To prevent the outliers' access to the client confidential information by the “My Business Online” system and to viewing data communication or modification the multilevel architecture of the safety system is used. It includes:
The “My Business Online” system identifies a user by their login, system password, private key and its password or OTP code. To prevent an illegal access to your confidential information do not disclose your credentials to other persons.
When you login for the first time with these essentials the “My Business Online” system automatically initiates the process of generation of new private key (in case of operations confirmation by digital sign). For safety considerations change of password is required.
Later on the “My Business Online” system from time to time insistently advises a user to generate a new private key on the expiry of the previous one.
The “My Business Online” system registers all attempts to change or to guess the login password.
The private key will be generated during your first login.
Keeping this information on the external media device ensures not only protection of your confidential information in the “My Business Online” system but also assures the safety of private keys at sudden failures of your computer.
At the generation/regeneration of the private key it’s necessary to specify the path to the media device from which the primary data was read.
Do not keep the external media device with your private key together with login and passwords. In case of loss other people can use this information for their needs.
If you are distracted from the computer when the system is running without logging out, an outlier may be provoked to use the situation …
Do not forget to extract the external media device as soon as you finish working with the “My Business Online” system – this information may be used by unauthorized persons, it may be irretrievably lost or damaged when using other applications.
The security of data exchange while operating via the internet is assured by accurate mutual authentication of data exchange participants.
The client application sends to the server a connection request which is signed with the digital signature (or electronic signature) of the user; after that the crypto-safety libraries form required private parameters and keys and confirm setting a connection. So, every connection has its unique parameters and makes it possible to identify data exchange participants definitely.
The data exchange can be launched only after the establishment of cryptographic connection between “Client” and “Server” units. All the data exchange between the client and the system server, including sending to the server the client authentic authorities (passwords) for registration and access to the data and operations, is performed in the encrypted mode. Operations of the data encryption/decryption are provided by the crypto safety libraries and performed on the application layer during the data preparation for sending to the bank.
Subject to the mode of operation mentioned in the agreement for the connection and service of the “My Business Online” system client, a user may be provided with a full or restricted access to the system menu, accounts, and rights for carrying out operations or for viewing information only.
The limitation of rights may be also stipulated. For example, a user has the right to prepare documents but not to sign them.
To change the user rights it’s necessary to contact the system administrator in the bank.
Before you started working with the “My Business Online” system, you were given the login and the first-time password by the electronic communication channels.
If you do not have electronic messages with the credentials, please, contact the “My Business Online” system administrator on the telephone number specified in the bottom left corner of the login page, in order to define your account parameters.
Attention! If the password you entered appeared to be invalid do not try to guess it, this will result in blocking of your account. If the password is invalid contact the “My Business Online” system administrator at the number specified in the bottom left corner of the login page in order they provide you with a temporary password. After logging in using a temporary password you will be able to change it for more convenient. For this in the menu select Settings, from the list of available operations switch to the Change password form, in the Current password field enter a temporary password provided by the administrator, in the New password field enter the desired password that will be used for loggin into the system.
Attention! If the password you entered appeared to be invalid do not try to guess it, this will result in blocking of your account. If the private key password is invalid contact the “My Business Online” system administrator at the number specified in the bottom left corner of the login page in order they provide you with a rescue password. After that you should start the procedure of certificate recovery:
In case of losing private keys or certificates you have to contact the “My Business Online” system administrator at the number specified in the bottom left corner of the login page in order they provide you with a rescue password required for the procedure of certificate recovery. Then you can start generation of request for new certificates and keys:
For Google Chrome:
For Opera:
For Firefox
For IE