Authentication
Passwords are the most common form of authentication used in the world today. But passwords can easily be forgotten and commonly compromised. Two-factor authentication (2FA) adds an extra layer of security by requiring users to use two different authentication factors to verify their identity.
The two step verification or 2 Factor Authentication is an extra layer of security that is known as "multi factor authentication" that requires not only a password and username but also something that only, and only, the user knows e.g. tokens, OTP, answer of security questions etc. Using a Two Factor Authentication process can help to lower the number of cases of identity theft on the Internet, as well as phishing via email. For security reason authentication is used by user (Retail/ Corporate) while performing transactions through OBAPI platform.
The Two Factor Authentication requires two different kinds of evidence before executing transaction successfully. This option enables the System AdministratorAdministrator is a set of individuals that administer the applicant/Affiliate entity. For example, Accountants, Authorized Signatories for organizations, Power of Attorney for individuals. to maintain authentication pattern for each transaction of a specific user segment .
The types of 2 factor authentication used are as follows:
- Security Question
- Soft Token
- One Time Password (OTP)
Pre-requisites
- Transaction access is provided to System Administrator.
- Approval rule set up for System Administrator to perform the actions.
- Transactions are enabled for 2 Factor Authentication
Workflow
Features Supported In Application
The following options are available as part of this maintenance:
How to reach here:
Administration Dashboard > Security > Authentication
Authentication - View
On accessing ‘Authentication’ menu, system displays the existing maintenance available for selected user segment To view the authentication setup for user segment.
To view the authentication setup for user segment:
- From the User Segment list, select the appropriate user segment.
Field Name |
Description |
---|---|
User Segment |
The user segments maintained by the Bank. The options are:
|
- Click
OR
Click to cancel the transaction.
OR
Click to go back to Dashboard.
to view the 2FA maintained for the user segment. The Authentication - View screen appears.
Note: If the existing maintenance is not available for selected user segment, message will be displayed ". 2 Factor Authentication for this user segment has not been set up yet" with the Set up now button which launches the screen to maintain 2 Factor Authentication.
Field Name |
Description |
---|---|
View |
|
User Segment |
View the user segment for which the 2 Factor Authentication is set-up. |
Transactions |
|
Transaction Types |
The transaction type for which the 2 Factor Authentication is set-up. |
Level 1 |
Displays the first level of two factor authentication mode (Security Questions, One Time Password or Soft Token) set for the transaction type. |
Number of Security Questions |
Number of security questions to be asked from user at level 1 authentication. This field appears only if the Security Question option is selected as the Authentication mode. |
Level 2 |
Displays the second level of two factor authentication mode (Security Questions, One Time Password or Soft Token) set for the transaction type. |
Number of Security Questions |
Number of security questions to be asked from user at level 2 authentication. This field appears only if the Security Question option is selected in the Authentication. |
- Click
OR
Click to cancel the transaction.
OR
Click to go back to previous screen.
to update the details. Screen in editable mode appears.
Authentication - Edit
System Administrator can modify existing authentication maintenance.
To edit the authentication setup:
- From the User Segment list, select the appropriate user segment.
- Click to view the 2 Factor Authentications maintained for the user segment. The Authentication - View screen appears.
- Click . The Authentication – Edit screen with values in editable form appears.
Field Name |
Description |
---|---|
Edit |
|
User Segment |
View the user segment for which the 2 Factor Authentication is set-up. |
Transactions |
|
Transaction Types |
The transaction type for which the 2 Factor Authentication is set-up. |
Level 1 |
The first level of two factor authentication mode (Security Questions, One Time Password or Soft Token) set for the transaction type. The options are:
|
Number of Security Questions |
Number of security questions to be asked from user from user at level 1 authentication. This field appears only if the Security Question option is selected as the Authentication mode. |
Level 2 |
The second level of two factor authentication mode (Security Questions, One Time Password or Soft Token) set for the transaction type. The options are:
|
Number of Security Question |
Number of security questions to be asked at level 2 authentication. This field appears only if the Security Question option is selected as the Authenticationmode. |
- In Transactions section, in Level 1 of authentication select the appropriate option.
- If user selects Security Question option:
- In the Number of Security Questions field enter the number of security questions to be asked.
- In Transactions section, in Level 2 of authentication select the appropriate option.
- If user selects Security Question option:
- In the Number of Security Questions field enter the number of security questions to be asked.
-
Note: Click to apply the same kind of level 1 & level 2 authentications for all transaction types.
- Click
OR
Click to cancel the operation and navigate back to ‘Dashboard’.
OR
Click to go back to previous screen.
to save the changes made. - The Authentication – Review screen appears. Verify the details, and click
OR
Click to cancel the operation and navigate back to ‘Dashboard’.
OR
Click to go back to previous screen.
. - The success message of Authentication setup appears along with the transaction reference number.
Click to complete the transaction and navigate back to ‘Dashboard’.
Authentication - Create
System Administrator can create authentication maintenance if the maintenance is not available.
To create the Authentication setup for user segment:
- From the User Segment list, select the appropriate user segment.
Authentication Setup
Field Name |
Description |
---|---|
User Segment |
The user segment for which the 2FA is to be set. The options are:
|
- Click
OR
Click to view the 2 Factor Authentication maintained for the user segment. The Authentication - View screen appears.
to cancel the transaction. -
Note: If the existing maintenance is not available for selected user segment, message will be displayed "Authentication for this user segment has not been set up yet".
- Click to create new 2Factor Authentication. The Authentication- Create screen appears.
Authentication - Create
Field Name |
Description |
---|---|
Create |
|
User Segment |
View the user segment for which the 2 Factor Authentication is set-up. The options are:
|
Transactions |
|
Transaction Types |
The transaction type for which the 2 Factor Authentication is set-up. |
Level 1 |
The first level of two factor authentication mode (Security Questions, One Time Password or Soft Token) set for the transaction type. The options are:
|
Number of Questions |
Number of security questions to be asked from user at level 1 authentication. This field appears only if the Security Question option is selected as the Authentication mode. |
Level 2 |
The second level of two factor authentication mode (Security Questions, One Time Password or Soft Token) set for the transaction type. The options are:
Note: The 1st and 2nd level of authentication are not the same viz., Security Question cannot be set-up as both Level 1 & Level 2 Approval. |
Number of Questions |
Number of security questions to be asked from user at level 2 authentication. This field appears only if the Security Question option is selected as the Authentication mode. |
- In Transactions section, in Level 1 of authentication select the appropriate option.
- If user selects Security Question option:
- In the Number of Questions field enter the number of security questions to be asked.
- In Transactions section, in Level 2 of authentication select the appropriate option.
- If user selects Security Question option:
- In the Number of Questions field enter the number of security questions to be asked.
-
Note: Click to apply the same kind of level 1 & level 2 authentications for all transaction types.
- Click
OR
Click to cancel the operation and navigate back to ‘Dashboard’.
OR
Click to go back tom previous screen.
to save the changes made. - The Authentication Create– Review screen appears. Verify the details, and click
OR
Click to cancel the operation and navigate back to ‘Dashboard’.
OR
Click to go back tom previous screen.
. - The success message of Authentication setup appears along with the transaction reference number.
Click to complete the transaction and navigate back to ‘Dashboard’.
FAQs
Can I also set the 2Factor Authentication for transaction approval?
When will the changes made in authentication maintenance be applied?
Is it mandatory to set authentication method at both the levels?
Can I set ‘No additional authentication required’ for specific transaction?
Where can I define which security questions to be asked to the users?