Anti-fraud

Anti-fraud tools adapted to your needs

Your treasury and financial transaction management program must ensure the security of your data, whatever your organisation and the geographical scope of its activity. In particular, the authentication of users and their rights, as well as order validation procedures, must be sufficiently stringent for your needs.

Video security
Play Video about Vidéo sécurité

Allmybanks offers the following anti-fraud features:

User authentication

The access to Allmybanks is secured by a strong authentication. To login, the user must enter two strong factors of authentication from the following three: something they know (like a password), something they own (like a FIDO key) or something they are (like facial recognition).

We offer many ways of authenticating in Allmybanks: our clients are free to choose between the two factors they want to use.

Biometrics

It’s possible to access to our applications thanks to biometric recognition. With a suitable camera or a fingerprint reader, easily scan your face, your iris or your fingerprint to connect to Allmybanks.

FIDO key

It’s a USB key-like that contains a unique encrypted identifier. Easy to find commercially and to use, you only have to plug it after having paired it to your Allmybanks account to login. You don’t have to renew it.

Login and password

The combination login+password is another way to access our software.

Authentification grid

In Allmybanks, user authorisations allow you to limit authorised transactions for a user or group of users. The number that has to be entered and the digits on the keypad change with each connection.

Digital certificate

The personal digital certificate is a digital identity document. It contains identification information and cannot be falsified. It’s issued by a recognised authority (ex: SWIFT, Certinomis, etc.).

Authorisations

Dans le logiciel Allmybanks, les habilitations d’utilisation permettent de limiter les transactions autorisées pour un utilisateur ou un ensemble d’utilisateurs. Authorisations are defined for:

  • Financial instruments (bank account, intercompany account, financing, and so on)
  • Transaction types
  • Action types

The software uses the idea of a profile to assign rights to a user based on a standard profile saved in the system. The administrator and all persons who have user creation and modification rights can manage set-up rights independently (creating or deleting users, preferences, accounts, and so on.) They can create or edit users and their rights without seeking confirmation from anyone else. As soon as a user logs in, they have immediate access to the functions they are authorised to use. Equally, if the administrator deactivates some or all of the functions for a user, this deactivation takes effect immediately. The administrator’s actions may also be subject to the validation of a security administrator (see “Rules for managing the reference database” below).

Managing signing authorities and the order validation workflow

Managing signing authorities within Allmybanks can be configured on three levels:

  • Groups of signatories, comprising those persons with the same level of authorisation to validate and sign orders
  • Validation ceilings, setting the amounts a particular signatory is authorised to validate (or sign for if the digital signature is activated)
  • Signature rules, which define, for a specific range of amounts and type of order, the type and number of validations and signatures needed for the remittance to be sent to the bank

When you have defined the workflow rules that correspond to your requirements, they are automatically applied to every remittance entered online or sent from your management software.

Individual digital signature

In Allmybanks, files can be signed individually with a digital signature (X509 certificates, 3SKey type) by authorised signatories before being sent to the bank.

When the file is signed (on PC or Mac), Allmybanks verifies that the certificate is the same as the certificate designated in the profile of the signatory.

The bank receives a signed file (by one or two signatories), and its processing chains can then check whether the signature certificate conforms with the payment authorisations saved in its own information system.

These signature certificates can be obtained from a certification authority or from one of your own banks.

Rules for managing the reference database (4 or 6 eyes)

Allmybanks offers the choice of partial or total monitoring of your database by one or more security administrators (the 4 or 6 eyes principle).

This means that any changes to the most sensitive data in your database will require the validation of one or more designated supervisors. Such changes include:

  • Creating and modifying users
  • Creating issuing accounts
  • Creating issuing companies
  • Creation and modification of third-party accounts

Traceability and log

Of user actions

Allmybanks automatically generates an audit trail of actions performed by users in the software. This log, which is time and date stamped, shows all user actions in chronological order and lists the public IP address, as well as the details of actions carried out by each user.

Of transactions sent

Allmybanks automatically generates a log of the actions carried out by users of the application. Allmybanks can receive the following: PSR, ACK, ARA, DLV. Whether you use the EBICS banking communication or SWIFT protocols, the status of your orders is automatically updated in AMB Connect thanks to the receipts sent by your banks.

Of parameters

The Allmybanks payment and treasury management software contains a book of rights and signing authorities, as well as a list of account parameters.

Third party control

Allmybanks interfaces with our partner platforms Trustpair and Sis ID to monitor your third parties at all stages of your payments.

This feature aims at detecting fraudulent bank accounts within your payment files (SEPA transfers, international transfers).

When validating your remittances, Allmybanks connects to the platform you have subscribed to in order to check the bank details of the third parties and display the result of the checks directly in Allmybanks.

Contactez-nous

Contact us