Web eXchange TPA Center Documentation

Last Updated v12.0.0

Login

After the new TPA Center account has been approved, login with the requested user name and password.

Multifactor Authentication (MFA)

Web eXchange provides an additional layer of protection and security by using Multi-factor Authentication (MFA).  MFA requires a secondary method of authentication via a phone number or smart device app to approve the login request.  The current implementation of MFA in Web eXchange uses the DUO system.

Mandatory: All accounts that use Web eXchange are required to use MFA.

Usage: The first time an account logs in, it will be prompted to complete the DUO process to register a phone number and device.  Please follow the on screen prompts from the DUO application to setup MFA using the options that work best for you.  For each subsequent login, DUO will prompt for MFA after the initial login has been completed.

Depending on the options chosen during DUO registration and setup, the system will send an authorization request to the smart device linked to the account.  Other options are available if the DUO smart app is not available.  Click the other options link or other on screen instructions for available MFA options.  Once the MFA process has been completed, the system will finish the login and display the My Info landing page.

Public vs Private Devices

What is the difference between public and private and how does it change the usage of the system?

• Public Device: The login session timeout will automatically be set to two (2) minutes.  After two minutes of inactivity (no menu selections or clicks on the screen items), the system will automatically log the user out and display a login prompt.
• Private Device: The login session timeout will automatically be set to twenty (20) minutes.  After twenty minutes of inactivity (no menu selections or clicks on the screen items), the system will automatically log the user out and display a login prompt.

How can I chose?

After initial login, the system will display a banner message at the top of the screen asking if the device (computer, tablet, phone, etc.) being used is private.

• If the box is checked a window will display with information about marking that device and web browser as private.  If agreed to, the system will store a cookie in that web browser for the logged in user account that tells the system this is a private device and browser for all future sessions.  If the cookies are cleared in that browser, the system will prompt again on next login.
• If the banner is ignore and the box is left unchecked, the banner will disappear after approximately 10 seconds and the device and browser will be automatically considered public.  The public option should be used when the device is shared with other users like a break room computer, library computer, or any other device that is not used only by you.

Why are there options available?

The public device option and shortened session timeout was added to help users protect PHI (Protected Health Information) that is available in this portal system.  If a public device is used, and the user leaves the system logged into their account and does not close the web browser, that PHI could be exposed to the next person using that device.  The public timeout option assists the user in that situation and will log them out in that shorter time frame while still allowing the system to be functional.