Security Token User Guide - Standard Chartered · PDF fileSecurity Token User Guide ... Rese...

Security Token User Guide


Version July 2015 Page 2 of 19

TABLE OF CONTENTS

1 INTRODUCTION ............................................................................................................................................. 3

1.1 FUNCTIONS OF THE TOKEN .................................................................................................................................. 3

1.2 SECURITY FEATURES OF THE TOKENS ..................................................................................................................... 3

1.3 TOKEN INTERFACE ............................................................................................................................................. 3

1.4 VASCO TOKEN REPLACEMENT ............................................................................................................................. 4

1.5 DEFINITIONS AND ACRONYMS............................................................................................................................. 4

2 LOGIN TO STRAIGHT2BANK WEB ................................................................................................................... 5

2.1 ACTIVATE TOKEN .............................................................................................................................................. 5

2.2 ACTIVATE MULTIPLE USER ID USING SAME TOKEN ................................................................................................... 6

2.3 LOGIN TO STRAIGHT2BANK WEB ......................................................................................................................... 7

2.4 UNLOCK TOKEN FOR LOGIN ................................................................................................................................ 8

3 AUTHORISE A TRANSACTION IN STRAIGHT2BANK WEB ............................................................................. 10

3.1 ACTIVATE TOKEN ............................................................................................................................................ 10

3.2 AUTHORISE A TRANSACTION ............................................................................................................................. 12

3.3 UNLOCK TOKEN FOR AUTHORISING A TRANSACTION ............................................................................................. 13

4 CUSTOMER ADMINSTRATOR FUNCTIONS .................................................................................................. 15

4.1 EDIT AND AUTHORISE USER PROFILE ................................................................................................................. 15

4.2 RESET USER WITH PASSWORD LOCKED STATUS ................................................................................................... 16

5 CHANGE TOKEN ACCESS PIN ....................................................................................................................... 18

6 DISCLAIMER ................................................................................................................................................ 19



1 INTRODUCTION

The Vasco Security Token (hereafter referred to as the token) is a portable physical security device which

will enable you to login to Straight2Bank Web and authorise your transactions with an added layer of

security without compromising on your convenience.

1.1 Functions of the Token

1. To login to Straight2Bank Web (covered in Section 2 of this User Guide)

2. To authorise transactions in Straight2Bank Web (covered in Section 3 of this User Guide) 3. To perform customer administrator functions (covered in section 4 of this User Guide):

Edit, create new user Reset user with password locked status

1.2 Security Features of the Tokens

The Token provides multi-factor authentication based on: Something you have (the token itself), and

Something you know (the PIN code to access the token) Both factors help to ensure that you are authenticating or signing onto Straight2Bank Web and not

unauthorised party. The token is also extremely portable, allowing for security anytime and anywhere.

1.3 Token Interface

1.3.1 Description of Token Interface buttons

1. Token Screen: Displays messages and token responses 2. DP 260 On/Enter/Off Button: Used to Switch On or Off the token and Enter PIN and security

codes to generate token response and also to clear the last entered digit.

3. DP 275 – Press and hold green button for two seconds and release to turn device on and off. The Backspace button in red is used to clear the last entered digit.

Note: The token switches off automatically after 1 minute of inactivity



1.4 Vasco Token Replacement

Each token has a battery life span of 3 to 5 years from the time of initialization, depending on usage.

When the battery is running low for a token, the following warning messages will be displayed on the

LCD for about 2 seconds, every time that the user turns on the token.

Warning Message on LCD

Meaning

BATT5

4 weeks estimated battery life remaining

BATT4


BATT3


BATT2

1 week estimated battery life remaining

BATT1

Battery life is exhausted

When the BATT2 warning starts to flash, please fill in the PIP form (available for download from

Straight2Bank Help) and send it to your local solution delivery representative to request for a new token.

1.5 Definitions and Acronyms

1.

Encrypted String

A secured string of characters (alphabets and letters) that

is required to activate the token for the first time.

2.

One Time Password (OTP)

Numeric response generated by the token and required

to login into Straight2Bank Web.

3.

Personal Identification Number

(PIN)

Numeric personal code (set by the user) required to

access the token each time.

4.

Personal Identification Phrase

(PIP) or Shared Secret

A secret phrase generated by system and sent to user

which is needed to map and activate a token. This

phrase is also used to unlock a token.

5.

Token Response

Numeric code generated by the token and required to

authorise a transaction in Straight2Bank Web.

6.

Unlock Code

A numeric code displayed on the token screen after five

consecutive wrong entries of the token PIN.



2 LOGIN TO STRAIGHT2BANK WEB

If you are set-up to login to Straight2Bank Web using a security token, you will need to use it every time you

login.

2.1 Activate Token

Step 1: Receive emails from Straight2Bank Web Admin titled “Straight2Bank Web Security Token Activation” and “Shared secret for VASCO token” Once you have been set up in the system as a Vasco token user, you will receive an email from

Straight2Bank Web Admin with the title “Straight2Bank Web Security Token Activation” which will contain an “encrypted string”, which is a secured string of characters that you need to use to activate your

token.

You will also receive another email from Straight2Bank Web Admin with the title “Shared secret for VASCO token” which will contain the “shared secret” that is mapped to the security token. Step 2: Login to Straight2Bank Web Go to Straight2Bank Web - https://s2b.standardchartered.com Enter your

Group ID

User ID and click the ‘Login’ button

Step 3: On the next screen, click on ‘Initialise PIN’

https://s2b.standardchartered.com/



Step 4: System will prompt you to enter:

1. ‘Encrypted String’ received from Straight2Bank Web Admin (Step 1)

2. ‘Shared Secret’ (PIP) received from Straight2Bank Web Admin (Step 1) 3. Click ‘Submit’, as shown below. The system will generate an initial PIN which will be displayed as shown below.

Step 5: Activate Token

Press on the ‘ON’ button

Input the initial PIN (generated in Step 3)

Token will prompt you to change the Pin and display ‘Change Pin’

Enter your new numeric security PIN Token will display message ‘PIN CONF’

Enter the ‘New Pin again to confirm the change of PIN Click ‘Proceed’ on the screen. Your Vasco Token is now activated. You can proceed to login to

Straight2Bank Web by using One-Time Password (OTP) (see section 2.2 on how to use the token to Login to Straight2Bank Web).

2.2 Activate multiple user ID using same token

Step 1: Login to Straight2Bank Web Go to Straight2Bank Web - https://s2b.standardchartered.com Enter your Group ID

User ID and click the ‘Login’ button




Step 2: On the next screen, click on ‘Initialise PIN’

Step 3: Click ‘Vasco OTP’ button Step 4: Generate Token One-Time Password (OTP)


Token screen will display message ‘_ _ _ _ _ _ ’

Input your numeric personal security PIN Token will display ‘APPLI -’

Press BUTTON ‘1’ (which is meant for OTP)

Token will generate the password (OTP) and display it on the token screen

Step 5: Enter ‘OTP’ generated by the token on the Straight2Bank Web screen as shown below Step 6: Click ‘Proceed’ to Login to Straight2Bank Web Home Page

Note: Your user ID will be activated upon first successful login. You may repeat Section 2.2 steps to

activate other user ID using the same token, should there be any.

2.3 Login to Straight2Bank Web

Step 1: After activating your Token (Section 2.1), when you need to subsequently login to Straight2Bank

Web, go to the Straight2Bank Web login screen - https://s2b.standardchartered.com Enter your

Group ID User ID and click the ‘Login’ button.




The system will prompt you for your one-time password (OTP). Step 2: Generate Token One-Time Password (OTP)


Token screen will display message ‘_ _ _ _ _ _ ’

Input your numeric personal security PIN Token will display ‘APPLI -’

Press BUTTON ‘1’ (which is meant for OTP)

Token will generate the password (OTP) and display it on the token screen Step 3: Enter ‘OTP’ generated by the token on the Straight2Bank Web screen as shown below

Step 4: Click ‘Proceed’ to Login to Straight2Bank Web Home Page

2.4 Unlock Token for Login

For added security from the token getting into the hands of an unauthorised person, there is a lock token feature. The token will get locked on 5 wrong personal PIN entries.

A locked token will constantly display the ‘unlock code’ on its screen. You need this code to unlock your

token. Step 1: Please call your local solution delivery representative to unlock your token.

Step 2: Receive emails from Straight2Bank Web Admin Once your token has been reactivated, you will receive an email from Straight2Bank Web Admin with the

title “Straight2Bank Web Security Token Activation” which will contain an “encrypted string”, which is a secured string of characters that you need to use to activate your token.

You will also receive another email from Straight2Bank Web Admin with the title “Shared secret for

VASCO token” which will contain the “shared secret” that is mapped to the security token. Step 3: Go to Straight2Bank Web - https://s2b.standardchartered.com Enter your

Group ID User ID and click the ‘Submit’ button.

The system will prompt your for your OTP. Click on the “Vasco Unlock Token” button as shown below.



Step 4: Enter the following:

Encrypted String’ received from Straight2Bank Web Admin (Step 2)

2. ‘Shared Secret’ (PIP) received from Straight2Bank Web Admin (Step 2)

3. ‘Unlock Code’ (as displayed in the token screen of the locked token) and click ‘Submit’ as shown below.

The system will display a PIN to unlock the token. Step 5: Use the PIN to re-activate your token as follows: On the token (token screen will display “Unlock resp”, followed by the numeric ‘unlock code’)


Token display “Unlock resp”

Enter PIN as displayed on Straight2Bank Web screen

Token is unlocked Token will prompt you to change the PIN and display ‘NEW PIN’

Enter your new personal numeric PIN Token will display message ‘PIN CONF’ Enter the New Pin again to confirm the change of PIN



3 AUTHORISE A TRANSACTION IN STRAIGHT2BANK WEB

If you are an approver who has been set-up to use a Vasco Token for approving transactions in Straight2Bank Web, you will need to use your token every time you have to authorise a transaction.

3.1 Activate Token

Note: If you are an authoriser who needs a token to login to Straight2Bank Web, you do not need to perform

these steps as your token would have been activated as part of the login procedure (refer to Section 2.1) Step 1: Receive emails from Straight2Bank Web Admin titled “Straight2Bank Web Security Token Activation” and “Shared secret for VASCO token” Once you have been set up in the system as a Vasco token user, you will receive an email from Straight2Bank Web Admin with the title “Straight2Bank Web Security Token Activation” which will

contain an “encrypted string”, which is a secured string of characters that you need to use to activate your token.

You will also receive another email from Straight2Bank Web Admin with the title “Shared secret for VASCO token” which will contain the “shared secret” that is mapped to the security token. Step 2: Login to Straight2Bank Web Go to Straight2Bank Web - https://s2b.standardchartered.com Enter your

Group ID User ID and click the ‘Login’ button Enter your Straight2Bank Web password (in the subsequent screen) and click ‘Proceed’

You will be taken to the Straight2Bank Web Home Page.



Step 3: Use Vasco Pin Decryptor Function Go to Vasco Pin Decryptor function located under Cash Management - Transactions- Utilities menu as

shown in the screen below. System will prompt you to enter

1. ‘Encrypted String’ received from Straight2Bank Web Admin (Step 1)


3. Click ‘Submit’, as shown below.

The system will generate an initial PIN which will be displayed as shown below.



Step 4: Activate Token


Token screen will display message ‘_ _ _ _ _ _’

Token screen will display message ‘Initial Pin’

Input the initial PIN (generated in Step 3) System will prompt you to change the Pin and display ‘NEW PIN ’

Enter your new personal numeric Pin System will display message ‘PIN CONF ’

Enter the New Pin again to confirm the change of PIN Your token is now activated.

3.2 Authorise a Transaction

For authorisation your operator(s) will inform you of the batch number that requires authorisation with

support documents. Alternatively you will receive an e-mail alert to log into Straight2Bank Web for

authorisation if you have subscribed to it. (Refer to the “Approver Easy Reference Guide” in Straight2Bank

Web help for more details on the authorisation process).

Step 1: Once you have clicked the “Save” button after authorising a batch or a single payment, the

‘challenge and response’ screen will be shown:

Step 2: Generate Vasco Token Response for Authorisation as described below:


Token screen will display message ‘PIN’

Enter your personal numeric PIN Token screen will display ‘APPLI _’

Enter Button ‘2’ to select Transaction authentication

Enter the ‘CHALLENGE NUMBER’ from the ‘Challenge And Response’ screen

Token will generate the token response

Step 3: Enter the response generated by the Token in the ‘Response' field and click ‘Submit’.

12345678 Upon successful verification, the payments batch status will be updated to either Partially Signed status or

Fully Signed according to your signing arrangement.



3.3 Unlock Token for Authorising a Transaction

For added security from the token getting into the hands of an unauthorised person, there is a lock token

feature. The token will get locked on 5 wrong personal PIN entries. A locked token will constantly display the ‘unlock code’ on its screen. You need this code to unlock your token. Step 1: Please call your local solution delivery representative to unlock your token.

Step 2: Receive emails from Straight2Bank Web Admin Once you have been set up in the system as a Vasco token user, you will receive an email from Straight2Bank Web Admin with the title “Straight2Bank Web Security Token Activation” which will

contain an “encrypted string”, which is a secured string of characters that you need to use to activate/reactivate your token.

You will also receive another email from Straight2Bank Web Admin with the title “Shared secret for VASCO token” which will contain the “shared secret” that is mapped to the security token.

Step 3: Go to Straight2Bank Web - https://s2b.standardchartered.com Enter your

Group ID User ID and click the ‘Login’ button Enter your Straight2Bank Web password (in the subsequent screen) and click ‘Proceed’ to login to

Straight2Bank Web

Step 4: On Straight2Bank Web Home Page, access Vasco Unlock Token, under Cash-Transactions-

Utilities menu as shown below.



You will be taken to the following screen: Step 5: Enter the following

Encrypted String’ received from Straight2Bank Web Admin (Step 2)


3. ‘Unlock Code’ (as displayed in the token screen of the locked token) and click ‘Submit’ as shown below.

Step 6: System will display numeric PIN to unlock token

Step 7: Use the PIN to re-activate your token as follows: On the token (token will display “Unlock resp”, followed by a numeric unlock code)

Enter response code as displayed on Straight2Bank Web screen Token is unlocked Token will prompt you to change the PIN and display ‘NEW PIN’

Enter your numeric personal PIN Token will display message ‘PIN CONF’ Enter the ‘New Pin’ again to confirm the change of PIN



4 CUSTOMER ADMINSTRATOR FUNCTIONS

If you are a customer administrator, you would need your Vasco token to create and edit user profiles as well as to reset users with ‘locked password’ status on Straight2Bank Web.

4.1 Edit and Authorise User Profile

Step 1: After editing a user profile, click ‘Save User’ and a pop up box titled ‘User Authentication’ will appear

on top left corner requesting for your Vasco OTP. Step 2: Generate the Vasco OTP using the following steps (same process as login):



Enter your personal security PIN Token screen will display ‘APPLI _’

Enter Button ‘1’ to select OTP generation Token will generate the password (OTP) and display it on the token screen Step 3: Enter the OTP in the ‘Vasco OTP’ box and click Submit The user record will be authorised and saved.



4.2 Reset User with Password Locked Status

If a user keys in 3 invalid OTP at login stage, their status will changed from ‘Active’ to ‘Password Locked’. In

order to reset the profile for a ‘locked’ user, you as a Customer Administrator needs to perform the following

steps:

Step 1: Login to Straight2Bank Web using your Customer Admin User Id and Vasco token OTP. Step 2: Go to Administration → Manage Users and select the user that needs to be reset and click

on the ‘Reset User’ button.

You will be taken to the ‘Reset User Record’ screen with a pop up window on the left hand corner of the screen prompting for the OTP (as shown below).



Step 3: Use your Vasco token to generate the OTP



Enter your numeric personal security PIN Token screen will display ‘APPLI _’

Enter Button ‘1’ to select OTP generation Token will generate the password (OTP) and display it on the token screen Step 4: Enter the OTP in the “Vasco OTP” field in the pop-up window and click ‘Submit’ button.

The transaction will be authorised and the system will display “User Password has been successfully reset “.



5 CHANGE TOKEN ACCESS PIN

To change your token access PIN, perform the following steps:

Press on the ON button.

Token screen will display message ‘_ _ _ _ _ _ ‘

Input your numeric personal security PIN Token screen will display ‘APPLI _’ Now PRESS on the ON button continuously for 5 seconds.

Token will prompt for a ‘NEW PIN’ Enter your new numeric PIN

Token will display ‘PIN CONF’ now

Repeat your new PIN again to confirm the PIN change Continue to access and use the token using the new PIN inorder to login to Straight2Bank Web or authorise

transactions in Straight2Bank Web.



6 DISCLAIMER

This document is issued by Standard Chartered Bank (“SCB”). While all reasonable care has been taken in preparing this document, no responsibility or liability is accepted for any errors of fact, omission or for any opinion expressed herein. You are advised to exercise your own independent judgment (with the advice of your professional advisers as necessary) with respect to the risks and consequences of any matter contained herein. SCB expressly disclaims any liability and responsibility for any losses

arising from any uses to which this document is put and for any errors or omissions in this document. This document contains information that is proprietary to SCB and should not be circulated to third parties without SCB’s prior written approval.

All services provided by Standard Chartered, its subsidiaries or related companies, are subject to applicable

laws and regulations in each territory concerned. Please check the availability of specific services in a

particular country with your relationship manager.

This document is provided for information only and is subject to change without notice.

No part of this document may be reproduced or transmitted in any format by any means (electronic or mechanical) for any purpose without the permission of Standard Chartered.

Date post:	16-Feb-2018
Category:	Documents
Upload:	hadieu
View:	218 times
Download:	0 times

Security Token User Guide - Standard Chartered · PDF fileSecurity Token User Guide ... Rese...

Documents