RESDEX –Security and Compliance

Making Resdex - KYC compliant and secure

2

KYC Requirements

Verify Identity and the address of the person/entity to whom the services

have been sold.

Each recruiter account offered by Naukri to be uniquely identifiable and

verified.

Any change in the contact details needs to be revalidated in the same manner.

3

Security requirements

Prevent unauthorized access in customer accounts

Provide Mobile number validation & OTP based authentication for user login

4

OTP based login authentication for sub users and super user

Users will be required to enter a One Time Password (OTP) after submitting username/password before they can use any Naukri service.

Users need to mandatorily have unique and verified email ID as login ID.

The OTP will be sent on verified email ID.

In case verified mobile number is available in the user’s account, then OTP will be sent via SMS as well.

OTP will become mandatory for all users and super users soon.

User will be prompted for OTP after submitting username & password

If OTP based Login is activated for the company If the user’s login ID / username is a verified

email ID If the user’s login pattern has changed or

suspicious login is detected

1

3

2

5

6

The OTP will be sent via mail on verified email ID

Users without verified email ID as user-name will not be covered under the Security setting.

However, users in their accounts having verified email ID will get Login OTP if the Security setting is enabled.

All users will need to enter OTP when Login OTP becomes mandatory.

7

In case of delay, the user can resend OTP OTP is specific to a user and login session.

User A’s OTP for 1 System cannot be used for a different System.

OTP will expire After 30 minutes of generation If it has been used once

Resent OTP will be valid for another 30 minutes Any of the valid unused OTPs can be used for

validation.

8

The OTP will be prompted when user logs in from CSM or NaukriRecruiter login pages as well

9

Pre-requisites for OTP based Login

• All users need to have unique and verified email ID as login ID.

• Users can add and verify their mobile numbers.

10

All users need to have unique and verified email ID as login ID.

For Super User:-

Username modification request Email Verification

1. Login at https://recruit.Naukri.com2. Resend Verification Link

3. Click on verification link in mail

http://recruiterzone.naukri.com/how-to-verify-login-email-id/

• To support@naukri.com • Or through account manager

11

All users need to have unique and verified email ID as login ID.

1. Login at https://recruit.Naukri.com2. Resend Verification Link3. Click on verification link in mail

http://recruiterzone.naukri.com/how-to-verify-login-email-id/

For existing sub users:-

2 options for editing sub user’s username:-

Online by sub user

Sub user fills email ID on login prompt

Sub user verifies email

Super User approves / edits the email

Assisted Edit for bulk usernames

Super user downloads format containing usernames

Super user sends updated usernames to Naukri Backend team

Backend team processes the email IDs

Sub user verifies the changed email ID

Username modification request Email Verification

12

The online process – initiated by sub user

13

• If a sub user’s username is not a valid email ID, then the user will be prompted to enter a unique and valid email ID.

• On submitting, an email with verification link will be sent on the entered email ID.

Sub user can provide unique and valid provide email ID

Online through sub user

Sub user prompt for email

Sub user verifies email ID

Super User approves / edits the email

14

Sub user needs to verify the email before it can be sent

Online through sub user

Sub user prompt for email

Sub user verifies email ID

Super User approves / edits the email

• Sub user can resend verification link from “Verify Email” link on MNR Homepage

• This link will be visible until the sub user has verified his email ID.

• Sub user needs to click on verification link in the mail

15

When sub user verifies email, super user will be asked to approve the email ID change request

Sub User clicks on verification link on email Super User gets email to approve the username change Online through sub user

Sub user prompt for email

Sub user verifies email ID

Super User approves / edits the email

16

Super user can login and approve sub user name change requests

Edit• Super user can also edit the email ID in the username change

request.

• Sub user will be sent verification link on the new ‘edited’ email ID

• When the sub user clicks on verification link, the username change will be considered approved.

• No further approval is required – the status will be updated on Manage Users page.

Online through sub user

Sub user prompt for email

Sub user verifies email ID

Super User approves / edits the email

Approve• Super user can approve username change request.

• Only requests in which sub user has verified email ID will appear in Pending section of Manage Users page.

• Notification mails will be sent to sub user when username change is approved by the super user.

Status of email change request

17

Sub user’s username will be updated in the system within 24 hours of super user’s approval

When super user approves the sub user’s username change, • Sub user will get notification

When sub user’s username is updated in the system,• Sub user & super user will get notification• Password will remain the same

Online through sub user

Sub user prompt for email

Sub user verifies email ID

Super User approves / edits the email

Within 24 hours

Updated user account will be secured with OTP based Login

Online through sub user

Sub user prompt for email

Sub user verifies email ID

Super User approves / edits the email

User will be prompted for OTP after submitting username and password

• If OTP based Login is activated for the company

• If the user’s login pattern has changed

1

3

2

19

The Assisted Offline process – initiated by Super user

20

Super user can mail the username change requests to us• In cases where large number of sub usernames need to be changed:-

1. Super user can download the csv of existing usernames from Manage Users page.2. Super user can update all the corresponding new usernames3. Super user can mail the updated csv to account manager or usermodify@naukri.com.

• If the new email IDs are valid and unique:- – The sub username will be updated within 24 hours.– Notification mails will be sub users super users and account managers.– The approved request will start appearing in Pending section of Manage Users page.

Link to download csv of usernames to be updated

21

Users can add and verify their mobile numbers.

22

Sub users and Super Users should add and verify their mobile numbers

• User will be able to add and verify her mobile number

• Super user will have the ability to add / edit the mobile number of any sub user in her account.

• Users from 2 different client accounts cannot have the same mobile number verified

23

In case of any queries, please write to us at otpmigration@naukri.com