Configuring Oracle Retail Xstore Point-of-Service Security

...continued from step 4

This option is only available for the Global scope.

1. Select an option from the Security Configuration page:

   Figure 5-41 Security Configuration Page Options

   
   

   

   
   

   • Select Security Privileges to set up Oracle Retail Xstore Point-of-Service security privileges. Continue with step 2 below.

   • Select Security Groups to add or edit existing Oracle Retail Xstore Point-of- Service security groups. Skip to Security Groups Setup.

     Select Security System Configuration to configure system configuration settings specific to security. Skip to Security System Configuration.

2. At the Security Privileges page, select a privilege to edit.

   Note:

   To find a security privilege in the list, type any text that may be part of the privilege in the "Find a Privilege" text box at the top of the page.

3. Edit the Security Privilege as needed:

   Figure 5-42 Edit Security Privilege Window

   
   

   

   
   

   Edit Form Navigation Options:

   • To close the form without saving your changes, click the close icon.

   • To view the previous/next configurations in the category, click the Previous/Next button.

   • Is authentication required? - Determines if the POS system should either always prompt for authentication, or authenticate against the current POS user. If selected, indicates that authentication is required for this privilege type.

   • Can this privilege be overridden? - If selected, the privilege can be overridden.

   • Security Groups - Select all groups that apply. For example:

     • Everyone

     • Trainee

     • Cashier

     • Keyholder

     • Manager

   • Is a second set of credentials required? - Determines whether a second authorization is required.

     If selected, complete additional information as needed:

     • Do they have to be different than the first set? - If selected, then the same Employee ID cannot be used in both prompts.

     • Second Security Groups - Select all groups that apply.

4. Click Save to return to the Security Configuration page.

5. After completing Security Privilege setup, you can perform the following options:

   • To deploy your changes, see Deploying Configuration Changes.

   • To view a summary list of a profile element's configuration changes to identify how it differs from the global configuration, see Viewing Configuration Changes.

Security Groups Setup

1. Select Security Groups from the Security Configuration page.

   Figure 5-43 Security Configuration Page Options

   
   

   

   
   

2. You have the following options at the Security Groups Page:

   Figure 5-44 Security Groups Page

   
   

   

   
   

   • To add a new Security Group, click the Add a new security group link.

     1. Enter the information in the Add Security Group window. All fields are required.

        Figure 5-45 Add Security Group Window

        
        

        

        
        

     2. Click Save. The new group is added to the Security Groups list.

   • To edit an existing Security Group, select it in the Security Groups list, then click Edit.

     1. Enter the information in the Edit Security Group window. Only the rank can be changed.

        Figure 5-46 Edit Security Group Window

        
        

        

        
        

     2. Click Save.

3. After completing Security Groups setup, you can perform the following options:

   • To deploy your changes, see Deploying Configuration Changes.

   • To view a summary list of a profile element's configuration changes to identify how it differs from the global configuration, see Viewing Configuration Changes.

Security System Configuration

Note:

The system configuration options for security in this feature are simply a subset of the system configuration options available from Oracle Retail Xstore Point-of-Service System Config Options. See Configuring Xstore Point-of-Service System Config Options for more information.

The following configurations apply specifically to security. The categories have been set up as follows:

• House Accounts

• Sales

• Security

• Store Specific

• Tender Options

• Till Accountability

• Warranty

House Accounts

Manager override when tender amount exceeds house account balance? - Determines whether the system prompts for manager override if the tender amount exceeds the remaining balance of the house account. If Yes, and a manager-level user is logged in, the system displays the credit limit and prompts the user to proceed. If a user lower than the manager privilege is logged in, and the user chooses to proceed with exceeding the credit limit, the manager security login displays for approval.

Sales

Allow user to ring his/her own sale? - Determines whether the system allows employees to ring retail transactions for themselves.

Security

• Account lockout allowable retry attempts. - If Account Lockout functionality is enabled, the system locks out the associate's account after this number of failed login retries. Default: Enabled, set to 3 attempts.

• Allowable retry attempts per challenge question. - If Account Lockout functionality is enabled, the system locks out the associate's account after this number of failed challenge question retries.

• Enable Lockout Feature For Failed Login Attempts? - Turns on/off the Account Lockout functionality where the system locks out the associate's account after a configured number of failed login retries. Default: Enabled

• Enable password expiration? - Turns on/off Password Expiration functionality to expire an employee login password after a specified number of days. Default: Enabled

• Identify the ID to use for employee logon - Determines the type of identification the associates will use to log into the system; Employee ID or Login ID.

• Login with employee card does not require password entry - If enabled, the login to Xstore POS with an MSR-based employee card does not require entering a password. If disabled, the employee card will be used to provide the user ID, but password entry will be required to complete login.

• Password expiration days. - If Password Expiration functionality is enabled, the system expires an employee login password after this number of days. Default: 90 days

• Password re-use restriction count. - Associates are not allowed to reuse the same password within this number of password resets.

• Specify the number of minutes to wait before unlocking the previously locked users. - The system automatically unlocks the previously locked users after this number of minutes from their locked out time stamp.

• The interval between attempts to unlock previously locked users. - The interval, in seconds, between attempts to unlock previously locked users.

• The number of challenge questions required for employee identification. - This setting provides the ability to dictate how many challenge questions employees must answer before being allowed to reset their password.

  Note:

  There are ten challenge questions stored within the database, therefore no more than ten questions can be asked.

• Relate default user ID. - The default user ID that has access to Oracle Retail Customer Engagement Cloud Services. This user ID must be set up in both Oracle Retail Xstore Point of Service and Oracle Retail Customer Engagement Cloud Services for WSDL version 2.

• Relate user security type. - Determines how user data security should be pulled from Oracle Retail Customer Engagement Cloud Services. This will tell whether the security is based on the individual user, the user's role, or a default user.

• Treat security groups as 'Greater-Than' or 'Greater-Than Or Equal-To'. - When creating/editing employees, this determines whether higher-ranked in sec_groups.group_rank means greater than or greater than or equal.

  • Answer Yes to allow a logged in user to edit associates with a rank that is equal to or lower than the logged in associate.

  • Answer No if the logged in user can only edit associates with a lower rank than themselves. If set to No, the highest ranking employee in the store will be unable to create or edit an employee of equal rank. In this scenario, the information must be downloaded from the home office rather than created in the store. (For example, if Manager is the highest rank in the store, new managers must be downloaded from the home office rather than created in the store).

• Use challenge questions for employee password reset? - Turning this setting on will enable the use of challenge questions to identify an employee for the purpose of resetting the employee's password.

  Note:

  Once this is turned on, any employee that has yet to select and answer challenge questions will be forced to do so upon successfully logging into back office or register mode.

Store Specific

• Default the type of ID required for tenders requiring customer identification. - The default identification type used for certain tenders that require customer identification information. Valid Values: Drivers License, Social Security, Military Id, Credit Card, Employee Id, Customer Card, Any identification type

• Hide menu options from users that do not have appropriate security levels? - This is used to hide menu options the user does not have security privileges to use. Answer yes to hide the menu option completely. Answer no to display the option as disabled.

Tender Options

• Authorization method code for BinSmart lookups for Merchant Warehouse. - This is the authorization method code used to perform the lookup. Valid only for Merchant Warehouse.

• Display rounded cash total? - Only applicable for currency rounding, this indicates whether the rounded cash total is displayed below the transaction total in the viewport.

• Enable merchant Warehouse's BinSmart lookups? - This determines whether Merchant Warehouse's BinSmart lookups are used for Credit/Debit authorizations.

• Export hashed account number? - Determines whether or not to include the hashed account number in PosLog.xml.

• Inform users with a message that no signature is required? - This option controls turning off/on the information message displayed when processing a transaction below a configured value.

• Preferred payment recommendation when errors occur. - This is the preferred payment recommendation when an error occurs or a failed response is returned; credit or debit.

• Require pin pad entry for debit tender? - Determines whether a pin pad device is required for tendering with a debit card.

• Specify the rounding method to use for local currency. - The local currency amount rounding method.

  • Half Up - Round to the nearest neighbor unless equidistant, then round up.

  • Half Down - Round to the nearest neighbor unless equidistant, then round down.

  • Half Even - Round to the nearest neighbor unless equidistant, then round to even neighbor. Example: 2.5 rounds to 2 while 3.5 rounds to 4.

  • Ceiling - Round toward positive infinity. This is the opposite of FLOOR and never decreases the calculated value.

  • Down - Round to the next digit; closer to zero.

  • Floor - Round down toward negative infinity. This is the opposite of CEILING and never increases the calculated value

  • Up - Round to the next digit; away from zero.

  • Unnecessary - Rounding is not necessary.

Till Accountability

• Adjust store bank balance by deposit discrepancies? - Determines whether the system automatically adjusts the store bank balance based on the bank deposit discrepancy.

• Count method used for cash pickup - The cash count entry method for a cash pickup.

• Count method used for opening store bank - The cash count entry method used for counting the store bank.

• Count method used for store bank deposit - The store bank deposit till count method. This configuration is only valid if the store requires an end count of the store bank at store close.

• Count method used for opening a till - The cash count entry method for a till opening count.

• Count method used for store bank - The cash count entry method for a store bank deposit.

• Display count balance info on till close count? - Determines whether the system displays the till count balance and discrepancy information after the associate completes the till close count.

• Display options for cash pickup summary. - The cash pickup count summary screen display type.

  • Minimum - Declared amount

  • Simple - Declared amount, system amount

  • Detailed - Declared amount, system amount, over/under amount

  • Full - Currently, same as Detailed

• Display options for mid-day deposit till count summary. - The mid-day deposit till count summary screen display type.

  • Minimum - Declared amount

  • Simple - Declared amount, system amount

  • Detailed - Declared amount, system amount, over/under amount

  • Full - Currently, same as Detailed

• Display options for till end count summary. - The till end count summary screen display type.

  • Minimum - Declared amount

  • Simple - Declared amount, system amount

  • Detailed - Declared amount, system amount, over/under amount

  • Full - Currently, same as Detailed

• Display options for till reconciliation summary. - The till reconcile count summary screen display type.

  • Minimum - Declared amount

  • Simple - Declared amount, system amount

  • Detailed - Declared amount, system amount, over/under amount

  • Full - Currently, same as Detailed

• Display options for till start count. - The cash count entry method used for the start count.

  • Minimum - Declared amount

  • Simple - Declared amount, system amount

  • Detailed - Declared amount, system amount, over/under amount

  • Full - Currently, same as Detailed

• Force re-count of till with discrepancies over threshold? - Determines whether the system forces a till recount if the till close count discrepancy exceeds the threshold.

• Method Of Counting Cash Deposit. - The cash count entry method for a store bank deposit.

  • Total Short - User enters total cash amount only.

  • Denomination - User enters denominated cash amounts.

• Method Of Counting For Start Till. - The cash count entry method for a till opening count.

  • Total Short - User enters total cash amount only.

  • Denomination - User enters denominated cash amounts.

• Method Of Counting For Store Bank Opening. - The cash count entry method used for counting the store bank.

  • Total Short - User enters total cash amount only.

  • Denomination - User enters denominated cash amounts.

• Method Of Counting For Till Cash Transfer. - The cash count entry method for a cash transfer.

  • Total Short - User enters total cash amount only.

  • Denomination - User enters denominated cash amounts.

• Method Of Counting For Till Pickup. - The cash count entry method for a cash pickup.

  • Total Short - User enters total cash amount only.

  • Denomination - User enters denominated cash amounts.

• Method To Count Store Bank Deposit. - The store bank deposit till count method. This configuration is only valid if the store requires an end count of the store bank at store close.

  • Storebank Complete - Brings up the entire store bank end count screen for all tenders.

  • Remaining Cash - Prompt the user to enter the total cash NOT to be deposited to the bank institution.

  • Complete Deposit - Deposit all tenders from the store bank to the bank institution.

• Notify at end of a transaction when cash in drawer is below this threshold. - When the cash amount in the drawer drops below this amount after a retail transaction is completed, an acknowledge-only prompt will appear and notify the user.

• Print total cash pickup amounts on closing till receipts? - Determines whether the system prints the total cash pickup amount on closing till count receipts.

• Prompt user to open store bank during store open? - Determines whether the system automatically prompts the user asking if they wish to open the store bank when the store is opened.

• Require store bank deposit count at close? - Determines whether the system requires a store bank deposit count at store close.

• Skip initial count summary - When initiating a count, determines whether the system displays the tender summary list or the first tender to be counted.

• Threshold amount used for suggested cash pickup. - When the cash amount exceeds this configured maximum amount, the system will prompt the associate to perform a cash pickup with the amount that is the current cash total minus this amount. This is a positive floating point number indicating the minimum amount of cash that should be left in the till following a pickup.

• Validate cash refund amounts against the current till count? - Determines whether the system validates refund cash amounts to ensure the current till cash amount is greater than the refund cash amount.

• Validate store bank deposit amount against system? - Determines whether the system validates the store bank deposit amount and prompts the associate to accept or recount if there is any discrepancy.

Warranty

• Allow warranties not on file? - Per each context (return or work order), when enabled, the system will allow the user to apply existing warranties that cannot be verified (given appropriate security clearance). When disabled, the application of unverifiable warranties will always be prohibited. Valid Values: Return, Work Order