An organization that has received an online Power of Attorney from a Principal (usually an accounting firm).
The Agent's Master User, who maintains the online contact with the Principal (usually the Master User of an accounting firm).
An authorization means that an organization has granted the rights of representation, or restricted rights of representation to a physical person or to another organization. Katso Authorizations are comprised of Roles. The Roles specify the extent of representation, and the matters that are subject to representation by the authorized party. The default value for the duration of an authorization is 'indefinitely', however, master users can specify a limited duration as necessary.
Recipients of authorizations should have a valid Katso ID or a sub-ID within the organization granting the authorization. Whenever another organization is the recipient, there should be a Master User in the receiving end. Similarly, it should be noted that authorization can only be granted by Master Users. The recipient is expected to approve the received authorization before it becomes effective. The Katso management interface has specific windows designed for granting, cancelling, approving and rejecting authorizations.
|Initialized Katso ID
At setup, a new Katso ID can be initialized specifically for a future user. After this, a message will be forwarded to the user either just to inform him or her about the existence of the Katso ID or to deliver the entire ID package (User ID, Password, and List of One-Time Passwords). Then the user should activate the Katso ID. After activation, it will be ready for use. Activation requires strong authentication by the user. Depending on the circumstances, authentication will require special user IDs and passwords, banking IDs and passwords, or online microchip ID cards.
The user ID of the Katso identification system. It is comprised of a Katso ID, Password, and the One-Time Password. For more information, see Katso ID types.
|Katso OTP (One-Time Password)
Users signing in to an e-service need a Katso ID, Password, and the One-Time Password. For more information on the icons that show on the sign-in page, see Katso ID types.
|Katso PWD (Password)
Users signing in to an e-service need a Katso ID and Password. For more information on the icons that show on the sign-in page, see Katso ID types.
The Katso system additionally includes this ID type. It only consists of the user ID and password — and no one-time password. The Master User can create sub-IDs, to distribute them to users as appropriate. The user who is a holder of a sub-ID cannot perform any operations of Katso management; these operations are the Master User's responsibility. Sub-IDs can be granted various Roles, but not all Roles. Sub-IDs can be made stronger, or upgraded, to become Katso IDs. For more information, see Katso ID types.
|Making a Katso ID out of a Katso Sub-ID
The holder of a sub-ID can have it upgraded so as to become a Katso ID. For this purpose, the holder should either sign in electronically to the Katso interface, or visit a Katso registration office in person. If the sub-ID holder already has a Katso ID, the valid authorizations of the sub-ID will be attached to the Katso ID. If no earlier Katso ID exists, a new Katso ID will be created, and the valid authorizations of the sub-ID will be attached to it.
Individuals who can be appointed Master User for the organization should have the right to sign the company name. The Master User's Katso ID will be associated with Master User privileges and status, and this involves the granting of a 16-character (4 × 4 character) password (Master User Password). The Master User has the right to manage organization data (including the right to create sub-IDs, to grant authorizations, to receive authorizations); and all the Roles that are relevant for the organization are available to the Master User. It should be noted that an organization can have more than just one Master User.
The Katso ID system has a One-Time Password. When the interface is asking you to key in a One-Time Password, look up the first unused password from your List of One-Time Passwords. To print out new Lists of One-Time Passwords — and to activate them after printing them out — go to the Katso ID management window, and select I already have a Katso ID. I want to manage its data and Authorizations, and adjust its settings.
|Parallel Master User
The Master User of an organization can grant the role of a Parallel Master User to an employee of the organization who is a holder of a Katso ID. Then the employee will also receive an Admin password consisting of 16 characters (4 × 4 characters).
Katso IDs as well as Katso Sub-IDs have passwords that consist of 8–1024 characters. These passwords are fixed, they must have: UPPERCASE letters, lowercase letters, and numbers. They may contain special characters.
The holder of a Katso ID can change the password in the Katso ID management window. To change it, select I already have a Katso ID. I want to manage its data and Authorizations, and adjust its settings. However, the password of a sub-ID can only be changed by the Master User.
|Preventing the use of a user ID
The holder of a user ID is entitled to lock it up. The interface will ask the user not only to specify the ID itself but also type the user's own last name and personal identity number. To reopen a locked ID, go to Katso ID management window, and select I have forgotten my Katso ID or Password, and I want to get it back.
If an online Power of Attorney is being used, the Principal is the organization giving the authorization.
An individual with the right to sign the company name = signatory.
Provided by a public entity, an e-service is an electronically submitted service form in which a Katso ID is required to make sure of secure sign-in. Three types of e-services exist:
Any authorization is associated with at least one Role. They are always service-provider-defined, and service-provider-specific. The definitions that the Roles contain are restrictions for the users within various e-services. Not all roles can be granted to sub-IDs.
The Master User can grant role groups to users instead of giving them single roles one at a time. Role groups are collections of existing single roles. Role groups are designed to make it easier and quicker to associate the most frequently used roles with a newly granted authorization.
An organization with a contract with the Katso identification system to have its e-services available to holders of Katso IDs who sign in securely. A service provider can be a public authority, and it can also be another type of organization.
|Signing the name; Signatory
Rights of representation, in other words, an individual's right to sign the company name, right to sign the name of an association or foundation, right to sign the name of any corporate entity.
|Unlocking a locked ID
Locked user IDs can be reopened after the user's identity is confirmed. As usual, the identity is confirmed through electronic identification (Network Banking IDs /electronic microchip ID card), or alternatively, through making a visit to a Katso registration office in person. The following events will trigger the ID lockup sequence:
In the case of events 1–3 above, the ID holder is capable of unlocking; however, if event 4 is the reason, only the relevant authority can unlock the ID.
Whenever the system is running the processes to set up a new Katso ID, or a new Katso Sub-ID, it will generate the necessary User ID independently.
|User ID cancellation
The holder of a user ID is entitled to cancel it. Only the relevant authority can reactivate it. Instead of using the powerful measure of cancelling the ID, users may prefer to simply lock up the ID for an indefinite period. To command lock-up, select "I want to lock up my Katso ID until further notice" at the Katso ID management window.
|User ID management
To run the management interface, do the following: go to Katso ID management window, and select I already have a Katso ID. I want to manage its data and Authorizations, and adjust its settings. The following settings can be made:
Further, the Master User can work with the following settings: Update organization data, create Sub-IDs and Role groups, grant authorizations, and change the Master User Password.