credential. To complete the activation of Phone OTP Credential after completing live video proofing, please reference the Managed Access Gateway Phone One-Time Password User Guide. To activate your OTP Hardware Token after completing live video proofing, please reference the OTP Hardware Token User Guide. Registering OTP Credentials without the Proofing Upgrade After you have entered the license key and clicked Register (illustrated on page 9), you will need to complete the registration process for the appropriate credential. Registering the OTP Hardware Token without the Proofing Upgrade You will need to confirm your legal first and last name. You will also need to select your country. After completing these actions, click Next.

21 You will receive a notification alerting you that can use multiple credentials. Click Submit. Enter the Token Serial Number.

22 This can be found on the back of the hardware token. Press the button on your OTP Hardware Token to generate the first password. Enter this number into the One-Time Password One field. Wait 30 seconds. Press the button on your OTP Hardware Token to generate the second password. Enter the number into the One-Time Password Two field. Click Submit. NOTE: Clicking Skip to Next allows you to register a Phone OTP credential or register an OTP Hardware Token at a later time.

23 You will receive a notification alerting you that you have successfully registered your OTP Hardware Token. Click Complete. You have now registered your OTP Hardware Token. If you would like to elevate your current credential strength from username and password to OTP Hardware Token, please reference the Credential Elevation section in this guide. Registering Phone OTP without the Proofing Upgrade You will need to confirm your legal first and last name. You will also need to select your country. After completing these actions, click Next.

24 You will receive a notification alerting you that can use multiple credentials. Click Submit. Select the delivery method that you want to receive the OTP code on and complete the required fields. Once you have completed all fields, click Send Code. Enter the verification code that you received through your registered delivery method. Click Submit. This may take a few minutes to receive. Please note that the code expires two minutes

25 after you receive it. You can resend the code by selecting Resend Code. You will receive a message stating that you have successfully registered your phone. You will have the ability to add an additional phone. If you would like to add another phone at a later time, click Complete. Credential Elevation MAG provides you with the ability to change what credential strength you are logged in with. For example, if are trying to access an application that requires the OTP credential and you have logged in using only your username and password, you can use credential elevation to change what credential you used to log in, without having to log out and log back in with the correct credential.

26 You can confirm your credential strength from your MAG account. This information will be located in the upper, right hand side of the page. Elevating Using the OTP Hardware Token From My Account, Manage OTP, click Elevate. You will be prompted to enter a one-time password. Press the button on your OTP Hardware Token to generate the password. Enter the number into the One-Time Password field. After you have entered the number, click Authenticate.

27 Your credential strength will now say Hardware OTP. You can now access the application(s) from your Home tab that require this credential strength. Elevating Using Phone OTP To elevate using Phone OTP, go to My Account, Manage OTP and click Elevate. Select the phone that you want to receive the OTP code on so you can elevate. Click Send.

28 You will receive the OTP code on your telephone. Enter the code in the OTP Code field. Click Submit. Note: Once you receive the code, the code expires after two minutes. You can resend the code by selecting Resend Code. Your credential strength will now say Phone OTP. You can now access the application(s) from your Home tab that require this credential strength. Additional OTP User Guides Product specific information about registration, identity proofing, credential management and more can be found in the OTP Hardware Token User Guide and the Phone OTP User Guide. OTP Support Guides can be accessed at http://www.myexostar.com/one-time-password/.

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback