Your secure SEPA direct debits
The security of the Direct-debits software is our priority. We constantly strive to improve it in line with changes to standards and best practices in order to guarantee you the right level of security for:
- Access to your Direct-debits environment
- Information exchanges between Direct-debits and your banks
- Data storage
Protect your data with Direct-debits
Exalog guarantees you security on every level.
The exchange of data between your computer and the Direct-debits software over the Internet complies with the security recommendations issued by the ANSSI (the French Network and Information Security Agency). Your data is therefore encrypted in accordance with the TLS/SSL standard, which means that they are coded so a third party cannot read them. The TLS/SSL protocol was designed to protect and keep confidential communication between the Direct-debits server and software customers.
Direct-debits also has an authentication certificate. This certificate, obtained from the certification authority Thawte, enables your browser to verify the sending server’s identity when exchanging information with Direct-debits.
The data saved in Direct-debits are stored in two data centres that are ISO 27001 certified (the top level of certification for information security, which ensures that your data is fully protected) and ISO 22301 certified (the top level of certification for business continuity).
In order to guarantee you 24/7 availability, there is redundancy for all the equipment used (servers, hard disks, power supplies, high-speed connections etc.). A backup of your data is realised in real time on a backup server. Therefore, the duplication system guarantees that none of your data will be lost in the event of a failure.
You own the data stored in the software. You can therefore export them at any time without the intervention of a Direct-debits technician.
Your client data is stored in the software and not on the banks’ websites. So if you decide to change banks, you don’t have to be concerned about migrating your data. Your information and history will remain in Direct-debits.
How can you reinforce your security in Direct-debits?
In Direct-debits, managing access rights enables you to monitor closely who uses the software and your users’ authorisations. Thanks to action traceability you can monitor closely all transactions carried out in the software. The digital signature enables you to make payment validation secure.
How can I connect securely to Direct-debits?
Access to the Direct-debits software is secured by a user name and password. Without these identifiers, it is impossible to access the application. The password must contain at least 8 characters, with at least 1 number, 1 letter and 1 symbol.
By default, access to Direct-debits is blocked after 5 failed attempts to connect, or after the user has been inactive for 6 months.
How can I make my collections secure with the digital signature?
With Direct-debits, you can sign your SEPA direct debit remittances digitally. When your file is sent to your bank, it is therefore accompanied by your validator’s digital signature. A digital signature is the best way to make payment validation secure, as it cannot be falsified.
How can I limit my users’ access rights?
In Direct-debits, you can register as many users as you want. Each of them has their own login details.
The administrator defines for each user the area in which they can work (permitted functions, database access, approved bank accounts, etc.). They can manage precisely the rights of each person with access to the application.
The administrator is independent in managing the set up rights (creating or deleting users, preferences, accounts, etc.). They can add or modify users and their rights without the need for confirmation from anyone else. As soon as a user logs in, they can access the functions for which they have been authorised. Equally, if the administrator deactivates some or all of the functions for a user, this deactivation takes effect immediately.
How can I monitor my users’ activities?
Direct-debits offers full traceability of which actions users have carried out. The administrator can find out quickly and accurately where each action originated, whatever it may be.
All issued orders are saved online for 365 days. Histories can be viewed and printed. SDD direct debit and SCT transfer remittances can be exported as text or in banking format. The confirmation note and accompanying note may be edited in fax format.