Ingenico Direct Support Site

Results for

icon-search-large No search results yet
Enter your search query above

1. Introduction

Several different functions/profiles (roles) generally exist in a company. An accountant, for instance, does not perform the same operations as a payment encoder or a technical integrator. Logically, you want to grant only the necessary access rights for each individual who uses your account, and on top of that, track which user has performed which operations.

Our User manager allows you to assign a specific profile to each user and to give him the access rights he needs to fulfil his function.

2. Understand users

All your activities on our platform begin with your user. Our User manager is a default service available for every account on our platform.

In your company, your employees serve in different functions and roles. An accountant performs different operations like a payment encoder or a technical integrator. Logically, you want to grant only the appropriate access rights to the different users using your account. On top of that, you want to keep track on all activities performed by any of the users.

In short: You need to clearly define who can access your account and what actions can be performed.

Our User manager allows you to

Our User manager tool makes all this possible for you with ease!

3. Manage Users

Our platform allows a maximum of flexibility to use your account. To achieve this, you can define multiple users within your PSPID and define their access rights individually.

A PSPID has at least two UserIDs:

  • Your default PSPID It is identical with the name of your account (your PSPID) on our platform
  • Another additional one you can deactivate / reactivate / define

The number of users you may create will depend on your subscription. Check in Configuration > Account > Your options how many are available or contact us if you need more.

Create new users

To create a user, follow these steps:

  • Go to Configuration > Users. Check on top of the table how many users you can create. Click on “NEW USER” below the table
  • Fill in these fields:
    Field Possible action(s)
    UserID Define a name for the user. Bear in mind that once a user is created, you cannot change the UserID anymore
    User’s name The name of the person working with this user
    E-mail address The person’s email address. All notifications from our platform (including new passwords) will be sent to this address. Learn more about this setting here
    Timezone Select the time zone
    Automatically adjust to daylight saving changes (De)flag depending on whether the time stamp of transactions created by this user should be adjusted to the current daylight saving time
    Profile Define the user’s access rights by selecting either of the available categories. Learn more in our dedicated chapter
    Access rights Refine the selected user’s profile by granting additional access rights to Advanced > Fraud Detection / Configuration > Technical information / Configuration > Payment methods. Learn more in our dedicated chapter
    To confirm the modification, please enter your own password Enter your own password you have used to log in with your user.
  • Click on “CREATE” to confirm. You get a success message on the screen, including an autogenerated password

UserManager-1.png

4. Manage Passwords

To comply to the PCI-DSS requirements, it is important to create strong passwords.

Follow basic password requirements

Our platform requires strong passwords to ensure maximum safety of your data and transactions. Any password to be used on our platform must meet the following requirements:

  • It must not start with the character “<”
  • Its length must be between 10 and 128 characters
  • It must not contain your PSPID, your USERID or our company name
  • It must contain at least
    • one lowercase letter (a-z)
    • at least one uppercase letter (A-Z)
    • one number (0-9)
    • one special character (i.e. &,@,#,!, etc.)
  • Every new password must be different om your last 12 passwords

Our platform will display these requirements, help you with examples and validate your new password every time you change it.

Change own password

To change the password of the UserID you are currently logged in, follow these steps:

  • Go to Configuration > Password. Fill in these fields:

    Field Possible action(s)
    UserID Select your user ID from the drop-down menu
    Current password Enter your current password
    New password Enter a new password by your choice. Please mind that certain requirements must be met as described in the lower part of the screen
    Confirm new password Enter the new password from the New password field once more
  • Click on “SUBMIT” to confirm your new password
  • You get a success message on the screen and an automated confirmation email from our system
For security reasons, you can change the password of a user only once every 24 hours

Send new password to other users

To change the password of any of your users (except for your own), follow these steps:

  • Go to Configuration > Users. In the table overview, click on “Send new password” in the line for the respective user. If a user has been blocked due to too many password errors, you need to click on a separate “Activate” button first. Only then will the “Send new password” be available
  • You get a success message on the screen. Our system sends an automated email from with a new password. The user will have to change the password right after logging in for the first time

UserManager-3.jpg

Reset lost passwords

Check out our dedicated guide to recover your lost password

5. Manage user profiles and rights

Our platform allows individual customisation for each user that has access to your account. Any of your users will so reflect the role and responsibilities within your company.

Define standard profiles

By selecting either of the available profiles, you can grant or deny access to certain areas and actions within your account. Check out this table to learn exactly what is possible for each profile.

Find here an overview of the available profiles and their general purpose: 

Profile Definition
Admin
  • Full access rights
  • Default user for any PSPID
  • Only user that can change the account configuration
Admin without user manager
  • Identical with Admin, but without user creation rights
Encoder
  • Can create transactions in Back Office (Operations > New transaction)
Super-encoder
  • Can create transactions/perform data captures on authorised orders in Back Office (Operation > New transaction)
  • Can perform maintenance operations
Super-encoder without refund
  • Identical with Super-encoder, but cannot do refunds/cancel authorisations
Helpdesk admin
  • Has only access to Configuration > Users
Viewer
  • Read-only access profile
  • Useful for looking up transactions in the Back Office (Operations > View transactions / Financial history)

If you want to configure webhooks, make sure your user has either an Admin or Admin without user manager profile

For each profile, different options are available:

Option Description
R

Read-only access

The module is only available for viewing

RW

Read/Write access

The module is available for both viewing and changing settings

 

N/A

Not available

This module is not available at all 

Back Office module Access rights

Configuration > Account >

Your administrative details /

Currency

Viewer: R

Encoder: R

Super-encoder: R

Super-encoder without refund: R

Helpdesk admin: N/A

Admin: RW

Admin without user management: RW

Configuration > Account > Your Subscription / Your options

Viewer: N/A

Encoder: N/A

Super-encoder: N/A

Super-encoder without refund:N/A

Helpdesk admin: N/A

Admin: RW

Admin without user management: RW

Configuration > Account > Your invoicing information

Viewer: N/A

Encoder: N/A

Super-encoder: N/A

Super-encoder without refund: N/A

Helpdesk admin: N/A

Admin: R

Admin without user management: R

Configuration > Payment methods

Viewer: R

Encoder: N/A

Super-encoder: N/A

Super-encoder without refund: N/A

Helpdesk admin: N/A

Admin: RW

Admin without user management: RW

Configuration > Users

Viewer: N/A

Encoder: N/A

Super-encoder: N/A

Super-encoder without refund: N/A

Helpdesk admin: RW

Admin: RW

Admin without user management: RW

Support

Viewer: R

Encoder: R

Super-encoder: R

Super-encoder without refund: R

Helpdesk admin: R

Admin: R

Admin without user management: R

Configuration > Technical information

Viewer: R

Encoder: N/A

Super-encoder: N/A

Super-encoder without refund: N/A

Helpdesk admin: N/A

Admin: RW

Admin without user management: RW

Advanced > Fraud Detection

Viewer: R

Encoder: N/A

Super-encoder: N/A

Super-encoder without refund: N/A

Helpdesk admin: N/A

Admin: RW

Admin without user management: RW

Operations > Financial History

Viewer: R

Encoder: R

Super-encoder: RW

Super-encoder without refund: RW

Helpdesk admin: N/A

Admin: RW

Admin without user management: RW

Operations > New transaction

Viewer: N/A

Encoder: RW

Super-encoder: RW

Super-encoder without refund: RW

Helpdesk admin: N/A

Admin: RW

Admin without user management: RW

Operations > View transactions

Viewer: R

Encoder: R

Super-encoder: RW

Super-encoder without refund: RW

Helpdesk admin: N/A

Admin: RW

Admin without user management: RW

Operations > Electronic reporting

Viewer: RW

Encoder: RW

Super-encoder: RW

Super-encoder without refund: RW

Helpdesk admin: RW

Admin: RW

Admin without user management: RW

Advanced > Alias Manager

Viewer: R

Encoder: R

Super-encoder: R

Super-encoder without refund: R

Helpdesk admin: N/A

Admin: RW

Admin without user management: RW

Define Fraud Prevention

Our Fraud Prevention tools offer additional profiles with specialised scopes:

Fraud Prevention module Access rights

Advanced > Fraud Detection

Fraud analyst: R

Fraud manager: RW

Fraud viewer: R

Advanced > Fraud Detection > Fraud detection activation and configuration

Fraud analyst: R

Fraud manager: RW

Fraud viewer: R

Advanced > Fraud Detection > 3D-Secure

Fraud analyst: R

Fraud manager: RW

Fraud viewer: R

Advanced > Fraud Detection > Blacklists / Greylists / Whitelists

Fraud analyst: RW

Fraud manager: RW

Fraud viewer: R

Operations > View Transactions > VIEW RISK DETAILS

Fraud analyst: R

Fraud manager: R

Fraud viewer: R

Operations > View Transactions > VIEW RISK DETAILS > FLAG AS DISPUTE AND FILL BLACKLISTS, GREYLISTS OR WHITELISTS

Fraud analyst: RW

Fraud manager: RW

Fraud viewer: N/A

Operations > View Transactions > VIEW RISK DETAILS > Release / block transactions based on Fraud Expert review

Fraud analyst: RW

Fraud manager: RW

Fraud viewer: N/A

6. Customise Users

Once created, you can modify your users’ settings anytime for fine-tuning or complete profile redefinition.

If you want to modify a users’ settings, make sure your user has an Admin profile

Change data and settings

To change data and settings of a user, follow these steps:

  • Go to Configuration > Users. Check on top of the table how many users you can create. Click on “EDIT” in the line for the respective user
  • You can modify the following fields:
    Field Possible action(s)
    User’s name The name of the person working with this user
    E-mail address The person’s email address. All notifications from our platform (including new passwords) will be sent to this address. Learn more about this setting here
    Timezone Select the time zone
    Automatically adjust to daylight saving changes (De)flag depending on whether the time stamp of transactions created by this user should be adjusted to the current daylight-saving time
    Profile Define the user’s access rights by selecting either of the available categories. Learn more in our dedicated chapter
    pecial user for API (no access to admin.) Leave unflagged
    Access rights Refine the selected user’s profile by granting additional access rights to
    Advanced > Fraud Detection
    Configuration > Technical information
    Configuration > Payment methods
  • Enter your own password you have used to log in with your user in “To confirm the modification, please enter your own password”
  • Click on “SAVE” to confirm you changes. You get a success message on the screen. Our platform sends a confirmation e-mail to the user's e-mail address

UserManager-5.png

Deactivate/Reactivate users

It is possible to deactivate users you do not need any more or reactivate users you deactivated at some point. Our platform will never delete a user, so you are always on the safe side when deactivating users. You can get an overview on all active / inactive users in your account via Configuration > Users > Status > Select either option > Click on “SEARCH”.

To deactivate a user, follow these steps:

  • Go to Configuration > Users. Click on “Deactivate” in the line for the respective user
  • You get a success message on the screen. Our platform sends a confirmation e-mail to the user's e-mail address. The user will disappear from the overview, as the default view will display only users in status “active”

To reactivate a user, follow these steps

  • Go to Configuration > Users. Select “Inactive” from the “Status” dropdown menu and click on “SEARCH”
  • Click on “Activate” in the line for the respective user
  • You get a success message on the screen. Our platform sends a confirmation e-mail to the user's e-mail address. The user will disappear from the overview, as the default view will display only users in status “inactive"

UserManager-6.png

  • To prevent illicit access to your PSPID, our system will automatically put any user that has not logged on to our platform for more than 60 days to status “inactive”
  • Please make sure to inform all your users that the Admin user can reactivate their account in case of prolonged inactivity
  • An admin user will have to contact us to activate his/her account

7. Use additional possibilities

As security is our top priority, the User manager offers even more possibilities to protect your account and transactions.

(De-)Activate 2-factor authentication

Two-factor authentication (2FA) adds an additional layer of security to your account.

Apart from your password, a second factor is needed for logging in. This is a time-based unique verification code our platform sends to the user’s mobile device.

To use this option, follow these steps:

  • Install an authenticator on your mobile device. We support the following:
    • Google Authenticator (Android, iOS, BlackBerry)
    • Authenticator (Windows Phone)
  • Login to the Back Office. Go to Configuration > Password > One Time Password configuration
  • Open the authenticator application on your mobile device and scan the QR code displayed on the page. Alternatively, enter the “Secret Key” on top of the QR code
  • Your authenticator generates a temporary 2FA passcode. Enter it in “Enter the code generated by your authenticator app”
  • Enter your own password you have used to log in with your user in “To confirm the modification, please enter your own password”. Click on “SUBMIT” to confirm the activation
From the moment 2FA authentication is activated on your account, it is also linked to your mobile device. Before changing or resetting your mobile device, we strongly advise you to deactivate 2FA authentication before setting it up on your new device

To deactivate the option, follow these steps:

  • Login to the Back Office. Go to Configuration > Password > One Time Password configuration
  • Your authenticator generates a temporary 2FA passcode. Enter it in “Enter the code generated by your authenticator app”
  • Enter your own password you have used to log in with your user in “To confirm the modification, please enter your own password”. Click on “SUBMIT” to confirm the deactivation

UserManager-7.png

Login with 2-factor authentication

  • Go to either our Test environment/Live environment. Enter your UserID/password.
  • Our system redirects you to the 2-factor authentication page. Your authenticator generates a temporary 2FA passcode and enter it on this page

Track user operations on transactions

Our platform keeps track on which user creates or perform maintenance operations. You can check this out in our Back Office via Operations > View transactions / Financial History.

  • On the selection screen, look up the transaction by the Pay ID, Order date or any other search criteria
  • In the transaction overview screen, scroll down to the table on the bottom of the page. Select the operation in the “Pay ID” column (10-digit Pay ID / X) you want to know the origin of
  • In the subsequent overview, in “encoded by” the creator of the operation is named by the formula

    UserID/PSPID/User type

UserManager-8.png

UserManager-9.png

Alternatively, you can display all operations by a specific user via Operations > View transactions / Financial History. Click on “ADVANCE SELECTION CRITERIA” and select the UserID from the drop-down menu “encoded by”: 

UserManager-10.png

Block IP address for access

To protect against unauthorised access to the Back Office, a user with an Admin profile can give access to specific IP addresses. Once configured, each login attempt of any user linked to your PSPID must origin from this IP range.

  • Go to Configuration > Users > Login Access
  • In “IP address”, enter the IP address(es) to which you want to grant access. Take the following into account
    • Separate multiple addresses with a semicolon “;“
    • The IP address(es) must be CIDR compliant and can have a maximum length of 512 characters
  • The IP address of the user configuring the IP range must also be included in the defined range. Otherwise, the user will receive an error message and the IP address will not be saved

UserManager-11.png