Experian's eSolutions FAQ|Contact Us
 
Home Consumer Credit Prescreen Custom Solutions Business Credit Fraud Collections  
Credit Information Solutions   Experian's eSolutions
Overview|Security|Become a Member|eSolutions Login

 

Security FAQ

What are the roles and responsibilities of a Head Security Designate?
What happens if a user forgets their password?
What happens if a user never receives their password?
Do passwords expire?
Do user IDs expire?
Why are user e-mail addresses required?
Can I lock out existing user IDs?
Can I restrict access to a specific computer or multiple computers?
Can I restrict access to certain hours or on specific days?
Can I monitor account activity?
Is there a session time-out in place?
What are the system requirements for accessing eSolutions?
What type of security is used in eSolutions?

 

What are the roles and responsibilities of a Head Security Designate?

  1. Subscriber agrees to identify an individual it has designated to act on their behalf as a primary interface with Experian on (Internet) access-related issues. This individual shall be identified as the "Head Security Designate." The Head Security Designate will submit all requests to create, change or lock Designate and/or end-user access accounts and permissions to Experian systems and information (via the Internet). Designate(s) must be a duly appointed representative of the client's company and must be available to interact with Experian on information and product access, in accordance with Experian Internet Security Guidelines. The Customer Head Security Designate Authorization Form cannot be accepted unless signed by a duly authorized representative of the subscriber. Changes in Head Security Designate status (e.g. transfer or termination) are to be reported to Experian immediately.
  2. As a subscriber to Experian's products and services over the Internet, the Head Security Designate is acting as the duly authorized representative appointed officer of the subscriber.
  3. The Security Designate is the individual that the subscriber authorizes to act on behalf of the business in regards to Experian product access control (e.g., request to add/change/remove Internet access). Subscriber can opt to appoint more than one designate (e.g., for backup purposes). Subscriber understands that the Designate(s) it appoints must be someone who will be available between the hours of 8 a.m. to 5 p.m. and can liaison with Experian on information and product access matters.

For additional information, please log in to the Access Control System and choose Security Guidelines on the left side of the page.
Return to top »

 

What happens if a user forgets their password?

If a user forgets his or her password, the secret question/answer the user enters upon initial login will assist him or her to recall the password. To use this system, try the Retrieve Password form and proceed as instructed. If this is not successful, the user should contact the Head Security Designate or Security Designate to request a password reset. If the user continues to experience problems, he or she should then contact the Technical Support Center at 800 854 7201.
Return to top »

 

What happens if a user never receives their password?

If a user has received his or her user ID but not the password, the user should contact his or her Head Security Designate or Security Designate. If the user still is experiencing problems, then he or she should contact the Technical Support Center at 800 854 7201.
Return to top »

 

Do passwords expire?

We require passwords to be changed every 90 days. Users and Designates are not allowed to use their previous 12 passwords when resetting their password.
Return to top »

 

Do user IDs expire?

A user ID will be deactivated after 90 days of inactivity. To reactivate a user ID, users should contact their Head Security Designate or Security Designate. To reactivate a Designate ID, a Head Security Designate or Security Designate will need to contact the Technical Support Center at 800 854 7201.
Return to top »

 

Why are user e-mail addresses required?

User profiles require user e-mail addresses in order to send new or reset user IDs and passwords securely to the Designate or Head Designate and user. E-mails also are generated when a Designate or Head Security Designate delegates new products.

In keeping with Experian's security practices, e-mail account names may include only numbers (0 to 9), alpha characters (a to z, A to Z), and the dash, underscore, at and period (-, _, @, .) special characters. All other characters are prohibited. If a user's e-mail address contains these characters, we suggest using the Designate or Head Designate's e-mail address.
Return to top »

 

Can I lock out existing user IDs?

If a user no longer needs a user ID or password, the Head Security Designate or Security Designate immediately should lock the ID and select the appropriate reason code. At no time should a user ID be used by another associate or distributed to a new associate.
Return to top »

 

Can I restrict access to a specific computer or multiple computers?

Yes, contact Customer Support to make this feature available for your Company ID. Once the feature is active, restricting access to a specific computer or multiple computers is handled within the Access Control System by the Head Security Designate or Security Designate with the IP Filter option on the Maintain Users page.
Return to top »

 

Can I restrict access to certain hours or on specific days?

Yes, Head Security Designates and Designates now have access to this feature. Assignment of time restrictions is handled within the Access Control System with the Time Restriction option on the Maintain Users page.
Return to top »

 

Can I monitor account activity?

Yes, eSolutions offers usage reporting that displays user-access data on the type of report pulled, date, time, IP address, user ID, primary applicant name, Social Security Number and reference number (if included). This allows individual users to view their own history of transactions or a Head Security Designate/Security Designate to view the history of transactions on a group of users beneath them.

To access this report, log in to eSolutions and select the Reporting link from the sub-navigation. Usage reports are available for download in Excel-ready format. Additionally, the usage report feature within the Access Control System displays reporting on user access by subcode, in addition to reports on locked and active users. To access these reports, Head Security Designates and Security Designates should log in to the Access Control System and choose Reports on the left side of the page.
Return to top »

 

Is there a session time-out in place?

For added security, a user session with no activity within a 30-minute time period will "time out" and require the user to reenter his or her user ID and password.
Return to top »

 

What are the system requirements for accessing eSolutions?

No additional hardware or software is required beyond a standard computer with an Internet connection. There are no special certificates required on the browser to access our products. Internet Explorer 6+, Firefox 1+ and Netscape 8+ are the recommended browsers.
Return to top »

 

What type of security is used in eSolutions?

Experian's Information Technology team is committed to ensuring a high level of information security both internally and externally. In addition to a highly secure registration process via the Access Control System, eSolutions currently uses a Secure Socket Layer of 128-bit encryption coupled with a user ID and password for every user accessing eSolutions.
Return to top »