CCASS/3 - Frequently Asked Questions 
21/01/2016 
 

IV

Security Management : Delegated Management System (DMS)

Smartcard and Smartcard Reader
Q19 What is the security measure for Participant to log on CCASS/3?
Q20 How many smartcards will be issued to each Participant?
Q21 Can a Participant use the same smartcard to access different C3T?
Q22 Can Participants install the smartcard reader in a slim PC or is the smartcard reader an external device?
Q23 Is smartcard reader required for all C3Ts?
Segregation of Duty
Q24 Can a Participant assign a single user as a Delegated Administrator (DA) handling both the maker and checker functions?
Q25 Can Participants assign operational staff as DA?
Q26 Can a Participant assign more than one checker or maker to handle the DA functions?
Q27 Will separate set of smartcards be issued to DA maker and checker?
Q28 Can a DA checker use relevant maker's smartcard to access CCASS/3 and vice versa?
Q29 What is the main difference between the functions of a DA maker & a DA checker?
Q30 In what situation should a DA checker use the smartcard to logon CCASS/3?
Q31 Is there a transaction limit assigned to each DA?
Authorization Code
Q32 If a DA checker wrongly inputs the checker ID three times, will the DA authorization code be revoked?
Q33 Are DA checkers required to memorize the authorization code?
Q34 How often will the authorization code be changed?
DA’s Operations
Q35 Are DAs required to initialize their smartcards?
Q36 Can a DA maker's smartcard remain in the smartcard reader while relevant DA checker authorizes a transaction?
Q37 If an operation user resigns from the company and his job is taken up by another user, can the DA assign a new user name and user profile to the resigned user's smartcard?
Q38 Are Participants required to change the passwords of the smartcards for DA makers and checkers?
Q39 If the DA resets the password for a user, is the user concerned required to change the password at the first log-on?
Q40 Is there any charge on the DA smartcard?
Q41 When a DA set up a user profile, is it compulsory for the DA to input the “enabled date” and “disabled date”?