RSS
Логотип
Баннер в шапке 1
Баннер в шапке 2

Quorum. Protection of packets of electronic messages for the core banking system

Product
Developers: Quorum
Date of the premiere of the system: 2017/08/08
Last Release Date: 2017/12/20
Branches: Financial services, investments and audit
Technology: Cybersecurity - Means of enciphering

Content

The universal solution on protection of packets of electronic messages for the core banking system allows banks to use during the work with any core banking system the means of cryptographic information protection (MCIP) according to regulations which are set for operation of the software of the software package "The Automated Workplace of the Client of the Bank of Russia New" (KBR automated workplace PC H).

The solution is available both as a part of the core banking system of development Quorum, and as the autonomous utility.

2017

It is upgraded by software for exchange with the Central Bank

On December 20, 2017 Kvorum company announced creation of release of the software product for exchange of electronic messages with the Bank of Russia (BR) according to the regulations set to BR.

The release represents the core banking system-independent full-function environment which is meeting all requirements to installation process of the electronic signature of the sent electronic payment and information messages and having the developed user interface.

Functionality of the module includes loading of the separate electronic messages (EM) and packets of ES from automated systems of bank with simultaneous incoming formatno-logical inspection on compliance to XML schemes of Unified format of electronic banking messages. Information transfer between the systems of bank and the module can be executed by file exchange through the system of the selected directories or on the basis of message queues with application of the middleware of the class Message Oriented Middleware (IBM MQ).

In addition to loading from external systems the structure includes a component for creation and editing any of more than hundred operating types payment and office information messages directly in the module. Screen forms for input and editing separate electronic messages and packets are generated dynamically on the basis of the metadata which are contained in XML schemes of Unified format of electronic banking messages. In case of change of formats of the existing messages or emergence new it is enough to users of the module to update a set of the corresponding XSD files.

On the basis of the data which are contained in XSD files and in the reference book "Code Values of Details ES" (document Unified format of electronic banking messages), the module automatically controls formats and values of the entered attributes, checks filling of obligatory fields.

For more difficult logical control the special library of the rules defining conditions of filling of attributes of messages, regulations of formation of packets of messages, an assignment order to fields of messages of values by default and other conditions is a part of the module. For example, using similar rules it is possible to set prohibition on inclusion more than one message with ED462 type in "A packet of ES for transactions with cash (PacketCash)". Or when forming response message ED244 to autocomplete elements of "The Details EPS Explaining a Request (EDDefineAnswerInfo)" attribute field values of primary payment document concerning which the request arrived. This approach provides decrease in labor costs and reduction of quantity of the errors arising when entering electronic messages.

In the module requirements of the Central Bank for protection of electronic messages with ispolzovany the protective codes (PC) and the code of authentication (CA) are in full implemented.

In the module a number of the functions intended for monitoring of a flow of the entering and outgoing messages is implemented. For example, the module allows to monitor receipt of the incoming requests requiring the obligatory answer from bank or to control receiving replies to the requests which are sent by bank. Control of "lifecycle" of messages is exercised on the basis of status model which reflects a current status of each message or a packet, since the moment of its creation and finishing with acceptance to execution in divisions of the Bank of Russia.

Access for users to functions of the module is provided according to a role model which can be configured according to the internal regulations adopted in specific bank.

The module is implemented on platforms DBMS Oracle and MS SQL.

The technology corresponds to the regulations described in Information messages of the Interregional Information Processing Center (IIPC) of the Bank of Russia No. 3 of 1/19/2017, No. 17 of 1/24/2017, No. 58 of 6/5/2017 and No. 94 of 10/27/2017 and keeps order of use of protective codes and codes of authentication in option of protection of electronic messages according to the document of the Bank of Russia "The unified formats of electronic bank messages. Protection of electronic messages (Paketov ES)".

Announcement of the solution

The Kvorum company announced on August 8 development of the universal solution intended for protection of packets of electronic messages during the work with any core banking system.

Specialists Quorum performed a complex of works on "embedding" in the core banking system of own development of means of cryptographic information protection for protection of the electronic messages sent to the Bank of Russia and also created the autonomous core banking system-independent utility with similar functionality.

In both candidate solutions the full range of requirements to the procedure of the electronic signature when sending payments regarding installation of the protective codes (PC) and codes of authentication (CA) on packets of electronic messages is implemented or on single electronic messages. Two independent circuits of check of the invariance of details are provided: a circuit of formation of the electronic message and putting of ZK and also a circuit of control of details of the electronic message on compliance of ZK and installation of CA on a packet in general. When installing ZK and CA canonization and normalization of XML-images of documents according to requirements of an automated workplace of KBR in N is made.

Completions are executed according to Information messages of the Interregional Information Processing Center (IIPC) of the Bank of Russia No. 3 of 1/19/2017, No. 17 of 1/24/2017 and No. 58 of 6/5/2017. Order of use of protective codes and codes of authentication in the option of protection of electronic messages described in the document of the Bank of Russia "The unified formats of electronic bank messages is kept. Protection of electronic messages (Paketov ES)".

File:Aquote1.png
With release of a new solution the Kvorum company provided complete technology readiness for use of KBR automated workplace PC H not only for the clients. Now any bank using the core banking system of any vendor after installation of our autonomous utility will be able to pass to use of KBR automated workplace PC H almost instantly — the commercial director of Kvorum company Igor Vinogradov said.
File:Aquote2.png