Configuring the Account Type

All CA Risk Authentication users are identified in the system by a unique user name. CA Risk Authentication supports the concept of an account or account ID, which is an alternate ID to identify the user in addition to the user name. A user can have none or one or more accounts or account IDs.
aatest
All CA Risk Authentication users are identified in the system by a unique user name. CA Risk Authentication supports the concept of an account or
account ID
, which is an alternate ID to identify the user in addition to the user name. A user can have none or one or more accounts or account IDs.
For example, consider a banking institution that uses the ID from the Customer Information File (CIF), to identify the customer Robert Laurie. In addition, Robert uses his account number to transact with the bank for his fixed deposits and a different account ID for online banking. So, Robert has the following account IDs:
  • User name: BNG02132457678
  • Account ID for fixed deposits: 000203876544
  • Account ID for online banking: rlaurie
An
account type
is an attribute that qualifies the account ID and provides additional context about the usage of the account ID. An account ID uniquely identifies a user for the given account type.
For example, you can create an account type that is named FIXED_DEPOSITS for the 000203876544 account ID, and another account type that is called ONLINE_BANKING for the account ID rlaurie.
Now, Robert can log in to the system and can be identified by using any of the following:
  • BNG02132457678
  • FIXED_DEPOSITS/000203876544
  • ONLINE_BANKING/rlaurie
First create an account type in
Advanced Authentication
before you can create account IDs. You can configure the account type to be available to specific organizations only or to all organizations, including those that will be created in the future. At the organization level, each organization can choose to support a set of account types.
No two users in a given organization can have the same account ID for an account type. At any given point of time, the following combinations are unique:
- Organization name, account type, and account ID
- Organization name, user name
Creating a New Account Type
To create a new account type:
  1. Ensure that you are logged in as the MA.
  2. Activate the Services and Server Configurations tab.
  3. Click the
    Advanced Authentication
    option on the submenu of the tab.
  4. Under the UDS Configuration section on the side-bar menu, click the Configure Account Type link to display the page.
  5. (If this account type you is the first you are adding) In the Add New Account Type section:
    1. Enter the Name of the account type.
    2. Enter a Display Name for the account type.
    3. If necessary, expand the Custom Attributes section by clicking the + sign and specify the Name and Value of any custom attributes that you want to add for this account type.
  6. In the Assign to Organizations section:
    • Select Apply to all Organizations if you want to use this account type for all existing organizations and any organizations that may be created in future.
      Such accounts appear under Global Accounts on the Configure Account Type page at the organization level.
      Or
    • Select the organization to which you want to assign the account type from the Available list and move it to the Selected list.
      The accounts that are assigned to specific organizations appear under
      Organization-Specific Accounts
      on the Configure Account Type page at the organization level.
      Click the > or < buttons to move selected organizations to the desired list. You can also click the >> or << buttons to move all organizations to the desired lists.
  7. Click Create to create the account type.
  8. Refresh
    all
    deployed CA Risk Authentication Server instances.
    See "Refreshing the Cache" for instructions.
Updating an Account Type
To update an existing account type:
  1. Select the account type from the Select Account Type drop-down list.
  2. Modify the required fields, and click Update.
    Once you have created an account type, you cannot change the Name of the account type.
  3. Refresh
    all
    deployed CA Risk Authentication Server instances.
    See Refresh Cache for instructions.
Deleting an Account Type
To delete an existing account type:
  1. Select the account type from the Select Account Type drop-down list.
  2. Click Delete.
    You cannot delete an account type if you have created user accounts for that type.
  3. Refresh
    all
    deployed CA Risk Authentication Server instances.
    See Refresh Cache for instructions.
Configuring Email and Telephone Type
CA Risk Authentication allows you to specify multiple email addresses and telephone numbers while creating users and administrators. The MA can configure multiple email and telephone types at the global level, which automatically become available to all organizations. The MA can also specify certain email and telephone types as mandatory and others as optional. When you create users and administrators in an organization, you are prompted to enter values for the email and telephone types that the MA has configured. You can choose to override the global configuration by configuring different email and telephone types while creating organizations.
Email and telephone type attributes configured at the organization level take precedence over the values that are configured at the global level.
Email and Telephone Type Example
Assume that the MA has configured the following email and telephone types that all organizations must use:
  • (Mandatory) Email type: Work Email
  • (Optional) Email type: Personal Email
  • (Mandatory) Telephone type: Work Phone
  • (Optional) Telephone type: Home Phone
When a GA creates an administrator for an organization
Org1
that uses the global configuration, the GA
must
provide values for Work Email and Work Phone. The GA can add additional email and telephone types, if necessary, but cannot delete the global configurations for email and telephone types.
To configure the email and telephone type attributes:
  1. Ensure that you are logged in as the MA.
  2. Activate the Services and Server Configurations tab.
  3. Click the
    Advanced Authentication
    option on the submenu of the tab.
  4. Under the UDS Configuration section on the side-bar menu, click the Email/Telephone Type Configuration link to display the page.
  5. In the Configure Email Type section, specify:
    • Priority of the Email Type if more than one Email Type has been configured. Use the up and down icons to change the priority. Priority defines the order in which Email Types are displayed on the screen when multiple Email Types have been configured.
    • Type of email that you want to configure, for example, work or personal.
    • Display Name of the Email Type.
    • Whether the Email Type is Mandatory.
    For example, you can configure work email with a higher priority than your personal email so that work email gets displayed first.
  6. In the Configure Telephone Type section, specify:
    • Priority of the Telephone Type if more than one Telephone Type has been configured. Use the up and down icons to change the priority. Priority defines the order in which Telephone Types are displayed on the screen when multiple Telephone Types have been configured.
    • Type of phone number that you want to configure, for example, home or work.
    • Display Name of the Telephone Type.
    • Whether the Telephone Type is Mandatory.
    You can add multiple Email and Telephone types by clicking the
    +
    icon.
  7. Click Save to save your changes.
  8. Refresh
    all
    deployed CA Risk Authentication Server instances.
    See "Refreshing the Cache" for instructions on how to do this.