You will order a hardware token during the initial Exostar registration process. The hardware token is a small device that you can use to retrieve an OTP and is independent of wi-fi or other internet connection.
You are not required to activate your Hardware Token, however, we strongly suggest that you have more than one active OTP device. (Most providers add the Authy app as their preferred OTP and will use the hardware token as a backup device.) Keep in mind, if you do not add the hardware token as an active OTP device on your account and are unable to use your phone for the Authy app or authentication phone number, your account will need to be deleted and you will be required to start from scratch.
The hardware token will be delivered in a small, brown bubble mailer, similar to the one below:
You can manage your hardware token by accessing your account. Your account is located on the Admin Tab of the NewCrop Screens under the link “Manage Your EPCS Account”:
Log into your EHR and access the NewCrop screens.
Once in NewCrop, go to the Admin Tab:
Click on the Manage Your EPCS Account on the Admin Tab:
OR click this link on the Exostar Registration Page:
AUTHENTICATION INTO YOUR ACCOUNT
You will first need to authenticate into your account. Do this by using your Authy phone app. Under the Manage Mobile Credential, click Authenticate (red button), and enter the 6 digits you see on the Authy app (no spaces). If the Authenticate buttons are grayed out, skip to the next step.
Add and activate a Hardware Token:
To add a Hardware Token to your account, go to the “Manage Token” section at the top and click “Add Token”:
Enter the serial number from the back of the Hardware Token. The serial number for the Hardware Token is the largest number found on the back.
Enter both the letters and numbers as displayed. Click the white button on the front and enter the first passcode you see. Wait 30 seconds and then click again to enter the second passcode you see. Click “Submit”:
The hardware token will show active on your account in the “Manage Token” box. To return to NewCrop click “Cancel”:
Deactivate a Hardware Token:
A hardware token should only be deactivated if it is lost or broken. Click “Deactivate Token”:
You will be asked to confirm this action by listing a reason for deactivation. Once confirmed, the hardware token cannot be used again and will need to be discarded completely. (See the troubleshooting document for information on replacing a hardware token.) Click “Deactivate Token”:
If a provider has a new phone or new phone number but has tied the Authy app to their cloud-based store (iTunes or Google Play Store), often a copy of the Authy app (including the NewCrop account) can be downloaded and used without any issues or removing and adding a new instance in the Exostar account.
The two best ways to avoid revoking an account:
- Always make sure the Hardware Token has been bound to the account. Many providers choose to use the Authy app but adding the hardware token not only allows a backup method to transmit Rxs, it is also a backup method to access the Exostar account. ALWAYS ADD THE HARDWARE TOKEN EVEN IF THE PROVIDER CHOOSES NOT USE IT FOR TRANSMISSION OF CONTROLLED RXS.
- Always add an Authentication phone number that is different than the provider’s cell phone number. A provider can add a land line or a different cell phone as well as their own, but the best practice is to have a different phone number for the Authentication phone number. A provider should not tie all authentication methods to one device only.
ONCE A PROVIDER HAS REVOKED THEIR ACCOUNT, THEY MUST PAY FOR ANTOHER LICENSE AND START FROM THE BEGINNING IN THE EVENT THE PROVIDER NEEDS TO TRANSMIT CONTROLLED RXS VIA NEWCROP.
Questions? Contact your EHR for assistance.
Issues? Please refer to the document “EXOSTAR - Troubleshooting the Hardware Token”