Unified Identity Service
As consumers expand their financial relationships, establishing and maintaining identity across multiple systems has become more complex for every party involved.
- End users must remember multiple sets of usernames, passwords, and 2FA information to access information related to a single FI relationship.
- Applications must keep up with best practices for security requirements while struggling with the cost and complexity of integrations.
- Institutions have to balance ease of use against reputation for being secure and safe.
- Core designed for face-to-face interactions with a teller now must store identity information about access as well as ownership.
With our Unified Identity Service (UIS), we establish a single source of digital identity that can be validated with a single set of credentials across accounts, assets, and other financial instruments.
The login experience
All Jack Henry products adoping UIS utilize a new login flow their respective applications. For example, Treasury Management has adoped the standard Digital Platform login experience. When an end user attempts to log into their app of choice, they will be immediately redirected to the Digital login flow, authenticate within this flow, then be returned to their app fully authenticated. It’s simple as can be.
Identity app
The Identity app is located in the lefthand menu of Banno Admin. This allows your team to search, edit, and manage users’ identity profile in a single place.
Utilizing the Identity app provides controls similar to those found in Banno People, allowing your teams to view and manage security settings and activity for the entire Identity. While security settings will temporarily be available in both People and Identity, these controls will move entirely to Identity in a future update.
Admin users can search for users by name, email, or username. The results navigate to the User Profile. Here, the admin can distinguish if the user’s source of record is UIS (marked as Identity) or Core (if not specified). Admin utilizing this functionality via Banno People are notified via banner that security settings will be moving to the Identity app in a future update.
Within the Identity app, admin users can manage institution level settings including:
- Update one recovery email and phone number
- Prompt to change username and password
- Send password reset links
- Initiate 2FA via call-in verifications
- Complete 2FA overrides
- Manage devices for account takeover prevention
- Access Activity feeds for identity related events
Utilizing Identity functionality directly from specific apps
Consumer users can utilize functionality formally built into Banno product’s Profile and Security settings directly from their app. Treasury Management users, for example, can edit their profile and security settings using Banno screens and workflows to update UIS information.
Settings
Selecting the Identity settings button presents your team with available configurations and defaults for Unified Identity.
Code delivery methods
This defines the available 2-step verification methods sent to end users. Each can be toggled to allow or disallow the given method. Available methods include:
- Authy
- Phone/Text message
- Authenticator app
- Symantec hardware/software tokens
- FIDO roaming tokens
Short code
This option controls whether or not all codes sent via text or SMS are sent from a five digit short code. Once activated, this feature cannot be deactivated.