EPCS: Account Setup for EPCS Gold (Web)

This article provides instructions for each segment of setting up your EPCS Gold account using Experian identity proofing. 

Account Setup for EPCS:

Access your EPCS Registration Invite

Your EPCS registration invite is sent to the unique email that we have on file for you. The invite is either initiated by an admin at your organization, your EMR vendor, or DrFirst.

Please be advised that the invite expires after 60 days.

To access your registration invite, follow the steps outlined below:

1. Navigate to your email inbox folder, and open the email that contains the following subject line: "Registration invite for prescribing controlled substances electronically."

2. Click the blue link, Click To Register. You will be redirected to the EPCS Gold login page.


(click to enlarge)

3. On the next screen, you will see an I have an invite box with your NPI number and Invite ID auto-populated. Click Proceed to continue.

  • It is recommended that you use a computer (and not a phone) to complete the registration.


(click to enlarge)

4. You will now be redirected to a screen where you will need to verify your identity.
Verify your Identity (Identity proofing)

This section provides step-by-step instructions on completing your EPCS Identity Proofing (IDP) through Experian and assumes you have already clicked the blue link in your registration invitation email.  Please click if you would like to view the EPCS Identity Proofing Video.

  • Experian is our identity-proofing vendor, and infinID is the program that hosts the process.

If you have already been uploaded into our infinID program by a Credential Office Administrator (COA) at a hospital site, your information has already been uploaded. If this pertains to you, skip this process and instead Complete Logical Access Control (LAC).

1. Accept the Terms of Use and Conditions by selecting the individual gray checkboxes, then clicking the I Agree button in the bottom-right corner of the page.

2. On the next screen, you will be provided a temporary password. The temporary password will allow you to resume the IDP session if you exit for any reason. 

  • It is highly recommended to write down the temporary password physically.
  • You can only use the temporary password once you pass IDP and haven't registered a token.
  • If you need to exit the session and complete it later, you can use this temporary password, within 24 hours, to return to where you left off previously.

3. Click the checkbox labeled I have read and understood this agreement, and I declare that I am authorized to sign this document. Then, click the I Accept button at the bottom-right of the page.

4. The next screen will list pre-requisites for the IDP process. Click Continue at the bottom of your screen to move forward with the process.

  • Token: Can be OneSpan and/or Symantec
  • Personal Credit Card: This is not mandatory and can be omitted. 


(click to enlarge)

5. On the next screen, enter the fields that are marked with a red asterisk. The fields that are not marked are not required to pass. Click the I Agree button at the bottom of the page once you are done.

  • In addition to entering the fields marked with a red asterisk, please provide us with your Mobile Phone Number.


(click to enlarge)

6. You will be redirected to a page where you will answer 3-4 financial questions based on your Experian credit report. You will have 5 minutes to answer the questions before your session times out. Answer the questions, then click the Continue button at the bottom of your screen.


(click to enlarge)

7. If you pass IDP, you will be redirected to a confirmation page to be prompted to add a token. Click the Add New Token button at the bottom of your screen.

8. On the next screen, enter the fields listed below, then click Save New Token.

  • Token Manufacturer: SYMANTEC or ONESPAN
        • Select SYMANTEC if you are using a soft token (VIP Access App on mobile phone/tablet/computer) or a keychain hard token that has the SYMANTEC name and logo on the face of the token.
  • Token Issuer: DrFirst
  • Token Type: OTP HARD TOKEN (key fob) or OTP SOFT TOKEN (VIP Access app)
  • Token Name: Nickname for the token to help identify it (e.g., "iPhone token", "key fob", etc.)
  • Serial Number or Credential ID
    • If you are using a SYMANTEC HARD TOKEN (key fob): enter the Serial Number (S/N) on the back of the token without any spaces:
      • AVT########### or FT###########
    • If you are using a OneSpan HARD TOKEN (key fob): enter the Serial Number (S/N), the long string of numbers on the back of the token without any dashes:
      • ###########
    • If you are using a SYMANTEC VIP Access SOFT TOKEN (app): enter the Credential ID that appears at the top of the screen without any spaces:
      • SYMC########### or SYMZ########### or VSST###########
  • One Time Passcode (OTP): The number generated on the hard token or the Security Code from the VIP Access app.


(click to enlarge)

9. Next, a passphrase, security question, and security answer must be created for the account.  This passphrase is a password that will be used to prescribe controlled substances. The security question and answer will be necessary if you ever have to reset your passphrase.

  • The passphrase must be at least 8 characters long, be mixed case, and contain at least one number — avoid special characters.
  • A security question and security answer (case sensitive) will need to be entered as well. Since it is case sensitive, the security answer has to be remembered exactly as it was entered. This will be used in the event the passphrase is forgotten.
Note:  The passphrase can only be reset by correctly answering your security question. In the event that the passphrase is forgotten and cannot be reset, your account will be DISABLED, and you will be required to complete IDP again from the beginning.


(click to enlarge)

You have completed identity proofing (IDP). You will receive a confirmation email that contains a link that you will have to click once you receive your Experian Transaction Number.  If your Experian Transaction Code comes by letter, you will click the link in the letter to input your code followed by your passphrase and token pin.

If you received the Experian Transaction Number by SMS text, you can input it on the bottom of the screen in the final “Identity Proofing Process” page.  Once you click Verify Code, you will be ENROLLED in EPCS, with an INACTIVE Grant. 


(click to enlarge)

Once your enrollment is complete and you are enrolled in EPCS with an inactive grant, you will need to complete the activation step, LAC (Logical Access Control), with a staff admin. For more information on completing the Experian Transaction Number verification please click here. 

Input your Experian Transaction Number to complete the identity proofing process.

After you pass identity proofing, you will receive an identity proofing confirmation email which will require your Experian Transaction Number (ETN). You will recieve the ETN via SMS (text message) or USPS mail (letter). If sent by USPS mail, you will receive your letter in the mail within 6 business days. 

If you receive your transaction number by SMS (text), it will be a 6-digit code from the number 732-873. If you receive your Transaction Number in the mail, it will be a 10-digit code.

IDP_Trans_code_text.png     IDP_Exp_letter.png

(click to enlarge)

Inputting Your Experian Transaction Number

  • The transaction number sent to your phone by SMS (text) is valid for 7 days. 
  • The transaction number sent via mail (letter) is valid for 30 days.

1. Go back to the Identity Proofing Confirmation email and click the blue link.


(click to enlarge)

2. Enter the fields outlined below, then click Submit.

(A) Experian Transaction Number (sent via text or mail)

(B) Passphrase 

(C) Select Token 

(D) One time passcode


(click to enlarge)

Once these steps are completed, you are enrolled; please reach out to your Admin to Activate EPCS.

Was this article helpful?
6 out of 25 found this helpful