CFT Platform 1

Platform 1 is a technology platform for the systems of CFT.

Platform 1 is the platform for different information systems of Bank, capable to work with high transaction loads, thousands of users, millions of documents and accounts. Platform 1 is the instrumental platform of new generation, own development of CFT company.

Advantages

Possibilities of parametrization

• The system core is designed in such a way that setup of bank functionality is implemented by administrative tools. Bank specialists have an opportunity "program", quickly configuring such parameters of a system as user interface customizations, technology chains of document flow, applied algorithms and parameters of operation, depending on business needs.

Integration

• In a basic unit of a system the universal gateway of export/import of data in different formats which provides ability to integrate with different external applications, processings and information systems is implemented.

The centralized data model

• In CFT Bank the single database is the cornerstone of information storage system thanks to what the full integration at the level of data storage is provided. Due to use of uniform storage a system allows to work at accomplishment of any transactions with all information accumulated in it.

Modular structure

• Possibilities of the instrumental platform allowed to implement a system by the principle of modularity of components, each of which is focused on the solution of a certain circle of tasks (the main banking activities of client service, analytical accounting and the reporting, strategic management by bank, etc.). At the same time the technology provides the centralized storage of basic data and "frictionless" work of different information systems of bank. Modularity allows a solution architecture variation for support of business of bank of any scale and a type of activity.

• Use in the system of functional modules provides to bank an opportunity to use only those modules which are necessary at the moment. Division into functional modules is in close dependence on the main product number of bank. In process of expansion of a range of the executed transactions the possibility of step-by-step accumulation of capacities of a system due to connection of new modules is provided.

Scalability

• The solution provides almost unlimited scalability. It is especially relevant for the banks planning active development of retail business as lifts limits for opportunities is information a banking system, irrespective of scales of a branch network and volume of transactions.

Organization of a security system

Ensuring logical integrity of data

• The integrity of data is guaranteed by mechanisms of the Database Management System (DMS). The consistency of bank information is provided that it is possible to modify data in a system only by means of the registered transactions, access directly to tables DBMS is prohibited for users.

Management of an operation mode of users

• The operation mode of users and the rule of formation and also change of passwords, are defined by the system utility which is a part DBMS Oracle.

Determination of access rights of the user to information

• Access control system in solutions on the basis of Platform 1 - a superstructure over an access control system DBMS Oracle. It is constructed, proceeding from the following principles:

• Ensuring necessary level of flexibility and detailing of access control of users to information resources of a system. For these purposes any element of banking business (transaction, the report, the table for viewing data, etc.) has the identifier and can be appointed to the user individually. If the identical rights are necessary for a user group, they are entered to one functional group;
• Implementation of a system of access on server side that the user could not get access to information resources the Platform 1 "around" of a control system of access, using the software for work with DBMS Oracle, other than the client place of Platform 1.

Magazines of change of data in a system

Audit of actions of users in a system is conducted by means of the following magazines:

• Runtime journal of transactions. Any action for data modification can be reflected in the magazine if the administrator of bank model defined it as requiring journalizing;
• Distributions of user rights;
• Changes of values of details. Any of details of a banking system can be defined as journaling. All change history of values of this detail is in that case stored;
• History of change of statuses of objects, first of all payment documents. Magazines are autocompleted by the corresponding system functions. Users, whose actions are logged, cannot delete record from magazines. All magazines have sign (or level) journalizing.

Use of special means for data protection

• Cryptographic information protection, transferred on public data transmission channels. A possibility of protection of intra bank documents using the EDS (the EDMS – electronic document management).
• Use of ID cards of the client.
• Possibility of flexible approach, individual solutions and recommendations about creation of the protected document flow according to needs and opportunities of specific bank.

Electronic digital signature

For application of means of the Electronic Digital Signature (EDS) in Platform 1 the Control system of electronic document management (e-document flow) is created. The EDMS represents the second circuit of protection of financial information providing elimination of threat of abuses of the Administrator of access and the Administrator of an application model.

In the Platform 1 System E-DOCUMENT FLOW works at a basis of Regulations of e-document flow which describe conditions of passing of documents on lifecycle stages - to state changes of the document in processing. The document passes into each following status only in the presence of necessary and enough authentic EDSs of participants of document flow.

During the work with documents the EDMS on the basis of contents of the document and secret key of the user creates the EDS of the user (operator / controller / accountant). The EDS guarantees not only establishment of authorship of the document, but also confirmation of the right of the user to commission of certain actions in a System: creation of the document, control, wiring of the document.