23.2 Terms and conditions

The Terms and Conditions and Terms and Conditions Template options in the Issuance Settings section of the credential profile determine whether the cardholder must read and sign a set of terms and conditions before activating their card.

• Terms and Conditions

  Select one of the following options:

  • Explicitly Confirm – the applicant must click a button to signify that they accept the terms and conditions.
  • Silently Confirm – the applicant is presumed to accept the terms and conditions by activating the card. The acceptance is audited and signed.
  • Simple Confirmation – as for Explicitly Confirm, but the applicant must accept the terms and conditions before specifying a new PIN for the card.
  • Counter Sign – as for Explicitly Confirm, but the operator must also enter their card's PIN to sign the terms and conditions with both the cardholder's and operator's credentials.
  • Counter Signed and Witnessed – as for Counter Sign, but an additional operator must act as a witness and enter their card's PIN to sign the terms and conditions with the cardholder's, operator's, and witness's credentials. The witness's role must allow them to witness the operation.
  • None – the applicant does not have to agree to terms and conditions to activate their card.

  You can amend the terms and conditions that users agree to when they activate their cards. See section 11.6, Customizing terms and conditions for details.

  Note: You can also configure MyID to require users to sign terms and conditions when updating cards that have credential profiles that require them to sign terms and conditions when activating. See the Terms and Conditions During Device Update option in section 30.2, Devices page (Operation Settings).

  For explicit, silent, and countersigned terms and conditions, when the user accepts the terms and conditions, the acceptance is digitally signed using a signing certificate on the credential being issued. This means that if you are using these types of terms and conditions, you must make sure that you have configured a certificate for signing in the credential profile.

  Important: You must make sure that the MyID application server trusts the issuing CA (that is, the CA is in the trusted root store) and can access the Certificate Revocation List (CRL) for the CA for each certificate in the signing certificate's chain.

• Terms and Conditions Template

  For device operations that use the HTML template method for their terms and conditions document, select a template from the Terms and Conditions Template drop-down list.

  See section 11.6, Customizing terms and conditions for details.

23.2.1 Viewing audited terms and conditions

When the terms and conditions are accepted, and the signing event takes place, an audit record is created to capture the event and the signing detail. You can see this acceptance in the Audit Reporting workflow;, select the audit record created by the activation process and locate the audit trace record:

"User: [target user logon name], card [device serial number], accepted terms and conditions"

If the Assisted Activation workflow has been used, and the system is configured to store terms and conditions (see section 11.6.6, Storing signed terms and conditions) a link to the information displayed is included. Technical detail is held within the audit trace record:

"Validated data signed by [target user logon name]"

Double-click on this row to open the detailed view. Click View Data to show the signing details.