Card and PIN Management

Overview

Every user in Dispatcher Paragon can have any number (usually one) of assigned card numbers. Typically, these correspond to the ID badges of employees with RFID and/or similar contactless identification chips. There are many different standards of identification chips, most of which are, however, incompatible among themselves. Dispatcher Paragon can work with virtually any of them provided that the terminals are equipped with the right card scanners. Note that authentication is based purely on the knowledge of an identification number, which can be read from chip easily or guessed. Chips with long random identifiers should be preferred and users should always check the origin and integrity of the reader to achieve better level of security.

Instead of and/or beside cards, users may also use numeric PIN codes for authentication at Dispatcher Paragon terminals. This PIN code is treated as a virtual card number: it is stored in the same place and managed in the same way. However, a cryptographic hash of the PIN code is stored instead of the current PIN (this behavior can be changed in administration).

Required Access Rights for Managing PIN and Card Activation Codes and Cards

The administrator needs to have access rights for View list of users and Add, edit, and delete users. For assigning a card from the Dispatcher Paragon web interface, the admin also needs rights for List of accesses to terminals.

images/download/attachments/153625267/role_change_pin_and_puk.png images/download/attachments/153625267/role_assign_card.png

PIN (Personal Identification Number)

Users may use numeric PIN codes for authentication at Dispatcher Paragon terminals.

The PIN code is treated as a virtual card number: it is stored in the same place and managed in the same way.

Additional information can be found in Manage Users.

Common Steps

  1. Access User edit mode through Users > Users > User (edit or new).

    images/download/attachments/153625267/add_new_pin.png

  2. Scroll down to the PIN codes section.

  3. Click Add new PIN.

Adding a PIN for a User

  1. Enter the PIN.

  2. Click SAVE NEW PIN CODE.

    images/download/attachments/153625267/new_pin.png

Generating a PIN Code Automatically

This feature enables add or generate PIN with time expiration to users. When a PIN expires, the user cannot log in with this PIN and has to generate a new PIN. New PINs can also be generated by an administrator. The administrator can set a PIN expiration date or generate a PIN with the default expiration.

When a user or administrator generates a new PIN, a notification email with PIN and its expiration date is sent to the user. Another notification email is sent before a user's PIN is due to expire.

When a user has some PIN(s) defined and a new PIN is generated, all previous PINs are deleted.

  1. Set PIN code expiration.

  2. Click SAVE NEW PIN CODE. An email with the new PIN code is sent to the user's mailbox.

    images/download/attachments/153625267/generate_pin.png

Configuration

There are several properties related to PIN code generation.

The feature can be enabled by:

PIN-generator = true

This property enables setting the length of the variable part of the PIN (without digits in the login name) in digits.

PIN-size = 6

PIN expiration time in days.

PIN-default-expiration = 60

Time in days, when a notification email is sent to the user before their PIN expires.

PIN-expiration-notification = 7

This property enables the overriding of old PINs with new PINs. PIN-override = true

The following two properties handle the archiving of old PINs. When enabled, the old PINs are written in a history table. When a PIN is stored in a history table, it cannot be used as an active PIN. After the PIN archiving period expires, PINs are deleted and can be reused.

PIN-history-enabled = false

PIN-archiving-period = 365

The following properties set the notifications for users.

PIN-enable-email-notifications = true

Specifies whether e-mail notifications are sent to the user after a new PIN is generated.

PIN-enable-display-for-user = true

Specifies whether a newly generated PIN is displayed to the user in a browser popup window.

PIN-enable-display-for-admin = false

Card Activation Code

The Dispatcher Paragon card activation code is a module used for allocating unregistered cards to users.

Card Activation Code Generation

  1. AUTOMATICALLY—The card activation code is generated after receiving the first print job from a user. Dispatcher Paragon subsequently generates the card activation code for the user.

  2. MANUALLY—The card activation code is generated by the administrator by clicking the Generate Card Activation Code button.

You can see more information on Configuring ID Card Self Assignment

Card Assignment Methods

Card Assignment from the Dispatcher Paragon Web Interface:

In the case of the status Unknown card, PIN, or password, the administrator can create a new user or assign a PIN or, card number to an existing user.

Additional information can be found in Manage Users.

  1. Access User edit mode through Users > Users > User (edit or new).

  2. Scroll down to the Cards section.

  3. Click Add new card.

    images/download/attachments/153625267/card_assignment_1.png

  4. Insert card number.

  5. Click Save new card.

    images/download/attachments/153625267/card_assignment_2.png