RESDEX –Security and Compliance

Making Resdex - KYC compliant and secure

KYC Requirements

Verify Identity and the address of the person/entity to whom the services

have been sold.

Each recruiter account offered by Naukri to be uniquely identifiable and

verified.

Any change in the contact details needs to be revalidated in the same manner.

Security requirements

Prevent unauthorized access in customer accounts

Provide Mobile number validation & OTP based authentication for user login

Phases

Phase I

Already live

1. New sub-user creation with email-ids only

Planned

1. Old sub-user name migration to

emails with mandatory email

verification

2. Mandatory Login OTP for sub

users

3. OTP based authentication for

super users

Already Live

1. Mandatory Email verification for new sub user addition

2. Mobile number validation for sub users – Optional

Phase II

Phase III

Already Live

1. Address/PANCARD proof submission

2. OTP based login authentication for

sub users – Optional

Going Live

OTP based login authentication for

Super Users - Optional

Phase IV

Going Live

1. OTP based login authentication for super users – Optional

OTP based login authentication for super users Super Users will be required to

enter a One Time Password (OTP) after submitting username/password before they can use any Naukri service.

The OTP will be sent on verified email ID.

Super user can change Login OTP setting for all users in his account from Manage Users page

By default OTP is OFF for all clients

OTP will become mandatory for all users and super users in 3 months.

Going Live

Super User will be prompted for OTP after submitting username & password

If super user has activated OTP If super user’s login ID / username is a verified

email ID If super user’s login pattern has changed If super user has not submitted OTP in last few

days

1

3

2

Going Live

The OTP will be sent via mail on verified email ID

Super Users without verified email ID as user-name will not be covered under the Security setting.

However, users in their accounts having verified email ID will get Login OTP if the Security setting is enabled.

All users will need to enter OTP when Login OTP becomes mandatory.

Going Live

In case of delay, super user can resend OTP OTP is specific to a super user and login session. Super User A’s OTP for 1 system / browser cannot be

used for a different System / Browser.

OTP will expire After 30 minutes of generation If it has been used once If super user has been prompted for entering OTP

but has not entered OTP for 2 hours, he will need to start again by submitting username and password.

Resent OTP will be valid for another 30 minutes Any of the valid unused OTPs can be used for

validation.

Going Live

The OTP will be prompted when super user logs in from CSM or NaukriRecruiter login pages well

After successful login, OTP will not be prompted for a few days unless super user’s login pattern changes.

Pure NaukriRecruiter profile that is not linked to any sub / super user account will not be asked for Login OTP.

Going Live

Thank You