OOB Management

This section is used to register and manage the OOB adapters that are used for performing Out of Band (OOB) authentication challenges. For more information about OOB adapters, refer to OOB Adapter Specification.

OOB Management¶

System Management > Authentication Management > OOB Management

This page displays:

• A list of OOB Adapters and for each adapter:

  • Checkbox to Select it

  • Adapter ID link to Edit OOB Adapter

  • Adapter name

  • OOB adapter connector

• Link to Register OOB Adapter

• Link to OOB Adapter Connector Management

• Delete button to remove selected OOB adapters.

Register OOB Adapter¶

System Management > Authentication Management > OOB Management > Register OOB Adapter

Use the following fields to complete this page:

• Adapter ID can be entered by the user or generated by the system

• Adapter name

• Instruction: Instruction to display to Cardholder on OOB page

• OOB adapter connector

• Select an OOB adapter connector from the drop down list.

• Generate button to generate Adapter ID by the system

• Apply button to save changes

• Back button to return to the OOB Management page.

Edit OOB Adapter¶

System Management > Authentication Management > OOB Management > Edit OOB Adapter

Use the following fields to complete this page:

• Adapter ID

• Adapter name

• Instruction: Instruction to display to Cardholder on OOB page

• OOB adapter connector

• Select PAN Hashing Algorithm from the drop down list:

  • Enable RAW PAN: No encryption and hashing will be applied to PAN

  • Enable SHA256: PAN will be encoded with SHA256

  • Enable SHA512: PAN will be encoded with SHA512

  • Disabled PAN OUTPUT: PAN will not be shared

• Select Automatic switch to APP from the drop down list:

  • Supported (Y): the ACS will send threeDSRequestorAppURLInd = Y in ARes.messageExtension.

  • Not supported (N): the ACS will send threeDSRequestorAppURLInd = N in ARes.messageExtension, this is the default value.

• Check OOB Adapter version: link to identify the adapter version

• Apply button to save changes

• Back button to return to the OOB Adapter Management page.

Check OOB Adapter Version¶

System Management > Authentication Management > OOB Management > Edit OOB Adapter > Check OOB Adapter Version

• Adapter version stored: the adapter version stored in ActiveAccess

• Adapter version from adapter information: the version returned in AdapterInfo message

• Update version button to update stored version in ActiveAccess.

OOB Adapter Connector Management¶

System Management > Authentication Management > OOB Management > OOB Adapter Connector Management

This section is used to define one or more Out of Band authentication connectors, which allow ActiveAccess to trigger the external OOB process and perform interactions with the cardholder for authentication.

This page displays:

• A list of OOB Adapter Connectors and for each connector:

  • Checkbox to Select it

  • Name link to Edit OOB Adapter Connector

  • URL

• Link to Add OOB Adapter Connector

• Delete button to remove selected OOB adapters.

• Back button to return to the OOB Management page.

Add / Edit OOB Adapter Connector¶

System Management > Authentication Management > OOB Management > OOB Adapter Connector Management > Add OOB Adapter Connector

Use the following fields to complete this page:

• Name of the OOB Adapter Connector

• URL of the OOB Adapter Connector

• Connection timeout

• Read timeout

• Apply button to save changes

• Back button to return to the OOB Adapter Connector Management page.

Upload Connector Encryption Key¶

System Management > Authentication Management > OOB Management > OOB Adapter Connector Management > Upload Connector Encryption Key

Use the following fields to complete this page:

• OOB adapter connector - choose the name of the adapter connector you want to assign an encryption key to

• Encryption KeyStore - click on Browse to locate and select an encryption key file to upload. The No file selected message will be replaced with the name of the file to be uploaded. The system uses the AES (128 bits) key contained in the JKS KeyStore in order to encrypt/decrypt cardholder data that is being transferred between ActiveAccess modules and Adapter. Issuers must ensure that this AES key is used in encrypting and decrypting cardholder data at other external hosts.

• KeyStore password - password of the uploaded JKS KeyStore file

• Apply button to save changes

• Back button to return to the OOB Adapter Connector Management page.