User Management

[MUSIC PLAYING]

Hello and welcome to eBill training. Today we're going to be reviewing the user management features available in the Payment Center application. Some of the features that we'll review today will be an overview of the biller's hierarchy, and then how user roles can function within that hierarchy. We're also going to look at the more commonly used features, including how to add a user, modify, and then delete a user.

We'll also take a look at the permissions, and will demonstrate how these permissions can be modified, and then we'll do a quick review of what we call secure access settings, which allows you to whitelist IP addresses so that a user can gain access to Payment Center. We'll do a quick review of some of the templates, which are the email notification specifically related to users that go out, and then we'll do a very brief overview of the user audit reports. Some of the features that we'll be looking at today are available for you to look at in the User Management guide, and then some of the features that we will not spend time on today's training session, you can also find in the user guides.

So let's start by when we log into Payment Center. Again, this is the screen that you'll initially log into. In order to access the user management functions, you're going to come up to the upper right hand corner, and you're going to notice that there is a grid there of nine little squares. Click on that, and then there'll be an option for user management, and that's what we're going to use today.

Started on the actual features within here, I'd like to do a quick overview and explanation of the biller's hierarchy, as well as user roles. So we're going to switch over here for a moment and take a look at that hierarchy. Within the application, we typically will set up a main partner, and then if there are other child partners under that, you'll notice this here. And this could equate to an organization's structure in terms of maybe a parent company, and then multiple children.

The next area then that kind of layers over that are the user roles. We will typically set up three types of users. One is an administrator, the one under that is a supervisor, and then the role underneath that is an operator. And this is important to know, because administrators are going to usually have all of the features available, supervisors may have a little bit less, and then operators would have even less.

Now there's multiple ways that you can structure users. You can set them all up at the main company level, and then you can determine which role has access to which company or partner. So in this example here, we've set all the roles up at the ABC Company main level, and we're giving User 1 access to all partners, were giving User 2 access to all partners, and we're also giving User 3 access to all partners. So that's an example of one way that the missions can be set up.

Another example of this is in the one below here, where we still have the same organizational hierarchy with one main parent-- ABC Company main-- and then two children, ABC Child 1 and ABC Child 2. We're still going to set all the roles up at the ABC Company main level, but then when we can do when we add users is that we can give, in this example, administrator access to all partners, and then maybe we only want to give User 2 access to ABC Child 1 and 2, and then we may want to limit the operator to only have access to ABC Child 2. But this is just something that you need to understand in terms of how we set up the organizational hierarchy, and then how user roles kind of layer over that.

One thing that's important to note is that user roles are hierarchical, which means that an administrator cannot view another administrator. They can only view supervisors or operators. The same thing holds true, then, with a supervisor.

They're not able to view administrators because they're higher up in the hierarchy, nor are they able to view other supervisors. They'd only be able to view operators. And then when you get down to an operator role, they can only view their own information. One thing to note that when we set up a new implementation, user roles and users will be at the start of the implementation, but after that initial start-up, the biller is going to be responsible for managing their own user roles and access, and if then the biller requires additional administrators to be set up they will have to reach out to U.S. Bank, and then U.S. Bank will need to create the administrators.

Now one thing also that I want to explain upfront before we get into user roles is that there's always two parts to each user role. We have user management privileges, and within the screens that I'll show you in a few minutes, they're called CORE. These would be features like the ability to add a user, delete a user, modify, reset passwords, and then view user reports.

The second part of that user role are called Orbipay privileges, or you'll see it on the screen as EBPP. These are features like being able to view customer information, make payments, edit or delete payments, reset a customer's password, and then running reports. So the one thing to keep in mind is that these CORE privileges are more for the biller and the people in their organization as far as adding users, and the second part of this are the features and functions that they'll need to be able to support their customers.

So now that we've taken a look at that, let's go back into the user management feature and start to dive into a little bit more detail. When you first come into the screen, you're going to be presented with a dashboard, and for your own organization you will see on this dashboard a list of the total current users. We also then will break it down into locked users, active users, deleted users, and users that may be expiring. And at any point in time, you can drill in, and you can actually see the details of those users that are locked.

The next box here are the user applications, and this is basically going to be things like that user management, Payment Center, which are really the only two that are applicable right now. But this could change based on the setup of the biller.

And then under here we have user roles. And so this is looking at CORE, how many admin users are set up-- so it just gives more detail about the setup.

Now let's take a look at the Manage Users option here, and what this is going to do is it's going to give you details of the users. So again, based on your setup, you will see all the users within that organization, and it will include things such as the user name, the user ID, the role, the partner name, and the status, and it will show you if it's locked or if it's active. In any case, you can actually drill in and see the details of that particular user. This is also where you could do things like edit that user. So if I click on the edit, we could go in and change the first name, the last name, the email address, or any other fields that are pertinent to that user.

If we need to reset a user's password, we can click here and simply set a new password and then retype that password. What you'll need to do for the time being is once you've updated or created a new password for a user, you will need to email that user with that temporary password, and the first time that the user logs back in the Payment Center, the system will force them to put in that password that was assigned and then it will ask them to create a new password.

The other item here is called Change Status, and this is where you can go in and you can either make that user active or you can make that user inactive. And then finally, the Session Summary will tell you information about where the user has been, the different applications, and things of that nature.

I spelled out that there's two types of privileges that are set up. There's the core user features, and then there's the EBPP features. So if I click in here, these are going to show me the features that are set up for this particular user, and these are the things that we create as a user role and then a user just simply gets added into that role and we'll get these default privileges.

Now you do have the ability in some cases to go in and modify, that role but we don't usually recommend that you go into each individual user and begin to modify roles. Using a role and assigning permissions is really the best way to manage it. If you begin to click things off and on for a specific user, it just becomes a little bit confusing as to what you set up for that user.

And then if you go into the EBPP roles, these would be things like system management, user management, funding source management. So these are the features or the privileges that will allow you to really service your customers in terms of helping them to add a payment, make a payment, things of that nature.

One of the other things that you can do, as I was talking about the hierarchy and the roles, is that you can actually go in and you can determine whether or not a user has access to see a specific partner. And so you can go in and say, I want you to have access to everything with the exception of ABC Hospital. So the where you can go in and control which level in the organization that a user has access to. The most commonly used application that you'll use here is the ability to go in and reset a user's password.

The next section here is creating a new user role. This is what you'll do when you need to add a new user to your organization-- maybe somebody who's new, and has been hired-- and they need to get access to this Payment Center application. The required fields are going to be highlighted in a red asterisk, so you would type in the first name, type in this last name, and then type in what you want their user ID or log in to be.

You'll then go ahead and set an initial password, and you'll also put in the email address for that user. The rest of the information is optional. Over in the second box-- this is important, because when you set up a user, most of the time I see people have issues because they only set up the CORE, and they don't set up the access to EBPP. So what you'll do is you'll determine whether the new user that you're adding needs to be an administrator, an operator, or maybe some other supervisor, so we'll go ahead and add in an operator. And then what you'll typically want to do is you'll want to make sure that this user has user management access, and even if you're an operator, you want to make sure that you check this each time so that the user can at least go in and modify their own setup.

This next section is then the CORE, or the EBPP privileges. What you'll want to do is just make sure that whatever you selected up here for CORE, you also select the same one down here. Once you've done that, there will be additional reports that will pop up here that you'll want to either give access to the user-- and it's usually online reporting, which is the most important that you'll want to give access to.

Setting up a new user. You can go in and you can specify which partners in the organizational hierarchy that they'll have access to. So here's where you can go in and exclude-- and that's the key, it has to be you're excluding the partners, so you have to actually go in and put a checkbox next to the partners that are going to be created.

After you've done that, you can click on Create, and then the user ID will be created and added successfully. So you can see now that I've added the user here. The message up at the top indicates that the user was successfully created, you can see that I set up my user ID as "MBendy13" Here is the CORE-- so those are the user privileges that were added-- and then here are the EBPP applications. And again, at any point in time, I can go in, click on here, and then edit that information.

So I've showed you how to edit a user, how to reset a user. Let's go in now and actually change the status and make this an inactive user. So if I click on Change Status, I'm going to come over here, and I'm going to click on the word Deleted, and I may want to type a memo, and then go ahead and click the Update button. And now you can see from a status standpoint that the status was successful, and my new status is now deleted. So those are typically the functions that you'll use most often-- adding a user, modifying a user, and especially resetting passwords.

All right, so we have looked at how to manage users and user roles, we've looked at how to create a user. I'm going to skip down to Secure Access Settings. One thing to keep in mind is that it's simply not enough for a user to be able to access Payment Center with the user ID and password.

One of the other things that is required is that we white list the IP address or addresses that user is going to be coming from. It just creates a more secure environment. Should you need to add additional IP addresses-- and these are public-facing IP addresses that we have to use-- you can actually go in here and then add that IP address in. We'd like to get those IP addresses during the implementation process so that we can add those in at the startup, but should you ever have a need to go in to do that and you are given this function, you do have the ability to go in and add that IP address.

The next section here is the Manage Template application, and what this allows you to do is we have certain information that goes out in the form of an email that basically talks about access. For example, this is user access verification code. So the other application aside from the IP address that we have something called device-based authentication, and so this is the actual email template that's associated with that. Should you want to change this template and make it something different, if you have the privilege assigned, you can actually go in and modify this email, and then these are some of the fields that you can pull in as part of that email address.

So we have the same thing here for the user access verification code. So this is just a simple way to go in and modify those. Usually not a feature that I see most people use, but it is there, and it is available for you.

Now we don't have any user audit report information in this sandbox demo environment, so I'm going to switch over to our last slide and just show you what that looks like. So from the user audit report, it will ask you to put in a from date and a to date, and then you can look for a specific user ID. And really, all this truly is an audit report that shows each event when a user signed in.

So in this case, we have an event time, what was actually done, which partner, who it was initiated by, and who has acted on it. This report can be downloaded to an Excel spreadsheet or a CSV file. And I don't see this used too often, but every once in a while, there may be a need to go in and just look at the activity of a specific user.

If you need additional information or more details on the specifics that weren't covered today, you could always refer to the eBill User Guide. Thanks for your time today. 

[MUSIC PLAYING]