What is Second Level User Authentication and how it is going

to add security to DBankOnline Customer Account

In order to introduce more controls and security for our DbankOnline services, we
are introducing Second level user authentication is an additional step before
allowing any customer to access his/her account information. Currently Dbank
online account can be accessed with one level of User authentication which is the
login screen where customers enter their user id, customer number and password.
Second level user authentication will challenge customer after providing
successful credential to the first level. The challenges are nothing but set of
questions based on customer information already available with the bank.
Customer will have to provide the proper information which will be validated
against the information available with the bank. Incase information is proper and
matching then only customer will be allowed to see his/her account information.
As part of this step, customer will be asked each time different questions which
makes it more secure to access account information.
We have introduce 2nd level as well as 3rd level, these levels are called Type-1
User Security Challenges and Type-2 User Security Challenges
Read more on what are type-1 and type-2 challenges

What are Type-1 and Type-2 User Security Challenges?

Type-1 and Type -2 user security challenges are set of questions,
Type-1 user security challenges, customer does not need to configure or define
any question and related answer as all questions and related answers are based on
existing information available with the bank. This is mandatory a step as part of
user authentication and each time customer login into DBankOnline account will
have to provide answer to one of the question. System will ask one question at
any given time.
Type-2 User security challenge, this is not a mandatory step as part of this,
customer can select one of the questions available and can provide his own
answer to the selected question. Customer can define and enable this step any
time. While defining, customer will have to choose minimum three questions. If
typ-2 challenges are also selected and defined, then there will be three layers
before reaching to customer account information as follows
o User Login Id, Customer number and Password
o Type-1 challenges based question and related answer
o Type-2 challenges based question and related answer
The only difference between Type-1 and Type-2 user security challenges is that
Type-1 are predefined whereas for Type-2, customer is given flexibility to select
any question and his own answer.
NOTE: Please note that system will ask only one question for Type-1 or Type-2 user
security challenges randomly each time customer login into DBankOnline Account

To get more details on how this process will work once activated, we have provided the
screen shots for easy reference and information.

DBankOnline User authentication and Login Process

Once Second level Security is Activated
Step 1 - Login Screen this is same step currently available and user will continue using
same UserId, customer number and password.

Type (1) Challenges Default and Mandatory Challenges

Step 2: after successful authentication of the user from step -1, customer will be
redirected to the Type-1 User Security Challenges Screen.
Type-1 is default and mandatory challenges step which means that customer will have to
answer one question which system will be automatically and randomly selected by the
system from existing customer information.
Important Note:
We have not provided question screen here in this document.
Customer will be prompted for different question in case of wrong attempts. After
three unsuccessful attempts, customers DBank Online account will get blocked
temporarily with a message as per below screen.

In the event of above, customer can call our 24X7 call center at 4456000 to request for
reactivation of his/her DBank Online account or can contact his/her branch

Type (2) Challenges User own Challenges configuration

After successful authentication process of login and Type -1 User Security Challenges,
customer will be prompted/asked to define Type - 2 challenges by default as per below
screen. As it is optional step however we recommend customers to define this as 3rd
security factor.

YES button means It will redirect to the CHALLENGES configuration/definition page

NO button means It will redirect to the account summary balance screen, however
customer can configure Type-2 user security challenges any time by opting this service
from user profile option from within DBank Online after successful login.

Incase customer selects YES he/she you will be taken to below screen to select
minimum three questions and related questions, customer can choose any question and
can provide any answer to the selected question.

Customer is free to select any question and provide associated answer however minimum
three questions must be defined. Please note that system will not allow you to have same
challenges and answer define twice therefore you will have to select different questions.
Note: Type-2 challenges are an optional step as part of security enhancements. However
Doha Bank recommends to define these for better security and controls for your own
account.

Once customer has defined and configured Type-2 user security challenges, next time
when he/she will use DBank Online, system will prompt three stages for as part of user
authentication as below
1.
2.
3.

Login (User ID, Customer Number and Password)

Type -1 User Security Challenge (Default and mandatory Challenge)
Type - 2 User Security Challenges (Customer own selected and defined
challenges). This is an optional step.

Note: Customer can also deactivate, activate or change answer to the already
selection questions for Type-2 User Security challenges to know how please see
below instructions.

User Preferences
An option for users to activate or deactivate Type-2 User
Security Challenges
Registered Users once login into DBank Online will have an option which will allow
users to Activate or Deactivate or reset or change Type-2 User security related questions
and respective answers. Following are the options available within User preference
screen which can be accessed using menu items of DbankOnline.
What are the options and features?
1. Activate If activated, User will be prompted to configure own challenges and
related answers. On Activation, an SMS will be send to the users registered
Mobile number and an Email will be send to the users registered email address.
2. Deactivate On Deactivation, an SMS will be send to the Users registered
Mobile number, an Email will be send to the Users registered email address and
user will not prompted for user own defined challenges.
3. Change On change, user will be prompted to change his challenge or respective
answer.
4. Reset On reset, all previously user own defined challenges will be deleted and
user will be prompted to re configure challenges once again.

Thank you for taking time to know about second security layer and related information.

If you have any queries/suggestions please call us on 24/7 Helpline at 445 6000