Skip to content

Issuer Management

This section is used to define new issuers and issuer groups, or update existing information.

A group of issuers can be created for administration purposes. Issuer group determines which issuers users have access to; the administration group determines at which level they have access.

Links are provided to ActiveDevice Settings for assigning devices, and for creating a New Issuer Group or New Issuer.

A list of existing issuers and their group memberships is displayed. You can browse to view issuer and issuer group details by clicking on the Issuer Name and Group Membership links. The list can be filtered by Issuer Name, Issuer ID, BINs, Status and License Expiry period.

System Management > Issuer Management displays:

Use the following fields to limit the number of issuers displayed:

  • Issuer Name (complete or partial) or leave empty to return all matching issuers

  • Issuer ID, defaults to All

  • Issuer BINs (comma separate multiple BINs)

  • Status - All (default), Enabled or Disabled

  • Select from the License key status drop down list:

    • All (default)
    • Valid
    • Expired
    • Expires in less than a month
    • Expires in 1 to 3 months
    • Expires in 3 to 6 months
    • Expires after due to expire in 1 to 6 months

  • Click the Go button to display the new search results.

The following fields and links are displayed for each issuer:

  • Issuer Name link to the Issuer Details page

  • Issuer ID

  • BINs - BIN numbers defined for the issuer

  • Group Membership indicates the group to which the issuer belongs to. You can click on the group name to display the Issuer Group Details page.

  • Status - Enabled or Disabled

  • License - Shows the status of the issuer's license key

dc_changed.png New Issuer Group

System Management > Issuer Management > New Issuer Group

This page is used to define a new issuer group and to assign issuers to that group.

Use the following fields to add a new issuer group:

  • Name of the issuer group. It is a good idea to use the word "group" as part of the name for example "ABC Group".

    The system will automatically assign a Group ID to the issuer group.

  • Optionally specify a parent by selecting from the Parent group drop down list.

    This allows you to build a hierarchy of issuers and groups to suit your administration requirements.

  • ACS URL - the system allows a separate URL to be created for each issuer group. If a separate URL is required, it should be entered here.

  • ACS Challenge URL - the system allows a separate URL to be created for each issuer group. If a separate URL is required, it should be entered here.

    Note

    Any changes to this URL will require changes to OOB device’s WebSocket, OOB device callback URLs, and Decoupled Authenticator callback URLs.

  • Uses confirmation - Indicates if the Issuer uses the confirmation method. Defaults to No.

    In the Enrolment component, if Uses confirmation is enabled, the cardholder will be taken through the sign up process. If set to disabled, the registration status of the card will be checked and displayed to the cardholder.

    When Activation During Shopping is enabled, if the cardholder is pre-registered and Uses confirmation is No, the cardholder is required to create a 3-D Secure password (VbV password / Mastercard SecureCode / JSecure password / American Express SafeKey / ProtectBuy password / UnionPay International password) to use in the authentication process.

    If Uses confirmation is Yes, the cardholder's existing registration data is used in the authentication process, instead of requiring a new 3-D Secure password (VbV password / Mastercard SecureCode / JSecure password / American Express SafeKey / ProtectBuy password / UnionPay International password) to be created.

    Select one or more issuers or groups to add to the group from the Issuer Members list or the Group Members list. Use the Add >> button to add the issuers or child groups to the Selected list.

    You can use the <<Remove button to remove issuers or child groups from the issuer group.

  • SecureCode MAC algorithm used in conjunction with SecureCode transactions (3DS1 only).

    Note

    This will be used only if the issuer’s Use parent keys option is enabled.

  • Group Members - Use the Add >> and << Remove buttons to add or remove child groups that should belong to the group.

  • Issuer Members - Use the Add >> and << Remove buttons to add or remove issuers that should belong to the group.

  • Use parent certificate, public and encryption keys option indicates that the group does not have a certificate of its own and will use the parent group's certificate and registration API public key and encryption key. This option is only enabled if you have specified a parent group. Enabling the parent certificate will automatically enable the use parent keys options.

  • Use parent keys option to indicate that the group does not have any keys of its own and will use the parent group's keys. This option is only enabled if you have specified a parent group.

  • Apply button to save changes.

    Note

    Once the issuer group has been created, you may optionally specify a separate ACS URL for it by editing the Issuer Group Details.

dc_changed.png Issuer Group Details

This page is used to view/edit issuer group details and assign issuers to, or remove issuers from, the issuer group.

System Management > Issuer Management > Issuer Group Details - fields

Info

See the New Issuer Group section of this document for additional information on these fields.

  • Group ID is a unique identifier, which is used by the system in order to reference the group. Group ID cannot be changed.

  • Name of the issuer group

  • Parent group - you can optionally define a parent group in order to create a hierarchy of groups and issuers to suit your administration requirements.

  • ACS URL - the system allows a separate URL to be created for each issuer group. If a separate URL is required, it should be entered here.

  • ACS Challenge URL - the system allows a separate URL to be created for each issuer group. If a separate URL is required, it should be entered here.

    Note

    Any changes to this URL will require changes to OOB device’s WebSocket and callback URLs.

  • Uses confirmation - Indicates if the Issuer uses the confirmation method.

    The confirmation method is a process allowing cardholders with an enrolment status of "Pre-registered" to utilise their pre-registration account information, instead of creating a new 3-D Secure password, to perform 3‑D Secure authentication.

  • SecureCode MAC algorithm to be used in conjunction with SecureCode transactions (3DS1 only).

    Note

    This will be used only if the issuer’s Use parent keys option is enabled.

  • Group members - Child groups that belong to the group are listed in the Selected list. Other groups (not belonging to any other group) are listed in the Available list. Use the Add >> and << Remove buttons to change the child groups that belong to the group.

  • Issuer members - issuers that belong to the group are listed in the Selected list. Other issuers are listed in the Available list. Use the Add >> and << Remove buttons to change the issuers that belong to the group.

  • Use parent certificate, public and encryption keys - Selecting this option indicates that the issuer group does not have a certificate of its own and will use the parent group's certificate, registration API public key and encryption key. The option is only enabled if you have specified a parent group. Enabling the parent certificate will automatically enable the use parent keys options.

    Note

    Enabling this option will remove the issuer group certificate (if it has one) from the system. You cannot retrieve the certificate once removed.

    Note

    When you disable this option, the issuer group will no longer use the parent's certificate. You need to create a certificate request for the issuer group and have it signed by the appropriate CAs.

    Warning

    It is recommended that you make a decision to enable or leave this option disabled at the time of creating the issuer group to avoid the administration overhead of changing this option later.

  • Use parent keys - Selecting this option indicates that the issuer group does not have any keys of its own and will use the parent group's keys. The option is only enabled if you have specified a parent group.

    Selecting this option indicates that the issuer group does not have any keys of its own and will use the parent group's keys. The option is only enabled if you have specified a parent group.

    Note

    Changing this option invalidates the issuer group existing certificate. You either need to enable the 'Use parent certificate' option or create a new certificate request, and have it signed by the appropriate CAs.

    Note

    Enabling this option will delete the issuer group keys from the local HSM. Deleting keys is irreversible unless you have previously backed them up. The following keys will be removed from the local HSM, where < group_id > is the issuer group's unique identifier as shown in the issuer group details:

    • SPA< group_id >
    • VbVA< group_id >
    • VbVB< group_id >
    • JCBA< group_id >
    • JCBB< group_id >
    • MSCA< group_id >
    • MSCB< group_id >
    • SKA< group_id >
    • SKB< group_id >
    • DCA< group_id >
    • DCB< group_id >
    • UPIA< group_id >
    • UPIB< group_id >
    • RSAVbV< group_id >_pub
    • RSAVbV< group_id >_pri
    • RSAMSC< group_id >_pub
    • RSAMSC< group_id >_pri
    • RSAJCB< group_id >_pub
    • RSAJCB< group_id >_pri
    • RSASK< group_id >_pub
    • RSASK< group_id >_pri
    • RSADC< group_id >_pub
    • RSADC< group_id >_pri
    • RSAUPI< group_id >_pub
    • RSAUPI< group_id >_pri
    • RSADEVICE< group_id >_pub
    • RSADEVICE< group_id >_pri

    If you are using other HSMs in your system, you also need to remove these keys from those HSMs to keep them synchronised. You also need to update any other party who may use these keys for verification of AAV (UCAF) or CVV (CAVV).

    Warning

    Disabling this option will create new keys for the issuer group, where < group_id > is the issuer group's unique identifier as shown in the issuer group details. The following keys will be created on the local HSM:

    • SPA< group_id >
    • VbVA< group_id >
    • VbVB< group_id >
    • JCBA< group_id >
    • JCBB< group_id >
    • MSCA< group_id >
    • MSCB< group_id >
    • SKA< group_id >
    • SKB< group_id >
    • DCA< group_id >
    • DCB< group_id >
    • UPIA< group_id >
    • UPIB< group_id >
    • RSAVbV< group_id >_pub
    • RSAVbV< group_id >_pri
    • RSAMSC< group_id >_pub
    • RSAMSC< group_id >_pri
    • RSAJCB< group_id >_pub
    • RSAJCB< group_id >_pri
    • RSASK< group_id >_pub
    • RSASK< group_id >_pri
    • RSADC< group_id >_pub
    • RSADC< group_id >_pri
    • RSAUPI< group_id >_pub
    • RSAUPI< group_id >_pri

    If you are using other HSMs in your system, you also need to export these keys to those HSMs to keep them all synchronised. You also need to update any other party who may use these keys for verification of AAV (UCAF) or CVV (CAVV).

    Tip

    It is recommended that you make a decision to either enable or leave this option disabled at the time of creating the issuer, to avoid the administration overhead of changing this option later.

    Info

    Refer to New Issuer Group for additional information on these fields.

  • Apply button to save changes.

    Note

    A group cannot be removed if it has other groups or Issuers belonging to it.

New Issuer

Use this page to define a new issuer and optionally assign the issuer to an issuer group.

System Management > Issuer Management > New Issuer - fields

  • Status of Not Registered is automatically assigned to new issuers by the system and cannot be changed until you have obtained a license key from GPayments.

  • Enter the Name of the Issuing bank or financial institution.

    You must enter a name that is unique in the issuer system.

  • Enter an optional Password for the Issuing bank or financial institution.

    This password is used for authentication of issuer connection to ActiveAccess via UAC. This is in addition to the verification of issuer's client authentication and may be left empty if the extra verification is deemed to be unnecessary.

  • ACS URL - the system allows for a separate URL to be created for each Issuer. If a separate URL is required, it should be entered here.

  • Show extended account information - Select Yes to display all cardholder pre-registration account information, on the card details page, created during the cardholder's Pre-registration with the system. When this option is disabled, only basic cardholder information is displayed on this page.

  • Uses confirmation - Select Yes or No to indicate if the Issuer uses the confirmation method.

    The confirmation method is a process allowing cardholders with an enrolment status of "Pre-registered" to utilise their pre-registration account information, instead of creating a new 3-D Secure password, to perform 3-D Secure authentications.

  • Event Logging - Disabled by default. Select Enabled to indicate event logging is required or Enable V+ compatible to indicate event logging is required, and the maximum number of Activation During Shopping opt-out events reported to the issuer is 9.

    This feature allows issuers to download cardholder events through Registration Server Notification messaging. A Notification is a record of a single cardholder event. Each event is stored in ActiveAccess and a record is logged in the event a cardholder completes their registration, opts-out of Activation During Shopping or locks their account.

  • If the issuer is to be assigned to an issuer group, select the group from the Parent group drop down list.

  • If you have specified a parent group:

    • You may select the Use parent certificate, public and encryption keys option to indicate that the issuer does not have a certificate of its own and will use the parent group's certificate and registration API public key and encryption key.

    • You may select the Use parent keys option to indicate that the issuer does not have any keys of its own and will use the parent group's keys.

  • Exchange Rate Management - used to define exchange rate for the issuer

  • Apply button to save changes.

Tip

Once you have created the Issuer record a confirmation message will be displayed:

Please note down the Issuer ID and Issuer Name, and send them to GPayments in order to request a license key for the newly generated issuer.

Note

Once the new issuer has been created, you may optionally specify a separate ACS URL for it by editing the Issuer Details.

Info

Refer to Issuer Details for additional information on these fields.

dc_changed.png Issuer Details

This page is used to view/ edit issuer details and assign the issuer to, or remove the issuer from an issuer group.

System Management > Issuer Management > Issuer Details (Local and Remote Issuers)

Use the following fields to view / edit issuer details:

Note

Not all fields will be visible to all issuers, depending on issuer or issuer group settings.

  • Issuer ID is a unique identifier, which is used by the system in order to reference the issuer. Issuer ID cannot be changed. Issuer ID is used in a number of situations such as requesting license key for the issuer, sending pre-registration and final registration messages and also forms part of the unique URL which is used for the issuer enrolment site.

  • Status - Enabled or Disabled, if the issuer is registered. Prior to the issuer obtaining a valid license key the Status is displayed as Not Registered and cannot be changed.

    Note

    An issuer account that does not have a valid licence key is practically disabled. This makes most functions unavailable to the issuer including the enrolment, registration and authentication of cardholders.

  • Name of the issuing bank or financial institution.

    Note

    This field forms part of the issuer licence key information. You will need to re-apply for a licence key if you change this field.

  • Password for the Issuing bank or financial institution.

    This password is used for authentication of issuer connection to ActiveAccess via UAC. This is in addition to the verification of issuer's client authentication and may be left empty if the extra verification is deemed to be unnecessary.

  • ACS URL - the system allows a separate URL to be created for each issuer. If a separate URL is required, it should be entered here.

  • ACS Challenge URL - the system allows a separate URL to be created for each issuer. If a separate URL is required, it should be entered here.

    Note

    Any changes to this URL will require changes to OOB device’s WebSocket and callback URLs.

  • Show extended account information - Select Yes to display all cardholder data as sent by the Registration API messages in the card details page. When this option is disabled, only basic cardholder information is displayed.

  • Allow issuer to access rules - Select Yes or No to indicate if the Issuer can access the business rules functionality.

    Business rules are configurable settings which provide issuers control over the customer process during the 3-D Secure transactions. Rules can be configured using a 3-D Secure transaction's parameters such as the Transaction Amount, the Merchant ID, Merchant Name, Acquirer BIN or Merchant Country.

    Note

    This feature is only available, if the custom pages are rule-compatible.

  • If Allow issuer to access rules is set to Yes, then Grant Access to Business Admin and Grant Access to Helpdesk checkboxes allow you to grant Business Admin and / or Helpdesk users access to the Rules section. Whether these users have read only or full access is determined by their Admins settings

  • Authentication Server - Local or Remote (CAAS)

  • If Remote (CAAS) is selected, CAAS server will be displayed, to allow selection of the already configured remote authentication servers.

  • If Authentication server is set to Remote (CAAS), optionally select the Risk engine integration checkbox if the authentication process is to be integrated with the issuer's risk engine.

  • Risk chain - Select an already configured Risk Chain from the drop down list to enable Risk-Based authentication for the issuer.

  • Force Risk Assessment - Checkbox to force the risk assessment to be applied to all transactions for the issuer (including PreAuthReq for CAAS Server with Risk engine integration enabled).

  • ACS interface - Select Native (default) or HTML from the drop down list.

    Identifies the ACS interface for presenting the challenge to the cardholder: Native UI or HTML UI. In SDK mode, if the supported interface is not specified in the AReq, the ACS uses the interface that is selected in this field.

  • Uses confirmation - Indicates if the Issuer uses the confirmation method. Defaults to No.

    The confirmation method is a process allowing cardholders with an enrolment status of "Pre-registered" to utilise their pre-registration account information, instead of creating a new 3-D Secure password, to perform 3-D Secure authentications.

  • Visa CEMEA region - Visa CEMEA requires that a CAVV be generated and returned in all PARes, ARes and RReq messages regardless of the authentication status. Set this field to Yes, if this functionality is required.

    Note

    dc_changed.png When Visa CEMEA region is set to Yes, the CAVV format will be updated to U3V7.

  • EEA region - used to enable specific rules for issuers in the European Economic Area.

    Note

    • When EEA region is set to Yes, the CAVV format will be updated to U3V7.
    • DAF Extension behaves differently in EEA Region according to Visa Specification.

  • SecureCode MAC algorithm - determines the algorithm which is used for calculation of AAV field for SecureCode transactions. By default HMAC algorithm is used. You may change this to CVC2 if required (3DS1 only).

    Note

    • The application generates two 3DES keys, when a CVC2 option is selected for the first time: MSCA< issuer_id > and MSCB< issuer_id >.
    • When Use parent keys option is enabled, the parent’s SecureCode MAC algorithm will be used.

  • IAV generation algorithm - determines the algorithm which is used for calculation of AAV field for Mastercard IDC transactions. By default, DS Transaction ID + PAN algorithm is used. You may change this to PAN, DS Transaction ID, Coded Amount + DS Transaction ID + PAN, or Merchant Name + Coded Amount + DS Transaction ID + PAN if required (3DS2 only).

  • Verified by Visa CAVV format used in conjunction with Verified by Visa transactions (3DS1 only).

  • Visa Secure CAVV format used in conjunction with Visa Secure transactions (3DS2 only).

  • dc_new.png Union Pay International Version - It determines the CAVV generation version to be used for Union Pay International transactions. By default, Version 1 is selected. You can change this to Version 2 (CAVV U3V7).

  • Force cardholders to use device - if Device Authentication is available, select Yes to force cardholders to register their authentication device during the 3-D Secure authentication process. Select No, to provide cardholders with a link to allow them to register their authentication device.

  • Event Logging - Disabled (default) or Enabled to indicate event logging is required; or Enable V+ compatible to indicate event logging is required and the maximum number of Activation During Shopping opt-out events reported to the issuer is 9.

  • Parent group - select the group to which the Issuer belongs, if any.

    Note

    The issuer can only be assigned to a single group; however the group itself can belong to another group. This enables you to create a hierarchy of issuers and groups to suit your administration needs.

  • License key - copy license key provided by GPayments and click Apply button. The Status will then change to Enabled.

    • License status - once you have entered a valid license key the license status will display the validity period for the key (e.g. License key is valid until 01/03/2019), the 3-D Secure authentication protocol version, and whether Risk, OOB, Decoupled Authenticator, NPA, APP, and 3RI features are supported.

    Note

    If the licence key is not present, invalid or expired, the issuer account is practically disabled. This makes most functions unavailable to the issuer including authentication of cardholders, registration and whitelisting.

  • Issuer BINs - Use the BIN Management link to add, edit, delete, enable and disable one or more BINs for the issuer and specify if device authentication or whitelisting is available for cards that belong to the specified BIN.

  • Use parent certificate, public and encryption keys - Selecting this option indicates that the issuer does not have a certificate of its own and will use the parent group's certificate, registration API public key and encryption key. The option is only enabled if you have specified a parent group. Using the parent certificate is only possible if you have also chosen to use the parent keys. Enabling this option automatically enables the use parent keys.

    Note

    • Enabling this option will remove the issuer's certificate (if it has one) from the system. You cannot retrieve the certificate once removed.
    • Enabling this option will disable the issuer's CAVV/IAV related configuration and use parent’s.
    • When you disable this option, the issuer will no longer use the parent's certificate. You need to create a certificate request for the issuer and have it signed by the appropriate CAs.

    Tip

    It is recommended that you make a decision to enable or leave this option disabled at the time of creating the issuer to avoid the administration overhead of changing this option later.

  • Use parent keys - Selecting this option indicates that the issuer does not have any keys of its own and will use the parent group's keys. The option is only enabled if you have specified a parent group.

    Note

    • Changing this option invalidates the issuer's existing certificate. You either need to enable the 'Use parent certificate' option or create a new certificate request, and have it signed by the appropriate CAs.
    • Enabling this option will disable the issuer's CAVV/IAV related configuration and use parent’s.

    Warning

    Enabling this option will delete the issuer's keys. Deleting keys is irreversible unless you have previously backed them up. The following keys will be removed, where < issuer_id > is the issuer's unique identifier as shown in the issuer details:

    • SPA< issuer_id >
    • VbVA< issuer_id >
    • VbVB< issuer_id >
    • JCBA< issuer_id >
    • JCBB< issuer_id >
    • MSCA< issuer_id >
    • MSCB< issuer_id >
    • SKA< issuer_id >
    • SKB< issuer_id >
    • DCA< issuer_id >
    • DCB< issuer_id >
    • UPIA< issuer_id >
    • UPIB< issuer_id >
    • RSAVbV< issuer_id >_pub
    • RSAVbV< issuer_id >_pri
    • RSAMSC< issuer_id >_pub
    • RSAMSC< issuer_id >_pri
    • RSAJCB< issuer_id >_pub
    • RSAJCB< issuer_id >_pri
    • RSASK< issuer_id >_pub
    • RSASK< issuer_id >_pri
    • RSADC< issuer_id >_pub
    • RSADC< issuer_id >_pri
    • RSAUPI< issuer_id >_pub
    • RSAUPI< issuer_id >_pri

    You also need to update any other party who may use these keys for verification of AAV (UCAF) or CVV (CAVV).

    Note

    Disabling this option will create new keys for the issuer. The following keys, where < issuer_id > is the issuer's unique identifier as shown in the issuer details, will be created:

    • SPA< issuer_id >
    • VbVA< issuer_id >
    • VbVB< issuer_id >
    • JCBA< issuer_id >
    • JCBB< issuer_id >
    • MSCA< issuer_id >
    • MSCB< issuer_id >
    • SKA< issuer_id >
    • SKB< issuer_id >
    • DCA< issuer_id >
    • DCB< issuer_id >
    • UPIA< issuer_id >
    • UPIB< issuer_id >
    • RSAVbV< issuer_id >_pub
    • RSAVbV< issuer_id >_pri
    • RSAMSC< issuer_id >_pub
    • RSAMSC< issuer_id >_pri
    • RSAJCB< issuer_id >_pub
    • RSAJCB< issuer_id >_pri
    • RSASK< issuer_id >_pub
    • RSASK< issuer_id >_pri
    • RSADC< issuer_id >_pub
    • RSADC< issuer_id >_pri
    • RSAUPI< issuer_id >_pub
    • RSAUPI< issuer_id >_pri

    You also need to update any other party who may use these keys for verification of AAV (UCAF) or CVV (CAVV).

    Tip

    It is recommended that you make a decision to enable or leave this option disabled at the time of creating the issuer to avoid the administration overhead of changing this option later.

  • Email Address - may be used in OTP emails (parameter: $IssuerEmail - max 128 char).

  • Customer service phone number may be used in OTP emails (parameter: $ServicePhoneNumber - max 32 char).

  • ActiveDevice Settings - used to assign one or more device types to a selected issuer and specify device sharing rules.

  • Exchange Rate Management - used to define exchange rate for the issuer.

  • Auto Report Settings - used to configure the issuer's automatic report.

  • Apply button to save changes.

BIN Management

This section is used to manage BINs of a specified issuer. Each BIN provides a link to allow you to edit the BIN, the status of Device over 3-D Secure, the status of whitelisting or the status of the BIN. BINs can be selected and deleted from the system using the Delete button. Only BINs which have no cards assigned to them on the system can be deleted. The Enable and Disable buttons can be used to change the status of the BIN. New BINs can be added for the issuer through the Add BIN link, and device authentication and/or whitelisting can be made available for cards that belong to the specified BIN.

System Management > Issuer Management > Issuer Details > BIN Management > Add BIN

Use the following fields to add a BIN:

  • Issuer is displayed and cannot be changed

  • BIN

  • Device over 3-D Secure - Disabled or Enabled to specify if device authentication is available for cards that belong to this BIN

  • DAF - Disabled or Enabled to specify if the DAF Extension is available for cards that belong to this BIN

  • Whitelisting - Disabled or Enabled to specify if the process of placing 3DS Requestors on the cardholders' trusted beneficiaries list is available for cards that belong to this BIN.

  • Status - Disabled or Enabled to specify the availability of the 3‑D Secure service for cards that belong to this BIN. Cards with a Disabled BIN cannot be enrolled, registered or authenticated

  • Apply button to save changes.

ActiveDevice Settings

This section is used to assign one or more device types to a selected issuer and specify device sharing rules. An issuer may choose to share devices with none, all, or a selected number of issuers and issuer groups.

Note

Device parameters for SMS and email devices are issuer specific and these devices are not shared between issuers and issuer groups. However, the same mobile numbers / email addresses can be registered for different issuers. ActiveAccess treats SMS / email devices that have the same mobile numbers / email addresses as independent devices.

System Management > Issuer Management > Issuer Details > ActiveDevice Settings

Use the following fields to view / edit ActiveDevice settings:

  • Issuer

  • Supported devices - authentication devices accepted by the Issuer are listed in the Selected list. Other available devices not currently selected by the issuer are listed in the Available list. Use the Add and Remove buttons to change the tokens assigned to the issuer.

    Warning

    If you remove any of the supported devices, the cardholder will no longer be able to use that device and transactions may fail.

  • Allow sharing device with allows the issuer to share its devices will all, none or a selected list of issuers and groups.

  • Apply button to save changes.

To view device parameter details, click the Device Parameters button.

The Edit Device Parameters page will be displayed.

Warning

For hardware and software token devices, changing device parameters may adversely affect the authentication of users. Such device parameters must be left as default unless absolutely necessary. You must consult with the device manufacturer before making any changes to these parameters.

Note

For information on default device parameters, go to Device Management.

Edit Device Parameters

The first available Device type for the selected Issuer is displayed.

Use the following fields to edit Device Parameters:

  • Device type This parameter can be left as the default or customised for the selected issuer.

    The available device types are:

    • Backup Device
    • Decoupled Authenticator
    • Email
    • OOB
    • SMS
    • VASCO

  • Use device's default parameters - if this option is selected, it indicates that the issuer will use the Default Device Parameters for the selected device.

    Deselect the checkbox to customise the device parameters. If the checkbox is already deselected, you can reset the parameters to the default by selecting it.

    Note

    For full details of device parameters, refer to Default Device Parameters.

The following fields are additional to the configurable fields in Default Device Parameters:

  • Device type: SMS

    • Available SMS Centres - use the Add >> and << Remove buttons to select the appropriate SMS Centres.

  • Device type: OOB

    • Available OOB adapters - use the Add >> and << Remove buttons to select the appropriate OOB Adapters

  • Device type: Decoupled Authenticator

Exchange Rate Management

This section is used to manage exchange rates of a selected issuer. The transaction amount should be converted to Euro for Low-value Payment (LVP) rule of Strong Customer Authentication (SCA) Exemption.

System Management > Issuer Management > Issuer Details > Exchange Rate Management

This page is used to display exchange rates defined for the issuer:

  • Issuer

  • Exchange Rates list

  • Add link to the Add Exchanbe Rate page

  • Delete button to remove selected exchange rates of the issuer.

The following fields and links are displayed for each exchange rate:

  • Base Currency link to the Edit Exchange Rate page

  • Target Currency

  • Rate

  • Last Update display the date and time the exchange rate was lastly updated.

Add Exchange Rate

System Management > Issuer Management > Issuer Details > Exchange Rate Management > Add > Add Exchange Rate

Use this page to add an exchange rate that is not supported by the automated currency exchange file:

  • Base Currency

  • Target Currency for the currency of the issuer threshold as configured in the currency value on the Amount Threshold rule page

  • Rate which should be multiplied by the Base Currency to equal the amount in the Target Currency

  • Apply button to save the currency exchange rate.

Edit Exchange Rate

System Management > Issuer Management > Issuer Details > Exchange Rate Management > Edit Exchange Rate

Use this section to edit currency rates that have been manually created through the Exchange Rate section:

  • Base Currency and Target Currency are displayed and cannot be changed
  • Rate which should be multiplied by the Base Currency to equal the amount in the Target Currency
  • Apply button to save the currency exchange rate.

Auto Report Settings

This section is used to configure the issuer automatic report. The link will be displayed only if the EBA Report collector is enabled (i.e. EUB_REPORT=true) in AA_Home/activeacces.properties. This report contains all successful 3DS2 transactions for the issuer.

System Management > Issuer Management > Issuer Details > Auto Report Settings

Use the following fields to view/edit Auto Report Settings:

  • Issuer

  • Status - Disabled or Enabled to indicate whether the EBA report collector is active for this issuer.

  • Frequency: Determines the frequency of collecting report. You can choose Daily, Weekly, or Monthly.

  • Generation hour of the day: If Daily is selected as Frequency, this field can be configured. It specifies the time of the day to generate the report. Valid value is between 0 to 23.

  • Generation day of the week: If Weekly is selected as Frequency, this field can be configured. It specifies the day of the week to generate the report.

  • Generation day of the month: If Monthly is selected as Frequency, this field can be configured. It specifies the day of the month to generate the report.

  • Destination directory: The path of the report files to be saved.

  • Maximum records in one file: Maximum records allowed to be saved in a file. Accepted value is between 1 and 500000.

  • Apply button to save changes.

  • Generate specific date report button to generate a report of a defined date.

Note

  1. Report is Comma Separated Values (CSV) file.
  2. Report file name format is 3DSA_AMR_<ISSUERID>_<yyyymmdd>_<P><NN>.csv
    • 3DSA – constant, means 3DSecureAccess Reports group;
    • AMR – constant, means Authentication Method Report;
    • <ISSUERID> – variable, means issuer's IssuerID in ActiveAccess;
    • <yyyymmdd> – variable, means report generation date;
    • <P> – variable, means the report periodicity (D – DAILY, W – WEEKLY, M - MONTHLY);
    • <NN> – variable, means the report number in a day.

Generate Specific Date Report

System Management > Issuer Management > Issuer Details > Auto Report Settings > Generate Specific Date Report

Use the following fields to complete specific date report settings:

  • Issuer

  • Frequency

  • Date: Date of report to be regenerated. It should be previous day/week/month depending on the frequency.

  • Apply button to save the generated report.