| |
| |
Payment
Solutions |
 |
|
|
|
As a web-native
solution, BizPay Direct has been
designed to be secure from all
possible standpoints. Our multi-pronged
strategy for handling this aspect
will ensure that the system access
is limited to authorized personnel,
during authorized timings, and
also to keep an audit trail that
can provide forensic detail of
any specific transaction or user
in a highly usable interface. |
| |
Transmission
Security |
Once an employer
has registered and set-up with
BizPay, the system would provide
secure, SSL-encrypted interface
to allow the employer and its users
to securely access the system from
remote locations. Accordingly,
we have implemented the standard
Secure Sockets Layer (SSL) protocol
to encrypt and secure all data
transmissions originating from,
as well as terminating at the site.
The SSL communications capability
is built-in to our transaction
interface, with all transmissions
encrypted with 128-bit keys. |
| |
Perimeter
Security |
In order to provide
a secure transaction environment,
it is important that the physical
network, where the web servers
are hosted, must also be sure from
outside attacks and hacking attempts
right at the network’s frontiers,
and within. Multi-layered perimeter
security is implemented at both
the hardware and software levels
and includes hardware/software
firewalls and establishing DMZ
to keep intruders out of the network
while allowing authorized applications
to use the resources in a secure
fashion.
In addition to the firewalls, perimeter
security also involves using standard
Access Control procedures to limit
physical access to the servers within
the Data Center. This tier is implemented
at the Data Center where the BizPay
servers are hosted. |
| |
Role-Based
Access |
The BizPay solution
includes a rigorous Role Based
Access Model that is centered on
the concept of ‘domains’ under
which each user ‘role’ functions.
The domains provide the context
within which each role will derive
its functionality and actions authorized. |
| |
File
Validations |
All ACH files
created in and uploaded to the
BizPay solution have to pass through
the Transactions Engine and it
is vital that the ACH files are
correctly formatted, contain valid
data and comply with NACHA guidelines.
Validation is accomplished by a
NACHA Compliance Validator that
reads each ACH file, validates
against a standard NACHA syntax
for ACH files, and approves or
rejects each file based on the
compliance score. |
|
|
|
|
|
|
|
|
|
|
| |
|
|
|
 |
|