The virtual server uses the push OTP rejection policy to send push notifications only to registered devices with currently active, push-enabled tokens. If a user receives a push notification that they did not initiate and the notification is rejected, enabling this option automatically emails a push notification rejection alert to the user.

If the user’s account gets locked due to this push OTP rejection, the body of this alert is appended to the user lockout alert that is sent to the user.

Configure the push OTP rejection policy on the STA Token Management console, in the Policy > User Policies module.

• Apply—Active when the policy is modified.

• Cancel—Clears any uncommitted change to the policy and closes the module.

• Change Log—Displays a list of the last five changes to this policy as follows, including the date and time of each change, changed by operator ID, and the value that was specified.

• Alert user on OTP push notification rejected—If checked, an alert regarding the user’s account that a push notification was denied (from the user’s device) will be sent by email to the user.