The security of your multi-banking treasury management

The security of the Exabanque software is our priority. We constantly strive to improve it in line with changes to standards and best practice in order to guarantee you the right level of security regarding:

  • Access to your Exabanque environment
  • Exchanges of information between Exabanque and your banks
  • Data storage 

Protect your data with Exabanque

Exalog guarantees you security at every level.

Know more Fold up
Confidentiality

The exchange of data between your computer and the Exabanque software over the internet complies with the security recommendations issued by the ANSSI (the French Network and Information Security Agency). Your data is therefore encrypted in accordance with the TLS/SSL standard, which means they are encoded so that no other system can read them. The TLS/SSL protocol is designed to protect the confidentiality and integrity of communication between the Exabanque server and software customers. 

 

Exabanque also has an authentication certificate. This certificate, obtained from an international certification authority, enables your browser to verify the sending server's identity when exchanging information with Exabanque.

 

Know more Fold up
Data integrity

The data saved in Exabanque are stored in two data centres that are ISO 27001 certified (the top level of certification for information security, which ensures that your data are fully protected) and ISO 22301 (the top level of certification for business continuity).

 

In order to guarantee you 24/7 availability, there is redundancy for all the equipment used (servers, hard disks, power supplies, high-speed connections etc.) A backup of your data is realised in real time on a backup server. Therefore, the duplicate system guarantees that none of your data will be lost in the event of a failure.

 

Know more Fold up
Independence

You are the owner of the data saved in the software. So you can export these at any time, without needing to involve an Exabanque technician.

 

Since your data are saved in the software program rather than on the websites of your banks, you need not worry about data migration if you decide to change your bank. You will keep this information and your history in Exabanque.

 

How can Exabanque help you strengthen your security?

In Exabanque, managing access rights and authorisations enables you to monitor closely who uses the software and the authorisations attributed to your users. With an unlimited number of possible users, you can create as many authorisation profiles as you need. Thanks to action traceability you can monitor closely all transactions carried out in the software. The digital signature enables you to make payment validation secure.

Find out more about payment security by downloading our white paper for free...

 

Know more Fold up
Authentication

How can I connect securely to Exabanque?

 

Exabanque offers you a choice of several authentication solutions, according to your requirements.

 

Each user can be authenticated in the Exabanque program in the following ways:

 

  • Digital certificate:

The personal digital certificate is a digital form of identification. It contains identification information and cannot be forged. It is issued by a recognised authority such as SWIFT, Certinomis, etc.

 

  • Login/password & authentication grid:

After entering their login and password, users are asked to click on a virtual keypad (the authentication grid) in order to enter a random code, which changes every time users log in. To find out which code should be entered, the user refers to the code list which was given to them personally following their first login. Without these three forms of identification, it is impossible to access Exabanque.

 

In addition to these two authentication systems, Exabanque can limit access to the application by IP address.

A range of IP addresses can be defined for each user from which they are authorised to log into the application. If these settings are not activated, the application will monitor the location of each connection to the software by default. Exabanque will detect an unknown IP address and require the user to reconfirm their identity by entering a security code.

Know more Fold up
Authorisations

How can I define my users' access rights?

 

In Exabanque, you can register as many users as you wish. Each of them has their own login details. Each therefore has their own login information. You assign an authorisation profile to each user.

 

For each profile, the administrator defines the scope of user activity (authorised functions, database access, approved bank accounts, and so on). They can therefore precisely control the rights of each person with access to the application.

 

The administrator is independent in managing the set-up rights (creating or deleting users, preferences, accounts, etc.) They can add or modify users and their rights without the need for confirmation from anyone else. As soon as a user logs in, they can access the functions for which they have been authorised. Equally, if the administrator deactivates some or all of the functions for a user, this deactivation takes effect immediately.

 

Know more Fold up
Traceability

How can I monitor my users' activities?

 

Exabanque offers full traceability of which actions users have carried out. The administrator can therefore quickly find out accurate information about the origin of any action.
All remittances sent are saved online for a minimum period of 60 days. Histories can be viewed and printed. 

 

Know more Fold up
Payment validation

How can you validate your payments?

 

To validate your payments made with Exabanque, you can either:

  • Digitally sign your remittances from within Exabanque, using the digital signature (EBICS TS). So when the software sends your file to the bank, it is accompanied by your validator's personal certificate. This is the most secure way to validate your payments.
  • Sign your payments on your bank's website
    Find out more about the digital signature...

 

Whichever method you choose for signing (in Exabanque or on your bank's website), Exabanque offers you the option to add an additional security step by using validation "by click" in the software. This internal validation allows you to confirm that the payment has been inspected (by your accountant for example), before the signatory is asked to sign it.
 

Exabanque also allows you to set validation limits by user. This is the maximum amount that a signatory is authorized to validate or sign.

Know more Fold up
Third-party control

Exabanque interfaces with Sis ID and Trustpair third-party control platforms to audit your beneficiaries directly in the application and fight further against fraud.

 

This optional feature allows you to detect fraudulent bank accounts through an audit of payment files and beneficiaries registered in the database.

The electronic signature in Exabanque

The digital signature via EBICS TS is the more secure way to validate your payment orders. It is simple and free to use in Exabanque. Please be aware that since the end of 2016, the banks gradually refuse orders validation made by fax. To validate your payments, you must use the digital signature in your payment management software or sign on the website of each of your banks.

Find out more about the digital signature...

 

Download our "Payments security" white paper

What actions can be implemented to reduce the risks associated with your payment orders?

 

Payment order scams are on the rise, and  fraudsters are incredibly imaginative in the methods they use to achieve their aims. The “Payments security” white paper describes the actions to implement in order to significantly reduce the risks associated with payment orders.