210 likes | 347 Views
eAuthentication Initiative. eAuthentication Solution Screens Review Meeting. October 7, 2003. Agenda. Customer Registration Process Customer Registration - Level 1 Customer Registration - Level 2 Local Registration Authority (LRA) Role Assignment Delegated Authorization Administration
E N D
eAuthentication Initiative eAuthentication Solution Screens Review Meeting October 7, 2003
Agenda • Customer Registration Process • Customer Registration - Level 1 • Customer Registration - Level 2 • Local Registration Authority (LRA) Role Assignment • Delegated Authorization Administration • Questions and Answers
USDA’s eAuthentication Home Page http://www.eAuth.egov.usda.gov COMING SOON!
Customer Registration Process Customer options for online self-registration: Option 1 – The customer applies for just Level 1 credentials • Requires limited amount of information to complete customer profile • Requires a minimum 4 character password • Grants limited access, no identity-proofing required • Receives an email confirmation with request to activate customer profile with Level 1 credentials Option 2 – The customer currently has Level 1credentials and decides to complete the process to apply for Level 2credentials • Requires additional customer information • Requires password change to minimum 9 characters • Requires authentication of identity by USDA employee – Local Registration Authority (LRA) • Receive confirmation email Option 3 – The customer applies for Level 2 credentialswithout having Level 1 credentials • Requires Customer to complete an expanded User Profile • Requires a minimum 9 character password • Requires authentication of identity by USDA employee - LRA • Receives an email confirmation without request to activate customer profile with Level 2 credentials
Process Flow- Level 1 Assurance Obtain User ID and Level 1 credential Access Level 1 Web applications Customer Creates a User Profile and clicks the “Submit” button
Process Flow- Level 2 Assurance LRA verifies customer’s identity and updates the system Access Level 2 Applications Customer Creates User Profile and clicks “Submit” LRA updates customer profile in the system and activates level 2 credentials Customer presents valid government issued ID to LRA LRA verifies ID information against customer profile in the system
Customer Registration Key Points • Email is a required field in this registration process. The customer will be advised to establish email accounts from companies like Yahoo, Hotmail, or their local Internet Service Provide (ISP) if they do not already have an established email account elsewhere. • The customer will receive an error message if all of the required fields are not completed and the system will not accept the user profile. • Once the customer completes and submits their user profile online, the customer will receive a verification email. This verification email will provide the customer with log on instructions that will activate their access level
Process Flow - LRA Processing The LRA is responsible for completing the following 3 steps The LRA searches for the customer’s name in the USDA eAuthentication website The LRA validatesthe customer’s user profile against the customer’s government issued photo ID The LRA activates the customer’s Level 2 credential
Local Registration Authority Process – Step 1 Search Go to USDA eAuthentication web site http://www.eAuth.egov.usda.gov to access the application to activate a customer to Level 2 Click on the “My Task” tab to access the My Task for extUsersscreen Click on the task “Validate Level 2 Customer” Click on “Validate Level 2 Customer” to access search page **This site is protected by WebCAAF - All federal employees wishing to be LRA’s must have WebCAAF ID and password
Local Authority Registration Process– Step 1 The Validate Level 2 Customer: Search for Level 2 Customer page is displayed Select “Last Name” from the Search Option drop down menu (Last Name is the default) Select “Equals” from the drop down menu to specify the relationship you wish to search (Equals is the default) Enter the customer’s last name using the valid form of identification that is presented Click the “Add More” button to display additional search criteria (i.e. First Name, User ID, State) Select “First Name” from the second Search drop down menu Select “Equals” from the drop down menu to specify the relationship you wish to search Enter the customer’s first name using the valid form of identification that is presented Click “Search” The drop down menu allows the LRA to manipulate the search criteria
Local Registration Authority Process – Step 1 11. Search results are displayed on the Validate Level 2 Customer: Search for Level 2 Customer 12. If the information in the search results matches the information specified on the customer’s identification card, click on the customer’s “User ID” listed on the search results page to bring up the Customer Profile Note: If search results display more than one entry with the same name, further confirmation will be required to validate the customer’s identity. The LRA should confirm one or more of the following: (a) Date of Birth, (b) User ID, and/or (c) Address/State. The LRA must select each customer one by one until the correct customer is selected If the LRA enteredthe incorrect customer information, the SearchAgain button will take the LRA back to the previous screen DHawes 1 Dana Hawes 50 Fruitwood. Cleveland
Local Registration Authority Process – Step 2 Validate Compare the customer’s first and last name on the government issued photo identification card to the information listed in the customer’s profile Note: If the information in the profile does not match the information provided on the identification card, advise the customer to correct their User Profile, or obtain an updated identification card and then return to the Service Center to complete the eAuthentication Registration Process Validate the customer’s physical attributes and resemblance to the government issued photo ID that is presented On the Credential Documentation Type pull-down menu, select the appropriate form of government issued identification presented by the customer (Driver’s license is the default ID) The LRA’s WebCAAF ID will automatically populate in the LRA Admin field
Local Registration Authority Process – Step 3 Validate 16. Enter the expiration date that is shown on the government issued photo ID that is presented in the “Credential Expiration” field Note: A Confirmation message will display once the LRA activates a customer Activate 17. Click “Submit” to activate the customer to Level 2
Role Assignment Process • Once level 2 credentials are activated by the LRA, the customer can now access online interactions that require Level 2 Assurance, except for … • If application requires additional information before user authorization is permitted then, • Application owner determines how to collect additional information • Application owner establishes some type of delegated authorization administration • Application owner provides means for users to access delegated authorization administrator
Customer Role Request You have provided valid credentials, but are not authorized to access this page! Click below to request access to this USDA web site Click here Customer attempts to access a role protected application Customer is redirected to error page (Active Response) and is guided through application defined process
Role Assignment DRAFT Agency Application Administrator is responsible for Role Assignment: • Administrator goes to IMS • Administrator searches for customer
Role Assignment DRAFT 3. Agency Application Administrator pulls up customer’s profile and then clicks on the “Specific Admin Roles” Tab
Role Assignment DRAFT 4. Administrator selects appropriate Role to Assign to customer 5. Administrator clicks on submit to activate the customer role 6. Administrator emails the customer to invite him/her to access protected application Agency is responsible for creating the proper procedures for Role Assignments