Card and PIN Management

Overview

Every user in Dispatcher Paragon can have any number (usually one) of assigned card numbers. Typically, these correspond to the ID badges of employees with RFID and/or similar contactless identification chips. There are many different standards of identification chips, most of which are, however, incompatible among themselves. Dispatcher Paragon can work with virtually any of them provided that the terminals are equipped with the right card readers. Note that authentication is based purely on the knowledge of an identification number which can be read from the chip easily or guessed. Chips with long random identifiers are preferred and users should always check the origin and integrity of the reader to achieve a higher level of security.

Instead of or in addition to cards, users may also use numeric PIN codes for authentication at Dispatcher Paragon terminals. This PIN code is treated as a virtual card number: it is stored in the same place and managed in the same way. However, a cryptographic hash of the PIN code is stored instead of the current PIN (this behavior can be changed in Dispatcher Paragon administration).

Required Access Rights for Managing PIN and Card Activation Codes and Cards

The administrator needs to have access rights for View list of users and Add, edit, and delete users (Users > Roles > Access rights > Users > View list of users, Add, edit, and delete users).

For assigning a card from the Dispatcher Paragon management interface, the administrator also needs rights for List of accesses to terminals (Users > Roles > Access rights > Reports > List of accesses to terminals).

PIN (Personal Identification Number)

Users may use numeric PIN codes for authentication at Dispatcher Paragon terminals.

The PIN code is treated as a virtual card number: it is stored in the same place and managed in the same way.

Additional information can be found in Managing Users.

Common Steps

  1. Access User edit mode through Users > Users > User (edit or new).

  2. Scroll down to the PIN codes section.

  3. Click Add new PIN.

Adding a PIN for a User

  1. Enter the PIN.

  2. Click SAVE NEW PIN CODE.

Generating a PIN Code Automatically

This feature enables add or generate PIN with time expiration to users. When a PIN expires, the user cannot log in with this PIN and has to generate a new PIN. New PINs can also be generated by an administrator. The administrator can set a PIN expiration date or generate a PIN with a default expiration date.

When a user or administrator generates a new PIN, a notification email with the PIN and its expiration date is sent to the user. Another notification email is sent before a user's PIN is due to expire.

When a user already has a PIN defined and a new PIN is generated, all previous PINs are deleted.

  1. Set PIN code expiration.

  2. Click SAVE NEW PIN CODE. An email with the new PIN code is sent to the user's mailbox.

Configuration

There are several properties related to PIN code generation.

The feature can be enabled by: PIN-generator = true

This property enables setting the length of the variable part of the PIN (without digits in the login name) in digits.

PIN-size = 6

PIN expiration time in days. (Time in days, when a notification email is sent to the user before their PIN expires.)

PIN-default-expiration = 60

PIN-expiration-notification = 7 (This property enables the overriding of old PINs with new PINs. PIN-override = true)

The following two properties handle the archiving of old PINs. When enabled, the old PINs are written in a history table. When a PIN is stored in a history table, it cannot be used as an active PIN. After the PIN archiving period expires, PINs are deleted and can be reused.

PIN-history-enabled = false

PIN-archiving-period = 365

The following properties set the notifications for users.

PIN-enable-email-notifications = true (specifies whether email notifications are sent to the user after a new PIN is generated.)

PIN-enable-display-for-user = true (specifies whether a newly generated PIN is displayed to the user in a browser popup window.)

PIN-enable-display-for-admin = false

Card Numbers

Card numbers are masked with four asterisk symbols (****). In addition, last digit of the card number is preserved, in order to help the managing user/administrator quickly identify card numbers of an user.


This setting can be changed via maskCardNumber property:

true (default) - Enable card masking

false - Disable card masking, reveal the full non-masked card numbers

Card Activation Code

The Dispatcher Paragon card activation code is a module used for allocating unregistered cards to users.

Card Activation Code Generation

  1. AUTOMATICALLY: The card activation code is generated after receiving the first print job from a user. Dispatcher Paragon subsequently generates the card activation code for the user.

  2. MANUALLY: The card activation code is generated by the administrator by clicking the Generate Card Activation Code button.

You can find more information on Configuring ID Card Self Assignment.

Card Assignment Methods

Card Assignment from the Dispatcher Paragon Management Interface:

When there is an unknown card, PIN, or password, the administrator can create a new user or assign a PIN or card number to an existing user.

Additional information can be found in Managing Users.

  1. Access User edit mode through Users > Users > User (edit or new).

  2. Scroll down to the Cards section.

  3. Click Add new card.

  4. Insert card number.

  5. Click Save new card.