23.2 Terms and conditions

The Terms and Conditions and Terms and Conditions Template options in the Issuance Settings section of the credential profile determine whether the cardholder must read and sign a set of terms and conditions before activating their card.

• Terms and Conditions

  Select one of the following options:

  • Explicitly Confirm – the applicant must click a button to signify that they accept the terms and conditions.
  • Silently Confirm – the applicant is presumed to accept the terms and conditions by activating the card. The acceptance is audited and signed.
  • Simple Confirmation – as for Explicitly Confirm, but the applicant must accept the terms and conditions before specifying a new PIN for the card.
  • Counter Sign – as for Explicitly Confirm, but the operator must also enter their card's PIN to sign the terms and conditions with both the cardholder's and operator's credentials.
  • Counter Signed and Witnessed – as for Counter Sign, but an additional operator must act as a witness and enter their card's PIN to sign the terms and conditions with the cardholder's, operator's, and witness's credentials. The witness's role must allow them to witness the operation.
  • None – the applicant does not have to agree to terms and conditions to activate their card.

  You can amend the terms and conditions that users agree to when they activate their cards. See section 11.6, Customizing terms and conditions for details.

  Note: You can also configure MyID to require users to sign terms and conditions when updating cards that have credential profiles that require them to sign terms and conditions when activating. See the Terms and Conditions During Device Update option in section 29.2, Devices page (Operation Settings).

  For explicit, silent, and countersigned terms and conditions, when the user accepts the terms and conditions, the acceptance is digitally signed using a signing certificate on the credential being issued. This means that if you are using these types of terms and conditions, you must make sure that you have configured a certificate for signing in the credential profile.

  Important: You must make sure that the MyID application server trusts the issuing CA (that is, the CA is in the trusted root store) and can access the Certificate Revocation List (CRL) for the CA for each certificate in the signing certificate's chain.

• Terms and Conditions Template

  For activations carried out using the Activate Card and Assisted Activation workflows, select a template from the Terms and Conditions Template drop-down list.

  See section 11.6, Customizing terms and conditions for details.

23.2.1 Known issues

• IKB-321 – Error -99900041 reported when CA CRL is not accessible

  If the CRL is not accessible when signing terms and conditions, Error -99900041 is displayed. (Failed to communicate with MyID server. The application will now exit.). Check configuration steps required have been completed and that the CRL is accessible by the MyID Server.