Servers
person
System Administrators only
This section is used to manage administration and access control server nodes when ActiveAccess is running in a load-balanced configuration. It is also used for setting up and maintaining authentication history servers.
When ActiveAccess is installed, the first instance of administration server and access control server are automatically recognised. However, as you expand the system by adding more administration or access control servers, for load-balancing or fail-over, you are required to introduce newly added nodes using the facility provided in this section. ActiveAccess uses these lists in order to communicate changes in the administration and options to all administration and access control server nodes.
Warning
If you do not properly introduce these servers here, the additional servers will continue to function, however they will not receive notifications when changes occur to options throughout the admin interface, which will result in system instability.
Warning
Registration and enrolment server nodes do not need to be introduced as they each run independently.
Servers has the following menu options:
MIA Servers - for managing MIA Servers
Access Control Servers - for managing Access Control Servers
Authentication History Servers - for managing Authentication History Servers
Centralised Authentication and Authorisation Server - for managing Centralised Authentication and Authorisation Servers.
MIA Servers¶
Servers > MIA Servers
A server entry is automatically created for the first instance of administration that you install. If you wish to install more than one server, you should first create an entry for the new server here and specify the IP address of the new instance and an arbitrary but descriptive name for the server.
This page displays:
MIA servers list
Add Server link
Delete Selected Servers link used with the Select checkbox to remove selected servers.
The following fields and links are displayed for each administration server:
IP link to the Edit Server page
Server Name
Access Control Servers (ACS)¶
Servers > ACS Server Management
A server entry is automatically created for the first instance of ACS that you install. If you wish to install more than one server, you should first create an entry for the new server here and specify the IP address of the new instance and an arbitrary but descriptive name for the server.
This page displays:
Access control servers list
Delete Selected ACS Servers link used with the Select checkbox to remove selected servers.
The following fields and links are displayed for each administration server:
Server name link to the Edit Server page
Domain name
Binding IP
The AHS Client column shows whether the AHS client functionality is turned on for the ACS. If enabled the ACS will send PATransReq messages to the authentication history server.
Authentication History Servers (AHS)¶
Servers > AHS Server Management
This section is used to define one or more authentication history servers. The authentication history server is a repository of authentication activity maintained by the 3-D Secure provider, which can be used for dispute resolution by Issuers and Acquirers. ActiveAccess sends a copy of each 3-D Secure authentication attempt to the appropriate authentication history server. Not all 3-D Secure providers support and require the transactions to be sent to an authentication history server (e.g. Visa and Mastercard require AHS but other providers do not).
This page displays:
Authentication history servers list
Add AHS Server
Delete Selected AHS Servers link used with the Select checkbox to remove selected servers.
The following fields and links are displayed for each administration server:
URL of the authentication history server, as provided by the 3-D Secure provider, links to the Edit AHS Server page.
ACS ID provided by the AHS administrator for the authentication history server.
Login ID provided by the AHS administrator for the authentication history server.
Provider, which is the entity (e.g. Mastercard or Visa) that manages the authentication history server.
Edit AHS Server¶
Servers > AHS Servers> Edit AHS Server
The Edit AHS Server page is used to change AHS details
Fields displayed on this page:
Provider
This is the entity (e.g. Mastercard or Visa) that manages the authentication history server.
URL
This the fully qualified URL of the authentication history server as provided by the 3-D Secure provider.
Authentication history server ACS ID, Login ID and Password
These are provided by the AHS administrator. You will need to contact the 3-D Secure provider to obtain this information. This information is required in order to establish a successful connection to the authentication history server.
Add AHS Server¶
Servers > AHS Servers > AHS Server Management > Add AHS Server
The Add AHS Server page is used to define new AHS servers
Fields displayed on this page:
Provider
URL
ACS ID
Login ID
Password
Info
For full information on individual fields please refer to the Edit AHS Server section of this document.
Centralised Authentication and Authorisation Servers (CAAS)¶
Servers > CAAS Server Management
This section is used to define one or more centralised authentication and authorisation servers. Centralised authentication and authorisation servers are remote authentication servers, which allow issuer banks to connect ActiveAccess with previously implemented remote servers that support authentication with the cardholder's existing database.
This page displays:
Centralised authentication and authorisation servers list
Add CAAS Server
Delete Selected CAAS Servers link used with the Select checkbox to remove selected servers.
The following fields and links are displayed for each administration server:
CAAS URL, which is the fully qualified URL of the remote authentication server (CAAS). Refer to CAAS document for further details of the URL. It links to the Edit CAAS Server page.
CAAS username, which determines the username to access the CAAS server.
Edit CAAS Server¶
Servers > CAAS Servers> Edit CAAS Server
The Edit CAAS Server page is used to change CAAS details
Fields displayed on this page:
CAAS URL
This is the fully qualified URL of the remote authentication server (CAAS). Refer to CAAS document for further details of the URL.
CAAS username
This is the username used for accessing the CAAS server. Leave it blank if there is no username required by the CAAS authentication server.
CAAS password
This is the password associated with the CAAS username. Leave it blank if no password is required.
CAAS Connection timeout in seconds (acceptable range is 60 to 9000)
This determines the maximum amount of time the ACS, as a CAAS client, can take to complete a connection with the CAAS authentication server.
Maximum SMS Request (acceptable range is 0 to 99) (0 to disable)
This determines the maximum number of SMS requests that the ACS will attempt to initiate with the remote CAAS server. Enter 0 to disable sending SMS initialisation requests to the remote server.
SMS Template
This template is used by the remote CAAS server to send the SMS OTP via a text message.
Use {0} within the template to indicate the Token/OTP.
The following flags are available to use within the template:
$LastFourDigitsOfPAN - to indicate the last four digits of the card
$MerchantName - to indicate the merchant name for the current transaction
$PurchaseRealAmount - to indicate the transaction amount.
Note
See SMS Template Parameters for a full list of available parameters.
Email Template
This template is used by the remote CAAS server to send the OTP via an email message.
Use {0} within the template to indicate the Token/OTP.
The following flags are available to use within the template:
$LastFourDigitsOfPAN - to indicate the last four digits of the card number
$MerchantName - to indicate the merchant name for the current transaction
$PurchaseRealAmount - to indicate the transaction amount
$ServicePhoneNumber - to indicate the issuer's customer service phone number
$IssuerEmail - to indicate the issuer's email address
Note
See Email Template Parameters for a full list of available parameters.
Email Subject Template
This template is used by the remote CAAS server for the Subject to be used for the OTP via email message.
The flags described in Email Template above can be used for the Subject template.
Select the Use Proxy checkbox if the ACS is to connect to the remote CAAS server via a proxy and complete the following:
Proxy host, which determines the proxy's IP address or domain name.
Proxy port, which determines the proxy's port.
Proxy username, which determines the proxy's username, if required.
Proxy password associated with the Proxy username, if required.
Apply button to save updated settings.
Click the Check CAAS Status link to verify that the CAAS server can be reached by the current remote authentication settings.
The Check CAAS Status will be displayed, which shows the current status of the remote authentication server and is used to indicate the remote authentication server is running or not. * Click the Retry button to re-test the remote authentication server status.
Click the Close button to close this page.
Add CAAS Server¶
Servers > CAAS Servers > CAAS Server Management > Add CAAS Server
The Add CAAS Server page is used to define new CAAS servers
Fields displayed on this page:
CAAS URL
CAAS username
CAAS password
CAAS Connection timeout
Maximum SMS request
SMS template
Email template
Email subject template
Use proxy
Proxy host
Proxy port
Proxy username
Proxy password
Info
For full information on individual fields, please refer to the Edit CAAS Server section.