4.8 Witnessing a transaction

Some operations may be configured to require a witness before the operation is completed.

Witnessing requires a second user who has permission to witness the operation.

Note: The witness does not need the target user account or the operator user account to be within their scope.

By default, witnessing is only enforced when a credential profile requires validation and an attempt is made to issue, update or cancel in a single operation. If you want to use witnessing in other areas of MyID, contact Intercede support referencing SUP-91.

When a witness is required for a transaction, both the user who initiates the transaction and the witness must have signing keys on their cards. The Client Signing option – see section 30.1, Logon page (Security Settings) – must be set to Yes.

To witness a transaction:

1. The Select Witness screen appears.

   You cannot witness a transaction if you initiated it.

2. Remove your card, and insert the card of the witness.

   

3. The witness must type their PIN, then click Confirm.
4. Remove the witness card and insert the original card.