User Administration

The User Administration allows Saferpay Backoffice user accounts to be administrated independently via the Saferpay Backoffice. Provided that the required permission has been activated, the corresponding menu item can be found under "Settings" --> "User Administration" or under the following URL:

In this chapter you will find all the necessary information.

User Administration

Merchant Administrator

The Merchant Administrator manages the users of the currently selected Saferpay account. The administrator has the possibility to assign the role "Merchant Administrator" to further users created via Backoffice. Merchant Administrators cannot edit their own profiles. Merchant Administrators can also create Multi-Customer Users. Once created, the Merchant Administrator can still edit user permissions and status, but not user data. This data can only be edited by users themselves.

Backoffice Users

In this menu ("Settings" --> "User Administration"), the existing users are displayed and new users can be created. Via the link "Details" the data of an existing user can be adjusted and the assigned roles can be changed.

Currently, only user accounts created by a merchant administrator are listed here. With a later Saferpay release, the list will also include all existing user accounts.

Currently, a user cannot be deleted. But if you want to prevent a user from accessing the backoffice, you can set its status to disabled. See chapter Enable/Disable a user.

The following statuses are possible:

  • Activation link was sent --> User has not yet called the activation link.

  • Active --> User is active and can log into the back office

  • Deactivated --> User is disabled by merchant administrator and cannot log into the back office

  • Locked --> User is locked (e.g. due to too many failed login attempts or inactivity)

  • Password expired --> Password expired

Roles and permissions

The following matrix shows all available roles and the corresponding permissions. These can also be viewed in the Saferpay Backoffice under "Settings" --> "Roles and permissions" or via the following link:

Create new users and assign roles

User administrators can create new users in the Saferpay Backoffice. Different roles are assigned to each user, which influence which permissions and accesses a user receives.

There are two different types of users:

  • Individual unique e-mail address (Verified)

    An activation email is sent directly to the specified email address.

Using this user type is recommended.

Since sensitive data is sent to the user's email address, e.g. to activate the user account or reset the password, it is essential that each user is assigned a personal email address to which only the individual user has access. Avoid using group mailboxes.

  • System-generated username (Unverified)

    The username is generated by the system. The activation link must then be sent to the user manually.

Using this user type is not recommended, and should only be used if the user does not have their own email address. Without an email address, some features may not be usable.

Location-based permissions

For bigger Saferpay accounts, it may be desireable, or even necessary to restrict the user-access to certain transactions and terminals, based upon their location.

One example could be a hotel-chain with multiple locations, restricting certain user-access to these locations, so certain users can only do actions and see transactions, that were made by that specific location. It is also possible to extend the permissions of a user to multiple locations, if need be.

Merchant administrators do have the ability to restrict user access to certain locations and their attached terminals. This is also important to understand: These permissions are not linked to a terminal, but a location. A terminal can then be linked to that location, effectively enabling you to limit the access to that specific terminal.

However a location also enables you to link multiple terminals to one location, if you want to. For example one terminal for your webshop, one for the Secure PayGate and one for Mail Phone Order, that are all for this one location. This construct can then be applied to every location you want, so each one has its own set of terminals, but all held under one roof, one Saferpay account.


The activation is very simple and only requires a few steps during user-creation.

This checkbox will enable Location-based permissions for that specific user.

Once activated, a little search-box will pop up, in which you can look up all the available locations on that account.

You can search through the list, by typing a specific name of a location, or, if available, the website of the location.

As meantioned, you can also add multiple locations to one user, if said user should have access to multiple locations.

If no permissions are applied, the user will have access to all locations.

Lookup via address is currently not supported.

How to create more locations

Locations are handled by Saferpay directly and cannot be created by the merchant directly. If you want additional locations and terminals, please contact your account-manager at our sales.

How can a verified user activate its account?

The newly created user then receives an email at the email address provided containing an activation link.

After calling up the link, the user account is activated and the user must enter an individual password for it.

How can an unverified user activate its account?

The Merchant Administrator must manually send the activation link to the user.

After calling up the link, the user account is activated and the user must enter an individual password for it.

User Login

Users created by a merchant administrator can log into the Saferpay Backoffice using their personal e-mail address or the system-generated username and an individually defined password.

Password Reset Handling

Password handling for Unverified users: If too many login attempts fail, the user is automatically locked. A corresponding message will be displayed and the user administrator should be contacted. However, this is not mandatory, because after 30 minutes the locked status is reseted and the user can log in again. Since there is no email address for Unverified users, no password reset links can be sent, that means the password cannot be reset independently. For this reason the user administrator must be contacted. The administrator will then generate a password reset link and send it to the user.

Password handling for Verified Users: For Verified Users, the password reset link is sent directly to the user's email address. This can either be initiated by the user administrator or the user can request a reset link on its own via the forgotten password function on the login page.

A password reset has no effect on the user status.

Locked user Handling

There are two reasons why a user login becomes locked.

  • Locked because of too many wrong password entries

    If a wrong password is entered too often on the login page, the user login will be automatically blocked for 30 minutes. After that the user can try again. Verified user logins with individual email address can request a password reset link to unlock their login. Unverified Users without email can contact the Merchant Administrator for the unlock so they do not have to wait 30 minutes.

  • Locked due to inactivity

    After 90 days without login, the next time the user tries to log in, the user will see a message that its login is locked. In this case the user cannot unlock its login by himself, only the merchant administrator can unlock the login by sending the user a password reset link.

Edit or Enable/Disable a user

In the User Administration overview, users can be edited via the "Details" link. It can be defined whether a user should be active or inactive, as well as the assigned roles. Merchant Administrators cannot edit user data. This data can only be edited by users themselves.

Edit user from the administrator's point of view:

Edit user from user view:

User type "individual unique e-mail address" (verified) can no longer be changed.

User type "system generated username" (unverified) can be changed to a verified user type at any time. In this case the system generated username will be replaced by an email address. The original username will then no longer be usable. An activation link will then be sent to the email address and the user account can be activated. The old passwords will be stored in the history and cannot be used again for login.

The new password must be different from the last five passwords an must not have been used in the last 24 hours.

Known Limitations

  • Only user accounts created by a merchant administrator are listed in the user overview. With a later Saferpay release, the list will also include all existing user accounts.

  • A user cannot be deleted. But if you want to prevent a user from accessing the backoffice, you can set its status to disabled. See chapter Enable/Disable a user.

  • Merchant Administrators cannot edit their own profiles.

  • Merchant Administrators can only edit status and permission of users. The users can edit their data in User Profile.

The location-based permissions do have additional restrictions, which are:

  • A merchant administrator cannot be limited to certain locations. They'll always have access to the whole account.

  • Location-based permissions cannot be applied to users with Multi-Customer Access.

  • Location-based permissions do not apply to the Batch Processing.

Multi-Customer Access

Saferpay users who own individual user accounts (Backoffice logins) for several customer accounts (CustomerIDs) can now be merged into a single user account which provides access to all related accounts (multi-customer access). This avoids maintaining and keeping track of multiple user accounts and passwords and eliminates friction when working under several customer accounts.

Activate a multi-customer access user account

The Multi-Customer Access functionality is activated by creating a user with an email address that already exists for another user of another merchant account.

Switch between user accounts

To switch between multiple user accounts, click on the customer ID in the upper right corner next to the user name. On the following page all linked customer accounts will be listed.

Merchant Alias for Customer ID

Merchant Administrators can define additional "easy to understand" alias names for their customers.

The alias of the customer is visible for all users in the header area. For multi-customer users it also appears in the customer selection.

The feature is automatically enabled for affected merchants.

Enable Two-Factor Authentication (2FA)

To enable 2FA, a user has to first set it up.

Saferpay highly recommends using 2FA, as it offers additional security against account theft.

What is 2FA and why should i use it?

As the rate of cyber-attacks increases with each year, so does the number of hacked accounts. It becomes apparent, that the old User|Password system no longer provides enough security to secure highly valuable logins, like your Saferpay login.

If this login would be compromised, e.g. by password-theft and the like, an attacker would, in the worst case, be able to execute all sorts of malicious actions on your account. For example executing refunds for shipped goods, or transferring money to unwanted places.

This is where 2FA comes in.

2FA is an additional hurdle for an attacker to overcome during login, by requiring an additional OTP-Code (Factor) to be entered. That is where the "2" in 2FA comes from. It is the second factor of authentication, in addition to your password, which is the first factor.

The second factor is deliberately separated from the first, so that in case of the theft of one of those factors, the other factor is still uncompromised. Since both factors are needed for login, an attacker will be unable to log into your account, with just knowing one of the two needed factors.

In order for this to work properly, you should not have both factors (Password and OTP-generator) present on one device, e.g. your phone.

If someone would steal said device, they'd be in possession of both factors, rendering the whole 2FA principle useless.

Make sure, that in general and especially if you still decide to do this, your device is sufficiently secured. For example by encrypting your phone, using a secure unlock-method, using password managers with a sufficiently strong master password etc.

Restricted services without 2FA

Security concerns and PCI compliance dictate that Saferpay only offers certain functions with 2FA enabled.

The following services are only available, if 2FA has been activated:

  • PAN decryption within transaction details

  • Credit a transaction from within the backoffice

Further note, that a password reset also requires you to enter your 2FA code, if 2FA has been activated. It is not a requirement for a password reset in general, however.


  • A user, that has been created with the user administration.

As of now, only users, that are also listed within the user-administration, do support 2FA. If your user is not listed there, then 2FA is currently not available for you.

  • An OTP-capable authenticator app on your phone

    • Like Google- , or Microsoft Authenticator


1 - In order to activate 2FA, please navigate to your user-settings, by clicking on your user-name in the top and then to Two-factor authentication.

2 - Once there, please open up the OTP authenticator on your phone and create a new entry.

3 - When asked, please scan the QR-Code from the Saferpay Backoffice.

4 - Enter the the OTP-Code generated by the app and your login-password, then click on Save.

All done. Two-factor authentication is now active on your account.


Once activated, you'll now be asked to enter the app-generated OTP-code on login, after entering your username and password.

2FA reset

As of now, the 2FA cannot be reset, once activated. If you need 2FA to be reset, please contact our support to help you.

Last updated