Embed Size (px)
Citation preview
KAS-Web – Manual IDG Operator / Version 0.1
KAS BANK N.V. 1
KAS-WEB: MANUAL IDG OPERATOR
Contents
1. Log on to IdentityGuard ................................................................................ 2
2. User management via IdentityGuard Administration ......................................... 3
2.1 User Accounts ............................................................................................... 3
2.1.1. Go To Account .................................................................................... 3
2.1.2. Find Accounts ..................................................................................... 4
2.2 Reports ........................................................................................................ 5
2.3 Smart Credentials ......................................................................................... 5
3. Operator role ............................................................................................... 6
3.1 Operator 1 ................................................................................................... 6
3.1.1. Add the contact information ..................................................................... 6
3.1.2. Create an initial password ........................................................................ 7
3.1.3. Create the smart credentials .................................................................... 9
3.2 Operator 2 ..................................................................................................10
3.2.1. Approve Smart Credentials .....................................................................11
3.3 Smartcard to user ........................................................................................12
KAS-Web – Manual IDG Operator / Version 0.1
KAS BANK N.V. 2
1. Log on to IdentityGuard
Before you can make use of the smartcard management system IdentityGuard (IDG) the:
1. Required software needs to be installed on the computer
this software is available on https://pki.kasbank.com / IdentityGuard
2. Smartcard needs to be activated via de Self Service Portal
Now go to https://pki.kasbank.com and click on the link for the IdentityGuard home page. Or go directly to https://ssa.kasbank.com/IdentityGuardAdmin/do/Login. When initially accessing the Administration website you will be asked to present a certificate; this certificate is the one that was created on your smartcard during the personalisation process in steps 1 and 2.
Figure 1.1
Use the following information to log in (the information shown below is an example): (see the example in figure 1.2)
Administrator Name: your smartcard user-id Password: the unique password that you have created in the Self Service Portal Group: the letters of your user-id (= the user-id without the numbers)
Figure 1.2
You have now entered IDG administration where you can manage the smartcard users.
KAS-Web – Manual IDG Operator / Version 0.1
KAS BANK N.V. 3
2. User management via IdentityGuard Administration
The home page of IDG gives you the tools to set-up and manage your smartcard users for access to KAS-Web.
You will see the following options (see figure 2.1):
- User Accounts
- Reports
- Smart Credentials
Figure 2.1
2.1 User Accounts
The tab ‘User Accounts’ provides you with an overview of all your smartcard users. There are two search options: ‘Go to Account’ and Find Accounts. In ‘Go to Account’ you can search for a specific user. In ‘Find Accounts’ you can either search for a specific user or request an overview of all available smartcard users.
2.1.1. Go To Account
Figure 2.2
Enter the user-id at ‘User Name or Alias’. At ‘Group’ you will see your group name (contact KAS BANK if this field is empty). Click on ‘Go To Account’.
KAS-Web – Manual IDG Operator / Version 0.1
KAS BANK N.V. 4
2.1.2. Find Accounts
At ‘Find Accounts’ you can either search for a specific user or request an overview of all available smartcard users
To search for a specific user: Enter the user-id at ‘User Name Matches’, click on ‘Find Accounts’. The user will appear on your screen. NB: If the user is not available, it is possible that the user has not been added or that the user-id was not correctly entered in the system. You can check if the user-id exists by searching for all users at ‘Find Accounts’.
Searching for all users: Check if your group name is entered at ‘Groups Include’ and click on ‘Find Accounts’.
Figure 2.3
The next screen shows all available users. Contact KAS BANK if you have any questions with regards to your users.
Figure 2.4
KAS-Web – Manual IDG Operator / Version 0.1
KAS BANK N.V. 5
Choose the user you want to set-up or change by clicking on the user-id in the column ‘User Name’. The set-up information of the user will now show.
Figure 2.5
2.2 Reports
Within reports you can generate reports regarding the smartcards.
2.3 Smart Credentials
Smart Credentials gives you an overview of the smart credentials that have been added to your smartcards.
KAS-Web – Manual IDG Operator / Version 0.1
KAS BANK N.V. 6
3. Operator role
To set-up a new user the following steps need to be completed:
1. add the contact information
2. create an initial password
3. create the smart credentials
4. approve the smart credentials
At least 2 users with the Operator are required to complete the tasks specified above; Operator 1 enters the set-up credentials and Operator 2 then checks and validates the set-up credentials
3.1 Operator 1
Operator 1 adds the set-up credentials to the user in three steps.
1. add the contact information
2. create an initial password
3. create the smart credentials
3.1.1. Add the contact information
Open the user that you want to create/change via go to account or ‘Find Account’ (see chapter 2).
Go to ‘Edit Account’ and open ‘Contact Information’.
The information added at Contact Information will be presented to the smartcard user in the Self-Service Portal as means of delivering the One Time Password. You can add one or more contact labels.
Add the following information at Contact Entry:
- Contact Label: choose the option via the drop-down menu
- Contact Value: enter the relevant information.
When you choose to add a phone number always start with the country code.
- Delivery Method: choose the option via the drop-down menu
-for email, select Email to mailbox, -for phone, select SMS to mobile device
KAS-Web – Manual IDG Operator / Version 0.1
KAS BANK N.V. 7
Figure 3.1.
Click on ‘Add’ to add the information. Continue to add another contact label if required. When entering multiple options choose one option as ‘Default Delivery Method’. The first option will be marked as default when you do not make a choice. Click on ‘Save Changes’ when you are finished. The changes have now been added to the smartcard user.
3.1.2. Create an initial password
Choose the option Password at ‘Authentication Types’ and click on Create Password.
Figure 3.2.
KAS-Web – Manual IDG Operator / Version 0.1
KAS BANK N.V. 8
The function Create Password gives you the following options:
- create a password automatically or manually
- create an initial password or an active password
We recommend that you create an automatic initial password. The function is already set-up for this choice. Just click on ‘Create Password’ and an initial password will be generated.
Figure 3.3
The initial password is now visible on the main screen. This password needs to be handed to the smartcard user together with the smartcard. After the user has changed the initial password in the Self-Service Portal you will not be able to see the new personal password in IDG Administration anymore.
The user can change the password for access to the Self Service Portal or request a new initial password via the Self Service Portal anytime they choose.
As an Operator, you can change or delete the Password within IDG Administration as part of your role.
KAS-Web – Manual IDG Operator / Version 0.1
KAS BANK N.V. 9
3.1.3. Create the smart credentials
Figure 3.4
Choose Smart Credentials at ‘Authentication Types’ and click on Create Smart Credential.
Figure 3.5
Add the name of the smartcard user at ‘Smart Credential Name’. If you want to add additional information you can do this at ‘Comments’. Click on ‘Create Smart Credential’ to add the information (see figure 3.6).
KAS-Web – Manual IDG Operator / Version 0.1
KAS BANK N.V. 10
Figure 3.6.
Next go to ‘Edit Smart Credential’ to add the email address of the user.
Figure 3.7
Click ‘Save Changes’.
This concludes the tasks of Operator 1.
3.2 Operator 2
Operator 2 checks the information added by Operator 1 and approves the set-up made by Operator 1 via step 4: Approve Smart credentials.
KAS-Web – Manual IDG Operator / Version 0.1
KAS BANK N.V. 11
3.2.1. Approve Smart Credentials
Open the user that you want to approve/change via go to account or Find Account (see chapter 2). Check the set-up.
Figure 3.8
When the added information is correct, click on ‘Approve Smart Credential’. A pop-up will appear:
Figure 3.9
Click on OK. The ‘Enrollment State has now changed from ‘Enrolled’ to Approved and the smartcard is ready for the user.
KAS-Web – Manual IDG Operator / Version 0.1
KAS BANK N.V. 12
Figure 3.10
3.3 Smartcard to user
Give the smartcard, the IDG password and the Manual IdentityGuard Self Service Portal to the user. The smartcard now needs to be activated via the Self-Service Portal by the user.
For access to KAS-Web the user needs a pin and a password. The smartcard PIN will be provided during the activation of the smartcard in the Self-Service Portal. The KAS-Web password can be found in the letter accompanying the smartcards.
NB: The Security Officers are responsible for KAS-Web access. They need to activate the user and set-up the client profile within KAS-Web.
