How to renew a token?

Renew your token and certificate

The 3SKey tokens have a lifetime of 3 years* after they have been activated on the 3SKey portal, then they must be renewed. The renewal process must be performed between 3 months before the expiry date of the certificate on the token and the date of expiry.

For the renewal process you need to use a not activated token or to order a new token from your bank.

You will find the Renewal procedures in the Related information section on the right of this page.

There is no need to add the new token to the User group before following the renewal procedure.

*Note about the certificate lifetime: The lifetime of 3SKey business certificates issued between 15 June 2019 and 15 December 2019 is adjusted to less than 3 years. These certificates will expire between 10 May 2022 and 15 June 2022. This is due to the expiry in June 2022 of the SWIFT CA certificate that was issuing the 3SKey certificates before 15 December 2019. After 15 December 2019 the certificates are issued by a dedicated 3SKey CA certificate and are again valid for 3 years.

To know the expiry date of your current token please login to the 3SKey portal with your token and use the Key Information function which will display the "Issued" and "Expires" dates. The 3SKey administrators also have access to a “Manage User Group” page that shows the expiry date of all the tokens in the user group.

Administrators receive email notifications about tokens in their group that expire within the next 3 months. The notifications are being sent regularly until all tokens have been renewed or have expired.

Check that a not activated token can be used for a renewal

We recommend that you order your new tokens a few months before the expiry of your current certificates.

You can renew an expiring certificate on a not activated token that you already own, as long as it is still valid. Not activated tokens are valid for 5 years after they are fabricated, but can remain a few months in the stocks of your bank before they are distributed to you.

Note: The lifetime of not activated 3SKey certificates was temporarily reduced to 3 years between 27 May 2017 and 15 June 2019, and to less than 3 years between 15 June 2019 and 15 December 2019. You can quickly identify a not activated token that was issued before 15 December 2019 using its serial number, printed on the side of the token, which will be lower than 02968498. Not activated tokens issued after 15 December 2019 are valid for 5 years.

You can check the validity of a not activated token as follows:

  • Plug only the not activated token on a computer that has the 3SKey software installed
  • Right-click the Safenet Authentication Client icon in the notification area, and click on Certificate Information
  • Double-click the line that matches your certificate to display its validity
You can use a not activated token for a renewal as long as it is valid. The renewal will create a new business certificate valid for 3 years starting from the date of the renewal.

SWIFT © 2022