The security of your multi-banking treasury management
The security of the Exabanque software is our priority. We constantly strive to improve it in line with changes to standardsand best practice in order to guarantee you the right level of security regarding:
- Accessto your Exabanque environment
- Exchanges of information between Exabanque and your banks
- Data storage.
Protect your data with Exabanque
Exalog guarantees you security at every level.
The exchange of data between your computer and the Exabanque software over the internet complies with the security recommendations issued by the ANSSI (the French Network and Information Security Agency). Your data is therefore encrypted in accordance with the TLS/SSL standard, which means they are encoded so that no other system can read them. The TLS/SSL protocol is designed to protect the confidentiality and integrity of communication between the Exabanque server and software customers.
Exabanque also has an authentication certificate. This certificate, obtained from an international certification authority, enables your browser to verify the sending server's identity when exchanging information with Exabanque.
The data saved in Exabanque are stored in two data centres that are ISO 27001 certified (the top level of certification for information security, which ensures that your data are fully protected) and ISO 22301 (the top level of certification for business continuity).
In order to guarantee you 24/7 availability, there is redundancy for all the equipment used (servers, hard disks, power supplies, high-speed connections etc.) A backup of your data is realised in real time on a backup server. Therefore, the duplicate system guarantees that none of your data will be lost in the event of a failure.
You are the owner of the data saved in the software. So you can export these at any time, without needing to involve an Exabanque technician.
Since your data are saved in the software program rather than on the websites of your banks, you need not worry about data migration if you decide to change your bank. You will keep this information and your history in Exabanque.
How can Exabanque help you strengthen your security?
In Exabanque, managing access rights and authorisations enables you to monitor closely who uses the software and the authorisations attributed to your users. With an unlimited number of possible users, you can create as many authorisation profiles as you need. Thanks to action traceability you can monitor closely all transactions carried out in the software. The digital signature enables you to make payment validation secure.
Find out more about payment security by downloading our white paper for free…
Nous vous proposons plusieurs solutions d’authentification que vous pouvez choisir en fonction de vos enjeux.
L’authentification de chaque utilisateur au sein du logiciel Exabanque peut être faite par :
En plus de ces cinq systèmes d’authentification, Exabanque propose la limitation d’accès par adresse IP.
Il s’agit de définir pour chaque utilisateur les plages d’adresses IP à partir desquelles la connexion est autorisée. En l’absence de ce paramétrage, le logiciel effectue par défaut le contrôle de la localisation lors de chaque connexion. Si l’adresse IP de connexion est inhabituelle, Exabanque la détectera et l’utilisateur devra reconfirmer son identité via la saisie d’un code de sécurité.
How can I define my users' access rights?
In Exabanque, you can register as many users as you wish. Each of them has their own login details. Each therefore has their own login information.
For each profile, the administrator defines the scope of user activity (authorised functions, database access, approved bank accounts, and so on). They can therefore precisely control the rights of each person with access to the application.
The administrator is independent in managing the set-up rights (creating or deleting users, preferences, accounts, etc.) They can add or modify users and their rights without the need for confirmation from anyone else. As soon as a user logs in, they can access the functions for which they have been authorised. Equally, if the administrator deactivates some or all of the functions for a user, this deactivation takes effect immediately.
How can I monitor my users' activities?
Exabanque offers full traceability of which actions users have carried out. The administrator can therefore quickly find out accurate information about the origin of any action.
All remittances sent are saved online for a minimum period of 60 days. Histories can be viewed and printed.
How can you validate your payments?
To validate your payments made with Exabanque, you can either:
- Digitally sign your remittances from within Exabanque, using the digital signature (EBICS TS). So when the software sends your file to the bank, it is accompanied by your validator's personal certificate. This is the most secure way to validate your payments.
- Sign your payments on your bank's website
Find out more about the digital signature...
Whichever method you choose for signing (in Exabanque or on your bank's website), Exabanque offers you the option to add an additional security step by using validation "by click" in the software. This internal validation allows you to confirm that the payment has been inspected (by your accountant for example), before the signatory is asked to sign it.
Exabanque also allows you to set validation limits by user. This is the maximum amount that a signatory is authorized to validate or sign.
Exabanque interfaces with Sis ID and Trustpair third party control platforms to audit your beneficiaries directly in the application and fight further against fraud. This optional feature allows you to detect fraudulent bank accounts through an audit of payment files and beneficiaries registered in the database.
The electronic signature in Exabanque
The digital signature via EBICS TS is the more secure way to validate your payment orders. Available on PC and Mac, its use in Exabanque is simple and free. Since the end of 2016, banks refuse the validation of orders by fax. To validate your payments, you must use the digital signature in your payment management software or sign on the website of each of your banks.