Security Aspects in the Business Online Branch

In our Business Online Branch, there are security aspects available, such as: 

1.         Roles for business operators:

• Administration: This role will be assigned to the user who performs administrative tasks such as creating operators, accounts, permissions, signature schemes, etc.
• Transfers approval: This role enables users to be part of a signature scheme to authorize funds transfers.
• Query: This role allows only the query without having authority to change, create or delete records.

2.         Profiles that limit access to one or more operators by enabling or disabling menu items and submenus transactions.

3.         Account permissions that are assigned to operators to provide the option to debit or credit only authorized accounts.

4.         Signature schemes in which is defined the way the funds transfer approval will be done, the option may be either individual or 2 or 3 people together.

5.         Working hour definition in which an operator cannot access the system after hours set to work.

6.         User keys are administered by an Active Directory Server that has its passwords change policies, their expirations and complexity, as keys with numbers and letters, between a size of 8 and 12, monthly expiration, uppercase and lowercase letters, etc.

7.         The files to make transfers must comply with a defined format which prepares transfer and must be authorized by the business operators as defined in signature schemes. Files are text, but can be digitally signed if companies have a valid digital certificate which is verified in Web application to not disturb original data.

8.         Accesses, loads of files, errors, and any other actions that the company´s operator performs are stored in logs to be consulted by authorized internal personnel.

If you have any doubts or would like to receive more information, please contact serviciosbancaelectronica@bancobcr.com