Enhanced security offering the right protection for you with Allmybanks

Your treasury and financial transaction management program must ensure the security of your data, whatever your organisation and the geographical scope of its activity. In particular, the authentication of users and their rights, as well as order validation procedures, must be sufficiently stringent for your needs.

 

The Allmybanks software contains the following features to set up and monitor security:

Know more Fold up
User authentication

Allmybanks offers you a choice of several authentication solutions, according to your objectives.

 

The authentication of each user in the Allmybanks software can be carried out by:

 

  • Digital certificate:

The personal digital certificate is a digital form of identification. It contains identification information and cannot be forged. It is issued by a recognised authority such as SWIFT, Certinomis, etc. When this authentication solution is activated in Allmybanks, the user must present their personal digital certificate in order to log into the software.

 

  • Login/password & authentication grid:

After entering their login and password, users are asked to click on a virtual keypad (the authentication grid) in order to enter a random code, which changes every time users log in. To find out which code should be entered, the user refers to the code list which was given to them personally following their first login. Without these three forms of identification, it is impossible to access Allmybanks.

 

In addition to these two authentication systems, Allmybanks can limit access to the application by IP address. A range of IP addresses can be defined for each user from which they are authorised to log into the application.

If these settings are not activated, the application will monitor the location of each connection to the software by default. Allmybanks will detect an unknown IP address and require the user to reconfirm their identity by entering a security code.

 

Know more Fold up
Authorisations

In Allmybanks, user authorisations allow you to limit authorised transactions for a user or group of users.

 

Authorisations are defined for:

  • Financial instruments (bank account, intercompany account, financing, and so on)
  • Transaction types
  • Action types

 

The software uses the idea of a profile to assign rights to a user based on a standard profile saved in the system.

 

The administrator and all persons who have user creation and modification rights can manage set-up rights independently (creating or deleting users, preferences, accounts, and so on.) They can create or edit users and their rights without seeking confirmation from anyone else. As soon as a user logs in, they have immediate access to the functions they are authorised to use. Equally, if the administrator deactivates some or all of the functions for a user, this deactivation takes effect immediately.

 

The administrator's actions may also be subject to the validation of a security administrator (see "Rules for managing the reference database" below).

 

Know more Fold up
Managing signing authorities and the order validation workflow

Managing signing authorities within Allmybanks can be configured on three levels:

  • Groups of signatories, comprising those persons with the same level of authorisation to validate and sign orders
  • Validation ceilings, setting the amounts a particular signatory is authorised to validate (or sign for if the digital signature is activated)
  • Signature rules, which define, for a specific range of amounts and type of order, the type and number of validations and signatures needed for the remittance to be sent to the bank

 

When you have defined the workflow rules that correspond to your requirements, they are automatically applied to every remittance entered online or sent from your management software Find out more

Know more Fold up
Individual digital signature

In Allmybanks, files can be signed individually with a digital signature (X509 certificates, 3SKey type) by authorised signatories before being sent to the bank.

 

When the file is signed, Allmybanks verifies that the certificate is the same as the certificate designated in the profile of the signatory.

 

The bank receives a signed file (by one or two signatories), and its processing chains can then check whether the signature certificate conforms with the payment authorisations saved in its own information system.

 

These signature certificates can be obtained from a certification authority or from one of your own banks.

 

Know more Fold up
Rules for managing the reference database (4 or 6 eyes)

Allmybanks offers the choice of partial or total monitoring of your database by one or more security administrators (the 4 or 6 eyes principle).

 

This means that any changes to the most sensitive data in your database will require the validation of one or more designated supervisors. Such changes include:

  • Creating and modifying users
  • Creating issuing accounts
  • Creating issuing companies
  • Creation and modification of third-party accounts
Know more Fold up
Traceability and log
  • Of user actions

Allmybanks automatically generates a log of the actions carried out by users of the application. This log, which is time and date stamped, shows all user actions in chronological order and lists the public IP address, as well as the details of actions carried out by each user.

 

  • Of transactions sent

The inclusion of this feature means you will no longer need to contact your bank to find out the status of your remittances. Allmybanks can receive the following: PSR, ACK, ARA, DLV.

Whether you use the EBICS banking communication or SWIFT protocols, the status of your orders is automatically updated in AMB Connect thanks to the receipts sent by your banks.

 

  • Of parameters

The Allmybanks payment and treasury management software contains a book of rights and signing authorities, as well as a list of account parameters.