Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Excerpt

In order to increase the security and better control the access to your data, you can now enable a two factor authentication for your operators

Solution

In order to illustrate the solution, let's consider the following example. The customer has bought 2 tickets. The on-line shop allows mobile ticket and print@home shipment mode. He selects the mobile ticket shipment mode and pays the order. No tickets have been downloaded or printed yet. The end customer has still the choice between downloading a ticket on his mobile or printing an e-ticket.

Image Removed

The end customer decides to download the first ticket on his mobile. He can't get an e-ticket anymore to prevent the invalidation of the mobile ticket:

Image Removed

The restriction works similarly in the other way. If the end customer prints the second ticket as a print@home, he won't be able anymore to download it as a mobile ticket. Clicking several times on the printable ticket link will open exactly the same PDF file (without invalidating previous tickets).

Image Removed

Registration

When the customer logs in for the first time, he will be invited to install Google app on his mobile after having entered his (correct) password.

Image Added

The operator just has to scan the appropriate QR code above with his mobile phone and the app will be displayed in the corresponding app store. If he has already installed the app, he can skip this step.

In the second step (triggered by clicking on the NEXT button), he has to register a secret key on Google Authenticator. To do so, the operator launches the app on his mobile and scans the QR code displayed on the screen below:

Image Added

Login

After the registration process above (or after having entered the correct password if the registration process has already been performed previously), the operator is invited to enter the six digits code:

Image Added

displayed by Google Authenticator:

Image Added

Phone lost/replaced

If an operator has to replace his phone, he needs to ask an administrator to click on the CHANGE PHONE button displayed below.

Image Added

The operator simply needs to perform the registration process described above with his new phone. In case of loss or theft, the (illegitimate) holder of the old mobile phone won't be able to login because the six digits code displayed by Google Authenticator on the old mobile phone are still based on the old secret key that isn't used anymore by SecuTix.

Getting started

The use of the two factor authentication process will have some impact on your operators. They will have to get an app on their mobile phone and have their mobile phone ready when logging in to SecuTix. As a result, in order to give you some time to inform your operators, this feature isn't enabled by default. Once you're ready, please send a request to our service team to enable the feature for your institution.

...

  • Send a request to our service team to enable the feature
  • Define for each operator if (s)he has to use the two factor authentication

The two factor authentication will be enabled by default for all new operators created after the two factor authentication has been enabled by our service team for your institution. You can disable or enable the two factor authentication for a given operator at any time.

Info
titleImprove security and data protection

SecuTix advises you to enable the two factor authentication to increase security. Of course, your operators need to be informed about the registration and login process.