iPrescribe: How to Register a Token for EPCS

This article explains how to add a new EPCS token for users who were verified through ID.me or Experian. If you had a token on a mobile phone and now have a new phone, select the section that applies to you and follow the steps indicated. Please also see answers to common questions below.

Please Note

It is always recommended to register a second token as soon as possible after upgrading to EPCS using iPrescribe.

If you add a second software token before trading in your old smartphone or tablet, you will not have to re-enable with ID.me or repeat the Identity Proofing Process with Experian.

If you need to register an EPCS token, please review the section that pertains to your case:

I registered through ID.me and still have a registered token and/or the phone with my ID.me authenticator

Adding a New Token

Step 1 - Have the new token ready

Have your new hard token ready, or download VIP Access from the Apple App Store or Google Play Store to your new device.

Step 2 - Navigate to Manage Authenticators

Tap the menu icon on the top-left side of your screen, then click Settings.

(click to enlarge)

Select Manage Authenticators. Note: This option is only visible after completing the EPCS upgrade.

(click to enlarge)

Step 3 - Verify with password and token to enter token management

Enter your login password, select your registered token from the code generator dropdown menu, then enter the 6 digit security code generated from that token.

EPCS Confirmation & Token Manager (click to enlarge)

Step 4 - Register the new token

Populate the required fields, then select Add New Token.

Adding a security token (click to enlarge)

Token Type - Tap the drop-down menu, and select the type of token you are using.
Token Nickname - Choose a nickname for the token you are currently adding.
Credential ID - Enter your token serial number. If you are using the VIP Access App token, you will need to enter your Credential ID.
6-digit Security Code - Enter the OTP (temporary 6-digit code) generated by the token you are adding.
Tap Add New Token.

You have successfully added your token and will see it on the Token Manager screen

It is recommended to have two authentication devices attached to your account. This can be physical authentication tokens from Symantec or OneSpan, software tokens (VIP Access) on your mobile devices, or any combination of the two.

I registered through Experian and still have a registered hard token (keyfob) or the mobile device with a registered soft token (VIP Access)

Add an Additional Token

Step 1 - Have the new token ready

Have your new hard token ready, or download VIP Access from the Apple App Store or Google Play Store to your new device.

Step 2 - Navigate to Manage Authenticators

Tap the menu icon on the top-left side of your screen, then click Settings.

Menu > Settings (click to enlarge)

Select Manage Authenticators. Note: This option is only visible after completing the EPCS upgrade.

Settings > Manage Authenticators (click to enlarge)

Step 3 - Verify with password and token to enter token management

Enter your login password, select your registered token from the code generator dropdown menu, then enter the 6 digit security code generated from that token.

EPCS Confirmation & Token Manager (click to enlarge)

Step 4 - Register the new token

Populate the required fields, then select Add New Token.

Adding a security token (click to enlarge)

Token Type - Tap the drop-down menu, and select the type of token you are using.
Token Nickname - Choose a nickname for the token you are currently adding.
Credential ID - Enter your token serial number. If you are using the VIP Access App token, you will need to enter your Credential ID.
6-digit Security Code - Enter the OTP (temporary 6-digit code) generated by the token you are adding.
Tap Add New Token.

You have successfully added your token and will see it on the Token Manager screen

It is recommended to have two authentication devices attached to your account. This can be physical authentication tokens from Symantec or OneSpan, software tokens (VIP Access) on your mobile devices, or any combination of the two.

I registered through Experian and do not have an active, registered token (key fob or VIP Access)

Please submit a ticket for the DrFirst Support Team or talk to your Administrator if you do not have your old phone or second token. You will need to be re-invited for EPCS.

Answers to Common Questions:

What kind of token do I have?

VIP Access App - The app icon is a gold circle with a black checkmark and is downloaded to a mobile device. A new OTP is generated every 30 seconds.

(click to enlarge)
Symantec Hard Token - a small device with the Symantec name on the front that may be attached to your keychain or lanyard. A new OTP is generated by pushing the button; the OTP disappears when it may no longer be used.
OneSpan Hard Token - a small device with the OneSpan name on the front that may be attached to your keychain or lanyard. A new OTP is generated by pushing the button; the OTP disappears when it may no longer be used.

If you are unsure which token you are using: What Type of Token Do I Have?

How to Request a Hard token

If you access e-prescribing through an EHR, please reach out to your EHR to request a token.
If you are a Retail or iPrescribe user, you may submit a token request by clicking the Submit a Request button at the top of the Help Center.

What is a Token nickname?

The token nicknames show in the token dropdown menu. Select unique nicknames for your tokens so they are easily identified. (eg. orange keyfob, white keyfob, iphone11, ipad, etc)

What is the Serial Number or Credential ID and where do I find it?

Hard tokens (key fobs) have a serial number on the back.
Soft tokens (VIP Access) have a Credential ID at the top of the screen.

Use the appropriate format when entering your token information:

Token	Serial Number/Credential ID Format
VIP Access	SYMC######## (no spaces) SYMD######## (no spaces) VSST######## (no spaces)
Symantec (Hard Token)	AVT######## FT########
OneSpan	######## (no dashes)

What is a One Time Pin (OTP)

The One Time Pin, or OTP, is the temporary 6-digit code generated by a token.

How do I disable a token I no longer use?

You can disable tokens on the Token Manager screen.

Step 1: Navigate to the Token Manager screen.

Step 2: Tap Disable for the token you want to disable.

Disabling tokens (click to enlarge)

You have successfully disabled the token.

How do I reactivate a token I previously disabled?

You can reactivate tokens that you have disabled by going to your Token Manager screen. Please note that the token may be reactivated if it was temporarily disabled; a token may not be reactivated if it was reported lost, stolen, or damaged.

Step 1: Navigate to the Token Manager screen.

Step 2: Tap Reactivate for the token you want to reactivate.

Walter Wood
April 12, 2022 08:22

Regarding ... " It is recommended to have two authentication devices attached to your account."

What is the procedure to order a second One Span authentication device to be used in the event of acquiring a new smart phone?

0
Jennifer Howell
April 15, 2022 18:48

Thank you for your feedback; The article is updated to reference how a user may request a new hard token.
If you have a registered hard token and a registered soft token on your phone, when you get a new phone you will simply download VIP access to your new phone and follow the steps to register the new soft token.
If you have additional questions, please select Submit a request to DrFirst Support.

0

Please Note

If you need to register an EPCS token, please review the section that pertains to your case:

Adding a New Token

Add an Additional Token

Answers to Common Questions:

Articles in this section