Q2 Log-In + SAC Troubleshooting Guide

Modified on Thu, Jun 6 at 1:51 PM

First Time Log-In for Converted Users

  • A converted user is a user who exists in Retail Online Banking or Business Online Banking that we are migrating to Q2
  • Here are the first-time log-in steps for a converted user


  1. When a Retail converted user logs-in the first time they will enter their current OLB username and a temp password of current username and last 4 of their social (ex: jsmith1234)
  2. When a Business converted user logs-in the first time they will enter their current OLB username and a temp password of current username and their previous password
  3. They will be presented with a secure access codeto verify they are who they say they are.
    • This can be sent in an email, text or voice call.
    • TIP- If a customer’s SAC targets are outdated, we can enter a correct target into Co-Pilot or User Management AFTER the customer has been appropriately validated
    • TIP- A customer can only receive a text message if their phone number is in the mobile phone field in Cleartouch. If the phone number is in any other field only a voice call will show as an option
      • Once the customer logs in they can add a text option under Settings à Manage 2-Factor Authentication à Add SMS Text
    • Once they receive the code, they will enter it and move to the next step
  4. They will set their new password. 
    • The new password must be a minimum of 8 characters and maximum of 30, with lower, upper, special characters and numbers.
    • We highly encourage customers to set a new password from their current OLB password.
  5. They can choose to register the device or not.
    • If they register, they are “trusting: the device and will not have to enter a SAC code when they log in from that device.
    • Registering is device specific so if they register their computer and log into the mobile app they will be presented with a SAC until they register their mobile device.
  6. Once they are fully logged in, they will review their accounts to ensure they are all presenting as expected.
  7. They should also review their recurring transfers and for FFL only, their external transfer accounts to ensure everything is as expected.
  8. If they are currently using Bill Pay, eStatements or Card Hub they can review to ensure they can still access those products.
  9. All users will need to enroll in their preferred Account and Security alerts in Q2.
    1. Account alerts are things like balance alerts, transaction alerts, card alerts etc. These are set up through a Notifi SSO so the alerts are in real-time
    2. Security Alerts are things like your online banking password has changed, someone has logged into your account etc. There are


Duplicate Usernames


  • In some cases an existing user may have had a username that was considered a duplicate username when loaded into Q2. The customer was still imported into Q2 but we need to set a new username for them
  • When you search for a customer and their log-in section says 0 log-ins
    • Select the plus sign to add a new username for the customer
    • Add a new username between 6-30 characters long and then set a temporary password for the user and hit sav
    • Then provide the customer their new log-in and username and they will be able to complete the log-in process

 

SAC Code

  • What is a SAC Code?
    • A SAC code is a secure access code that is a 6 digit code sent via text, voice call or email that a customer must input to log-in or complete certain tasks.
    • TIP- A few other areas will also require a SAC code. These are areas we’ve deemed high risk so want to put extra verifications in place, an example of this is the real time address change form
  • Why do we require one?
    1. It is an extra layer of security that we are ensuring customers are who they say they are when they log-in
    2. TIP- we will also have a tool called Patrol that will learn a users behavior over time, if the system feels that the customer may not be who they say they are it will promot them for a SAC code as well. A few examples of what it tracks/learns is a customers typical geolocation, IP address, time of day etc. that they are access OLB.
  • How can a customer get a SAC code?
    1. At conversion they can receive a code via email, text or phone call.
    2. TIP- if they are receiving a text message, they are sent from number 86434 you can ensure that they are not entering that in as the SAC code.
    3. After 30 days we will be removing the email option as it is not as secure as the other options
      • We will be prompting customers to add in a text or phone call target before we remove email.
  • How long are SAC codes good for?
    1. They are valid for 15 minutes after they are sent and then they expire.
  • Can we view a customer’s SAC codes?
    1. Yes, we can view these in the backend of the system and what status the code is in: expired or active.
    2. TIP- NEVER give a customer a SAC code over the phone and do not ask them for the SAC either.
      • A fraudster could be impersonating someone, so we never give a SAC code over the phone.
      • We can confirm if a code is expired or not and if their targets are accurate but do not pass SAC codes to the customer or ask them for one either.
  • Can we add a SAC Target for a customer?
    • Yes, we encourage the customer to manage their own SAC Targets but there may be cases where we need to assist and add a SAC target for the customer.
    • TIP- Only assist with adding a SAC Target AFTER you have verified the customer according to your bank procedures 
    • In Co-Pilot-
      • Pull open the customer and then select the User level --> PLus sign on the Secure Access Code Level
      • Select the type of Target you are adding
      • Add the target and hit save
      • TIP- only add 1 Target and direct the customer to Settings --> Multifactor Authentication to complete any additional clean-up/additions that they want to make
    • Adding a SAC Target from User Management
      • Open the customer and select the user level --> three dots on the right --> Edit User Profile
        • On the right select the plus sign next to Secure Access Contacts
          • Select the type of Target you are adding
          • Add the target and hit save
          • TIP- only add 1 Target and direct the customer to Settings --> Multifactor Authentication to complete any additional clean-up/additions that they want to make

 



New User Enrollment- Retail

  • We have an end-to-end enrollment form for retail users that allows them to enroll into Q2 without any intervention from our staff.
  • The enrollment form asks for 4 pieces of information that validates against the core:
    1. Last Name
    2. Social Security Number
    3. Birthday
    4. Zip Code
    5. Requested Username- validated against existing users to ensure it is not a duplicate.
  • If the customer enters any information that does not match the core, they will receive an error message.
  • The AlloBaaS Team receives a message when this occurs and will pass that along to the bank to review with the customer and help them get enrolled.
  • Common issue is a wrong zip code if their address is not up to date on the core.
  • Once the customer has been validated, they will receive a SAC code to a target we have on the core.
  • After the SAC code is submitted, they will set their password for the system.
    1. The password must be a minimum of 8 characters and maximum of 30, with lower, upper, special characters and numbers.
  • Next, they can choose to register the device or not.
    1. If they register, they are “trusting: the device and will not have to enter a SAC code when they log in from that device.
    2. Registering is device specific so if they register their computer and log into the mobile app they will be presented with a SAC until they register their mobile device.
  • Once they are fully logged in, they will review their accounts to ensure they are all presenting as expected
  • They can then enroll in any add-on services like eStatements, Bill Pay, SavvyMoney etc.

 

Common Log-In Issues

  • A customer may occasionally have issues logging into the system, common issues are:
    1. Forgotten password.
    2. Locked Out from entering password wrong.
    3. Forgotten username.
  • Customers are able to self-service the most common log-in issues.
    1. Forgot Password
      • They can use the Forgot Password link to reset their password by:
        • Entering their username
        • Entering a SAC code
        • Entering a new password
        • A screenshot of a login form

Description automatically generated
      • If a customer is struggling with the self-service forgot password, you can assist them through Q2 Console
        • Search for the customer either in Co-Pilot or User Management
        • Once you have the customer pulled up, select their log-in
        • Then select Send Password Rest to their preferred target.
        • The customer will receive a temporary password at their target to input and then the system will prompt them to change their password.
    2. Locked Account
      • A user will lock their account if they enter their password wrong 3 times.
      • They can unlock themselves by selecting Unlock Account from the log-in screen.
        • A screenshot of a login screen

Description automatically generated

        • Then they will enter their last name, SSN, date of birth, zip code and their username.

        • A screenshot of a recovery form

Description automatically generated

        • Then they will follow the prompts to unlock the account and be able to log in again
        • We can also assist the customer by finding their account in Console, going to their login, and then selecting Unlock Password
        • A screenshot of a computer

Description automatically generated

 

  • Then the customer can continue logging in if they know their password or, select forgot password and set a new one.

 

  1. Forgot Username
    • If a customer has forgotten their OLB username they can recover it by selecting Forgot Username from the log-in screen
      • A screenshot of a login box

Description automatically generated
    • Then they can input their mobile number, last name, SSN, date of birth and their zip code.

    • A screenshot of a computer

Description automatically generated
    • If all of the information validates, they will be sent their username to their mobile device via text message.
    • If a customer is struggling with the process, you can assist them by walking them through the forgot username form.
    • As a last resort, if the customer cannot get through the form AND you have verified the customer via your banks policies, so you have confirmed they are who they say they are, then find them in Console and provide them their username[MA3] .
    • Please ensure to follow your validation procedures before resetting any passwords or giving out any login credentials over the phone as fraud is high in the digital online banking world





Was this article helpful?

That’s Great!

Thank you for your feedback

Sorry! We couldn't be helpful

Thank you for your feedback

Let us know how can we improve this article!

Select at least one of the reasons
CAPTCHA verification is required.

Feedback sent

We appreciate your effort and will try to fix the article