Submit a new question for the FAQ

    Frequently-Asked Questions [FAQ]

    Any privacy concerns with using a QR code? How does the system protect privacy?

    The QR code on cards is safe to be read by anybody: it contains no private information directly, only a code that looks like this:

    {“indhash”:”JOHN_SMITH_3629604423″}

    This information is used by our system to look up information about the individual. Without access to the system, the code itself has no meaning.

     

    Access to our system happens via regular user authentication (user ID & password) over a secure connection (protected by an SSL certificate). This prevents “man in the middle” attacks and ensure that only those users with administration credentials for the school have access to private information associated with individuals.

    How do updates get from High5.ID into the SIS?

    In the ‘data’ section, administrators will find tools to export data and/or pictures from High5.ID.

    The data is written out as columns in a text file, which can be imported into any SIS that supports CSV/Excel import.

    Can you export from the High5 Database?

    Yes: we support an expanding set of options…

    • Data only – all the fields we know about individuals, in a CSV file
    • PSPA CD – an index.txt file and associated images in a zip that conforms to the “PSPA Standard” for yearbooks
    • All Images – a zip containing images only
    • … more to come! Contact us to request the addition of a specific format.

    What if the school doesn’t want to provide email or phone numbers?

    Schools can choose to broadcast a ‘generic link’ to students via any means they have (email, social media, other apps…).

    Parents & students visiting a generic link will see school-specific branding and be asked to identify themselves using the school’s choice of authentication method:

    1. Student Number
    2. Student Number + Birth Date
    3. Name only, chosen from a list (suitable for populating district staff ID pages, for example)

    Once authenticated, students & parents can take Selfies for their ID; they can also optionally fill in contact details (phone & email) that the school may not otherwise have access to.

    What happens if new individuals are added while export is going on?

    Suppose you have an organization with 5000 individuals. You click ‘export to PSPA’, which starts a fairly lengthy export process. While waiting for the resulting exported file, “something changes in the database” (for example: a new individual is added, or a photo is taken for an existing individual). What happens?

    The moment you click ‘export’, a copy of the database and images is made. This process is instantaneous. The export is done on the copied database and images.

    So, changes that happen to the real database do not affect the cloned database (and your exported content will not reflect those changes).

    How long does export take?

    There are two factors:

    • How big your organization is
    • How much work is in the export queue ahead of you

     

    When you choose ‘export’ (to PSPA, for example), our server adds adds your request to a queue of export jobs. This means that you do not have to wait for the export process, or worry about closing your browser window – all the processing happens “in the cloud”, so you don’t need to watch progress bars.

    The jobs in the queue are processed ‘first in first out’. This means that if you have a small job, but are queued behind somebody with a huge job, your job will still take time to be processed. It’s hard to estimate how long you will need to wait.

    A large organization, when it gets processed, can take several tens of minutes. As an estimate, exporting an organization holding 2000 individuals takes about 30 minutes.

    Once I have started a photo kiosk, how do I get back to the admin panel?

    If you have been logged in as an organization and started the photo kiosk, then you will find it tricky to get back to the admin panel.

    This is intentional.

    The use case for a photo kiosk is:

    • A school will set up a laptop in a gym/art room/etc so that students can self-service to take their photos (e.g. they don’t have access to a phone or internet at home, so they have to do it at school).
    • The yearbook advisor logs into the school admin panel and starts the kiosk.
    • The kiosk runs unattended, without adult supervision.

    This is “a one-way trip” – we don’t want kids to hit ‘back’ or similar, to get to the school’s admin area.

    So we made it purposefully obscure to get from the kiosk back into the main admin area.

    Details are shared with teammates privately.

    Can I pre-load a database with last year’s images, and have selfies replace the old images with new?

    When you import images into High5.ID, they are automatically set as approved.

    So if you only import, then individuals who have ‘last year’s images’ will be told ‘your image is already approved” when they try to take a selfie.

    To enable these individuals to overwrite the old images,

    1. Import the images + data for the school
    2. Export the data (“everything”, so it’s easy to find the image approval status column)
    3. Edit the exported file: Set that column to “not yet reviewed” for all students
    4. Re-import the data

     

    Now you have [old] images for everybody, with the status set to “not yet reviewed.”

    … which means that people following the DIY Capture links will be allowed to take photos, and those photos will replace the existing last-year images.

    What encryption is used to protect student credentials?

    High5.ID stores sensitive information: student numbers, phone numbers, emails, date of birth, etc.
    We are bound by regulations and common sense to provide the best possible protection to ensure that this data remains confidential.
    To do this, High5.ID provides industry-standard protection against unauthorized collection of data.

    The places where data needs protection are:

    1. “At rest”: data stored on the server
    2. “Transfer”:  the time of transfer from our server to a client device.

     

    At rest:

    We use Google Firebase and Firestore to store student data.
    Firebase encrypts the data at rest using the 256-bit Advanced Encryption Standard (AES).
    Additionally, each encryption key is itself encrypted with a regularly rotated set of master keys.

    Reference link: https://cloud.google.com/firestore/docs/server-side-encryption

     

    At the time of transfer:

    Communications with Firebase are secured using an https secure connection; data is secured while transfer using Transport Layer Security (TLS).
    This prevents “man in the middle” attacks, so we know that only authenticated users are able to pull information from our database.

    What password policies are supported?

    High5.ID supports the following password policy preferences:

     

    1 Maximum Password Age policy Passwords must be chosen anew each 12 months
    (e.g. once per academic year)
    2 Minimum Password Length policy Organizations can choose:

    • Minimum length (int)
    • Maximum length (int)
    3 Password Complexity Requirements policy Organization can choose:

    • none
    • must include at least one number
    • must include at least one special character
    • must include at least one number and at least one special character

    The choices for #2 and #3 can be different for admin accounts (eg. With access to the administrative panel) and end users (e.g. students & staff).

    Does High5.ID support SSO (single sign on)?

    If you would like High5.ID to integrate with the SSO services provided by another vendor, then please contact us to let us know which service matters to you. Use the chat window at the side of this screen – tell us both the name of your organization and the vendor you would like us to integrate with.

    What SIS platforms does High5.ID integrate with?

    High5.ID is both a sink and source of data.

    Setting up your organization within High5 involves building a database of known individuals. While you can do this manually, adding individuals one-by-one, it’s simpler to import a text file (a CSV) that includes common fields like first name, last name, personal information numbers, etc. High5 provides simple & powerful tools to map columns in your CSV to known fields, which makes it straightforward to important data written by any SIS that supports exporting.

    As High5.ID gets used, it collects information such as contact email & phone numbers for guardians and students. This information is provided by end users and is typically far more up-to-date than the data that was provided by the SIS in the first place; schools frequently want to get this ‘clean’ data out of High5 and back into their SIS.

    Of course, High5.ID is also used to collect photographs for ID or yearbook portraits, which are important to get into the SIS in order to have complete student records.

    Fortunately we provide powerful export tools to ensure that you can get information out of High5 in a format that your SIS can use.

    Preset support for various SIS systems is provided out-of-box: Aeries, Power School, Synergy, Infinite Campus, and Zangle. The standard “PSPA” yearbook CD format is also available. Power users can go deeper and configure their own exports with control over advanced preferences controlling file naming, how individuals without ID numbers are handled, image specifications, etc.

    If you would like to see an export preset added for a new SIS, simply let us know and we’ll make it happen.

    We have received some requests for more-profound integrations with SIS systems, where we would get and set data “live” as we collect it – for example, with school or classroom attendance, or changes to homeroom assignments synchronizing between High5 and the other system.  If this is of interest, please contact us to let us know which SIS matters to you. Use the chat window at the side of this screen – tell us both the name of your organization and the vendor you would like us to integrate with.

    How do I export a list of people who do / do not have photographs?

    Here’s a video demonstration: link

    1. go to database tools
    2. click ‘export…’
    3. click ‘choose’ to pick individual to export
    4. filter to show only individuals who have / do not have photos present, click ‘select all’ to select all matching that filter, then click ‘export selected’
    5. configure the export to save data only, not images. Choosing the ‘data only’ preset is a fast way, although this will export a LOT of unnecessary columns for this task.
    6. click ‘start’

     

    Can you retake a selfie? How?

    As long as your photo has not been reviewed & approved by staff at your organization, “yes!”.

    You can retake photos as many times as you like; just follow the invitation link that was sent to you, or find yourself in your organization’s High5.ID login page.

    Staff members at your organization review photographs and can approve or reject them.

    Approved images can’t be replaced with new photos. Rejected and not-yet-reviewed images can be replaced.

    So, “just try it”: if your image has already been approved, you’ll see a message explaining that you can’t take a new one, no harm done.

    Where do I find my digital ID?

    Best Case: Save a shortcut before you lose it.

    • Let’s say you received a link to take a selfie for your ID. With that done, you were asked to choose a password… and then you were shown your Personal Landing Page, which includes a link to your Organization ID (that is, a student card / staff badge / employee badge / trade show lanyard / etc).
    • The best case is that at the moment you saved High5.ID to your home screen.
      • On Android you’ll see a popup button offering to do this with a click.
      • On iOS, because Apple, you need to click the ‘share’ button and choose ‘add to home screen’.

    Second best case: click the link you got from your organization.

    • Organizations might have sent you a link to take your selfie by email or SMS. That link will still work if you tap it again.
    • If your photo has already been approved then you’ll be taken straight to your personal page login screen. If your photo wasn’t approved yet, then you’ll be asked to take another selfie. Won’t hurt.

    Fail safe: use the High5 website to find your school.

    • If you don’t have High5 saved to your home screen, or a link from your school, then you can always go here:
    • You’ll be asked to enter your school name.
    • Once you’ve found your school, you’ll be asked to enter your name and/or student number and/or date of birth.
    • When done, you’ll be directed to your personal home page.

     

    How do I change the spelling of my name on my Digital ID?

    For students at schools, the master database is the school’s “school information system”. High5.ID cannot make changes in that master database, it can only reflect information given to us by the school. If a student’s name is spelled incorrectly, this should be fixed by the student’s guardian working directly with the school.

     

    For visitors and parents, and for other organization types, consult with the receptionist at the organization; they will be able to update your name in the High5.ID system. Your ID will update immediately.

    Will data be lost if I import an updated csv (say, with late-joining students) into an existing organization?

    Everything will be fine: High5.ID works as you hope it will.

    Scenario:

    • Import students.csv
      • Get 1000 records -> 1000 students created -> 1000 inds in DB
    • Import teachers.csv
      • Get 200 records -> 200 teachers created -> 1200 inds in DB
    • Edit one row of students.csv to modify a kid’s name
    • Import students.csv
      • Get 1000 records, but only 1 update -> 1 student updated -> 1200 inds in DB
    • Add one row to teachers.csv to add a new teacher
    • Import teachers.csv
      • Get 200 records, but only 1 new entry -> 1 teacher added -> 1201 inds in DB

    In sum, “existing data will only be affected if the CSV  you are importing changes the value of a column for a given individual”

    How do I un-reject an image?

    If you change your mind after rejecting one or many images, you can always get things back as they were.

    An image’s state (not yet reviewed, approved, rejected) is just “information attached to the image” – the actual image is not deleted when you reject it – and you can always change that state.

    • If you know which individual you need to edit:
      • Go to data, find that individual, and click ‘details’.
      • You’ll see the photo at the left of that individual’s details page (with a big red ‘x’ if it has been rejected).
      • Right below the image is an ‘image approval’ control – click it to change the image from ‘rejected’ to ‘approved’.
    • If you want to see all rejected images:
      • go to data, and click the ‘photo’ filter on the left.
      • You’ll be able to search the database for individuals whose photos are “present but rejected”, for example.
      • This will give you a list of all individuals, making it easy to find & restore the ones you accidentally rejected.
    • If you want to bulk un-reject all images:
      • Go to ID Essentials > Review & Approve   (or Yearbook tools > Review & Approve), and approve all images.
      • Then go right back to Review & Approve; it will notice that there are no unreviewed images and offer to reset the state of all images.

    How do I extend the yearbook deadline?

    The deadline is checked each time an individual follows a link to the yearbook capture page.

    So, if you change that date, it affects everybody who tries again after you make the change.

    • Log into the admin page for the school
    • Go to Yearbook Tools > Setup
    • Find the “Last day portraits will be accepted” field
    • Click in the text edit and choose a new date
    • Click ‘save’ on the left.