User

Compliance Officers can add, disable and edit users within their organisation.

Advanced Users, Standard Users, Billing Officers and Data Entry Operators can view and manage their own profiles only.

Auditors can view the list of users, user details, and assigned access rights.

Manage Users¶

In the Administration > User subsection the Compliance Officer can:

Search, edit and add users associated with your organisation
Disable and enable user accounts
Unlock user accounts
Reset passwords
Enable multi factor authentication during user logins
Edit user profiles within your organisation and any sub organisations including:
- User Details
- Password
- Access Rights
- Assigned Organisations
Edit your user profile, including your personal details, password and security Question and Answer.

By default all users associated with your organisation is displayed.

Search User¶

The User List displays all users, for the organisations to which you are assigned.

If there are many users in the list, you can use the Go To Page to jump to a specific page, or the First, Previous, Next and Last buttons to locate a particular user.

If the User List has many results and pages, you can filter it to locate a particular user by entering information into any of the following fields:

Field	Description
Username	Enter all or part of a Username.
First Name	Enter all or part of the First Name.
Last Name	Enter all or part of a Last Name.
Email	Enter all or part of an Email address.
Organisation	Select from the drop down list. If blank, defaults to all organisations to which you are assigned. Compliance Officers are able to view associated organisations which have been disabled.
Role	Select from the drop down list: blank (defaults to all), `Compliance Officer`, `Advanced User`, `Standard User`, `Billing Officer` or `Data Entry Operator`.
Status	Select from the drop down list: `All` (default), `Enabled` or `Disabled`.

Click the Search button to filter the entered criteria. Users matching the search criteria are displayed in User List.

Select a User from the User List. The User Details for the highlighted user are displayed.

Select the Access Rights or Assigned Organisations tabs to view further details for the selected user.

To clear the search criteria and search again, click the Clear button.

User Profile¶

Users for your organisation and any sub organisation are displayed in the User List.

User Details¶

Security Question and Answers visible to the individual only

You will only be able to view your own security Question and Answer. When you view the User Details of other users, their security Question and Answer fields will not be visible.

Compliance Officer View¶

The User Details tab allows the Compliance Officer to edit the following details, for the user selected from the User List:

Field	Required	Description
First Name	Mandatory	Staff member's first or given name.
Last Name	Mandatory	Staff members's last or surname. If staff does not have a last name, enter a dash `-`.
Address	Optional	Staff member's office branch address.
Postal Address	Optional	Staff member's office branch postal address.
Phone Number	Optional	Staff member's phone number. Free format.
Fax Number	Optional	Staff member's fax number. Free format.
Username	Mandatory	Unique username for staff member.
Password	Optional	Password for staff member. To reset password for user, click Reset Password button at the bottom of the screen. If creating a new user account, leave Password fields blank. Alternatively, to set a specific password for the user, you can enter password here. Password should be between 8 - 32 alphanumeric characters required with at least 1 upper case letter, 1 lower case letter, 1 number and 1 symbol. Password must be different to the last 4 passwords to prevent password recyling.
Confirm Password	Optional	Same as above
Email	Mandatory	The official company email address of staff member.
User Role	Mandatory	Options are: `Data Entry Operator` `Billing Officer` `Standard User` `Advanced User` `Compliance Officer` - only one per organisation
User Status	Optional	Options are: `Enabled` (default) `Disabled`
Question	Recommended	Visible only when editing your own profile. Select from a list of available questions.

Scan notification emails to Compliance Officer

All notifications of scans performed for the organisations are emailed to the Compliance Officer. An alternative Organisation Email can be nominated to receive these scan notification emails.

Refer to Administration Organisation for details.

Non-Compliance Officer View¶

For other users (Advanced User, Standard User, Billing Officer, Data Entry Operator), the User Details tab allows the user to edit the following details of their profile:

Field	Required	Description
First Name	Mandatory	Staff member's first or given name.
Last Name	Mandatory	Staff members's last or surname. If staff does not have a last name, enter a dash `-`.
Address	Optional	Staff member's office branch address.
Postal Address	Optional	Staff member's office branch postal address.
Phone Number	Optional	Staff member's phone number. Free format.
Fax Number	Optional	Staff member's fax number. Free format.
Username	Display only	Displays the unique username for staff member.
Password	Optional	Password for staff member. Between 8 - 32 alphanumeric characters required with at least 1 upper case letter, 1 lower case letter, 1 number and 1 symbol. Password must be different to the last 4 passwords to prevent password recyling.
Confirm Password	Optional	Save as above
Email	Mandatory	The official company email address of staff member.
User Role	Display only	Displays one of the following: `Data Entry Operator` `Billing Officer` `Standard User` `Advanced User`
User Status	Display only	Displays current status of the account e.g. `Enabled`
Question	Recommended	Select from a list of available questions.
Answer	Recommended	Answer to the security Question. Please enter an answer which you will remember and is known only to you.
API Access Key	Optional	If API has been enabled for your organisation, you can generate an API key.

Non-Compliance Officers cannot change Username, User Status or User Role

Non-Compliance Officers cannot change Username, User Status or User Role. If changes to these details are required, contact your organisation's Compliance Officer to change on your behalf.

Access Rights¶

You can assign and remove MemberCheck access rights to features for the User selected in the User List. The access rights displayed are those available for the user's particular role. All access rights are selected, by default, when the user is set up.

Changing own access rights

Compliance Officers are unable to change their own access rights and should contact MemberCheck Support, if changes are required.

This table shows the default Access Rights applicable to each User Role:

Feature	Compliance Officer	Advanced User	Standard User	Billing Officer	Data Entry Operator	Auditor
Run member scans	Yes	Yes	Yes	No	Yes	No
Run corporate scans	Yes	Yes	Yes	No	Yes	No
View scan results	Yes	Yes	Own scans	Yes	No	Yes
Perform due diligence	Yes	Yes	Own scans	No	No	No
View reports	Yes	Yes	Yes	Yes	No	Yes
User management	Yes	Own profile	Own profile	Own profile	Own profile	Read only
Organisation management	Yes	Read	No	No	No	Read only
Data management	Yes	No	No	No	No	No

Assigned Organisations¶

The Assigned Organisations tab allows you to assign and remove access to organisations, for the user selected in the User List.

Each organisation can have only one Compliance Officer assigned, which means that you cannot assign a user with the user role of Compliance Officer to an organisation that already has a Compliance Officer. To change the Compliance Officer you must first remove the existing Compliance Officer, listed under the Users tab.

Edit User (Compliance Officers)¶

Compliance Officers will see a list of users associated with their organisation.

Advanced Users, Standard Users, Billing Officers and Data Entry Operators will see their own profile only and are unable to view or change Access Rights or Assigned Organisations.

User Details¶

The following are applicable for Compliance Officers only.

Search and select the User you want to edit from the User List. Ensure that the record is highlighted in the list.
The User profile details are displayed below the list.
Compliance Officer viewing own profile:
Compliance Officer viewing other user's profile:
Click the Edit User button. The view is changed to edit mode, which enables you to edit the user profile.
Update the relevant information for the user or your own profile.
Changing Security Question
When viewing your own profile, the Answer field is blank and does not display previously entered Answers for security reasons. It is only if you select a different Question that the Answer field becomes mandatory and displays text as you enter them. Once you click the Accept button the contents for Answer will be hidden.
Whilst in edit mode, click on the other tabs to view and edit Access Rights and Assigned Organisation details.
If no further changes are required, click Accept when all changes are done.

Access Rights¶

The following are applicable for Compliance Officers only.

Click the Access Rights tab.
Select or de-select the adjacent checkboxes to the features to enable or revoke access to features.
Note
Availability of features and access rights are based on User Role. If a feature is not visible for selection for the user, check the User Role selected in User Details.
Whilst in edit mode, click on the Assigned Organisation tab to view or edit details.
If no further changes are required, click Accept when all changes are done.

Assigned Organisations¶

The following are applicable for Compliance Officers only.

By default, all organisations in your associated organisation hierarchy are displayed.

You can jump to a specific Organisation based on the name in the alphabet index above the list of organisations.

Assign user to an organisation

Click the Assign button adjacent to the organisation in the All Organisations list.
The organisation will be moved to the Organisations of User list.

Remove user from an assigned organisation

Click the Unassign button adjacent to the organisation in the Organisations of User list.
The organisation will be moved from the Organisation of Users list to the All Organisations list.
If no further changes are required, click Accept to update the User profile.
Confirmation of the update is displayed in an Info dialog box. Click OK to close.

Edit User Profile (by non-Compliance Officer)¶

The following are applicable for Advanced Users, Standard Users, Billing Officers and Data Entry Operators.

Select User from the Administration section of the Main Menu or username link in top right banner.
Click the Edit User button. The view is changed to edit mode, which enables you to edit your user profile.

Update the relevant information for your profile.
Changing Security Question
When viewing your own profile, the Answer field is blank and does not display previously entered Answers for security reasons. It is only if you select a different Question that the Answer field becomes mandatory and displays text as you enter them. Once you click the Accept button the contents for Answer will be hidden.
If no further changes are required, click Accept when all changes are done.

Add New User¶

The following are applicable for Compliance Officers only.

Adding new Organisation with new User

If you are creating a new suborganisation with new users, you must create the Organisation first. Once the Organisation has been created, you can then create your new users and assign them to the new suborganisation.

The system will not allow a user account to be created without being assigned to an organisation. Failure to do so will result in the system prompting you with errors.

To add a new user, you must set up and assign the following for the user:

Add User Details
Select User Role and check Access Rights
Add to Assigned Organisations

Add User Details¶

Click the Add User button at the bottom of the page.
A blank user profile is created.

In the User Details tab, enter the following details:

Field	Required	Description
First Name	Mandatory	Staff member's first or given name.
Last Name	Mandatory	Staff members's last or surname. If staff does not have a last name, enter a dash `-`.
Address	Optional	Staff member's office branch address. Free format.
Postal Address	Optional	Staff member's office branch postal address. Free format.
Phone Number	Optional	Staff member's phone number. Free format.
Fax Number	Optional	Staff member's fax number. Free format.
Username	Mandatory	Unique username for staff member.
Email	Mandatory	The official company email address of staff member.
User Role	Mandatory	Options are: `Data Entry Operator` `Billing Officer` `Standard User` `Advanced User` `Compliance Officer` - only one per organisation `Auditor` - third party auditor Only 1 Compliance Officer can be assigned to the organisation or suborganisation. Multiple Auditors can be assigned to an organisation.
User Status		Defaults to `Enabled` (default)
Password	Optional	Password for staff member. Leave Password fields blank for user to specify their own password on first login. An email will be sent to the user to prompt them to complete the account set up. Alternatively, to set a specific password for the user, you can enter password here. No email notification will be sent to the user.
Confirm Password	Optional	Save as above

Check Access Rights¶

Click the Access Rights tab.
Depending on the user Role selected, the following options are available for selection:
Compliance Officer role:
Advanced User roles:
Standard User roles:
Billing Officer role:
Data Entry Operator role:
Auditor role:
A new user has all access rights that are available for their particular user role pre-selected by default.
Select or de-select checkboxes to give the user the appropriate access rights to features within their role.

Assign to Organisation¶

Click the Assigned Organisations tab.
Click the Assign button adjacent to the organisation in the All Organisations list to which you want to assign the user.
The organisation will be moved to the Organisations of User list. Repeat until you have assigned the user to all the appropriate organisations.
Once you are happy with the details you have entered and selected in the new user profile, click the Accept button.
The new user will be added and displayed in the User List.
Confirmation of the User profile update is displayed in an Info dialog box. Click OK to close.

Reset Password¶

Select the User from the User List.
Click the Reset Password button.
A message prompt will appear to confirm reset of user's password. Confirmation of password reset will trigger an email notification to the user to set their new password. The current password will be invalid and the user will not be able to gain access to the account until they complete the password reset process.
Click OK to confirm, or Cancel to return to the screen.
The password reset link will be valid for a preset period of time (usually less than 24 hours). It is recommended the user is able to commence the password reset period before resetting the user password.
Confirmation of the password reset process is displayed.

Change Password¶

This feature is available for the Compliance Officer to set a specific password on behalf of a user under exceptional circumstances. It is recommended where possible that password reset is initiated for the individual to complete the password set up themselves.

Select the User from the User List.
Click the Edit User button.
Enter the new password in Password .
Password requirements
Passwords should be:
- At least 13 characters
- Contain an uppercase letter
- Contain a lowercase letter
- Contain a number
- Contain a symbol
- Different to the previous last 4 passwords.
Click the "peek" icon in Password to confirm the new password has been typed in correctly.
Click the Accept button to save changes.
Confirmation of the User profile update is displayed.

Multi Factor Authentication¶

All users can opt-in to enable MFA to increase the protection of their login by enabling a time based unique verification code during logins. This can can be enabled after successful login.

Compliance Officers can enable or disable MFA on behalf of other users within their organisation.

To set up MFA for your own account:

Click on your username in the top right of the application banner.
Click Edit User button to enable editing of your profile.
Select from the MFA drop down list to select Email or Virtual MFA Device.
If Email was selected, you will be prompted to enter the unique time based verification code, sent to your registered email. A countdown timer is displayed to indicate the life of the verification code.
If Virtual MFA Device was selected, a unique QR Code will be displayed along with the Secret Key to set up in the authenticator app such as Google Authenticator or Microsoft Authenticator.
Enter the numerical verification code in the email or from the authenticator app.
If the code is correct, MFA will be activated for your account.

To set up MFA for another user (available for Compliance Officers only):

Click on the user record within Administration > User.
Click Edit User button to enable editing of the user profile.
Select from the MFA drop down list to select Email or Virtual MFA Device.
Click Accept to save changes.
The next time the user logs in to the service, they will be prompted for a Verification Code.
If Email was selected, the user will need to check their email for the time based unique verification code.
If Virtual MFA Device was selected, the user will be displayed a QR Code along with a Secret Key to set up in the authenticator app such as Google Authenticator or Microsoft Authenticator on first login.

To disable MFA, simply repeat the steps above and select Disabled in the drop down list.

Disable or Enable User¶

The following are applicable for Compliance Officers only.

If you wish to prevent a user from being able to login and access MemberCheck or would like to suspend the user access, you can disable the user's account. To return access to the user you can enable the user's profile.

Search and select the User from the User List.

The User details are displayed below and the Status column indicates if the user is enabled or disabled.

Disable User Account

Select the user from the User List and click the Disable User button.
A confirmation dialog is displayed. Click OK in the dialog box to confirm that you want to disable the selected user.
The status of the user in the User List and the User Details is changed to Disabled.

Enable a Disabled User Account

Select the user from the User List and cClick the Enable User button.
A confirmation dialog is displayed.
Click OK in the dialog box to confirm that you want to enable the selected user.
The status of the user in User List and the User Details is changed to Enabled.

Change Own Security Question & Answer¶

You can only change the security Question and Answer for your own profile.

Locate your user account and select it from the User List or click on your username at the top right of the MemberCheck banner.

Your user profile is displayed.

Click the Edit User button.
If you want to change your Question, select a new one from the drop down list.
For security reasons, previously entered Answers are not displayed.
Enter an Answer to the Question displayed above. Alternatively, you can reset your Answer to the same Question.
Pick an answer you can remember
Your answer should be one that is easy for you to remember but difficult for others to guess.
Click the Accept button to save your changes. Alternatively, click the Cancel button to exit the profile without saving any changes.
Confirmation of the User profile update is displayed in an Info dialog box. Click OK to close.

Locked User Account¶

To secure access to user accounts, multiple unsuccessful attempts to login to an account will trigger a locked out for a period of time.

Once the account is locked, the user can wait for a period of time as indicated on the login page before trying again, or request assistance from their Compliance Officer or MemberCheck Support.

Alternatively, the Compliance Officer can unlock the user's account and reset the password on their behalf to enable them to login and change their password and reset their Security Question and Answer.

Unlocking a Locked Account¶

The following are applicable for Compliance Officers only.

Search and select the user with the Status Locked to view details .
Click Unlock User button and click OK to confirm action in the prompt.
Optionally, to reset the user password, click Edit User button and set new password for the user in Password and Confirm Password.
If successful, the user account is unlocked and should be able to login again with the new password.