Setting Up Payment Security

This chapter provides an overview of payment security and discusses how to:

Click to jump to parent topicUnderstanding Payment Security

Because payments contain sensitive information, access to them should be restricted so that users can access only the payments that are needed to fulfill their job function. For example, a user whose job is to process payments for Payables should have access to only those payments that are associated with the Payables application. To address this issue, the Financial Gateway system enables an administrator to specify which types of payments users can view or process.

On all payment search pages, the payment security functionality limits the list of prompt values for secured fields to only those that meet the defined security-rule criteria. The prompt values are determined based on the rule definitions that are assigned to a given user or role.

The setup involves an administrator enabling the functionality and creating security rules that define what payments can be accessed. Next, the administrator assigns rules to user IDs or roles so that when users attempt to query payments, only those payments that comply with their assigned rules appear. Payment inquiries, whether online or in a report, filter out payments that are based on the requesting user and the criteria that are specified for them based on their user ID or their role.

This diagram shows the steps and related application pages that are necessary for setting up payment security.

Application page flow for setting up payment security

Click to jump to parent topicActivating Payment Security

To define security user assignments, use the Security User Assignment component (PMT_SEC_USER_GBL).

To define payment security rules, use the Payment Security Rules component (PMT_SEC_RULE_GBL).

This section discusses how to enable payment security.

Click to jump to top of pageClick to jump to parent topicPage Used to Activate Payment Security

Page Name

Object Name

Navigation

Usage

Security Options

PMT_SEC_OPTIONS

Financial Gateway, Payment Security, Options

Activate payment security based on user or role and enable payment fields.

Click to jump to top of pageClick to jump to parent topicEnabling Payment Security

Access the Security Options page.

Enable Payment Security

The options are:

  • On: Select to activate payment security. When payment security is activated, payment security options can be used to more narrowly define aspects of payment security.

  • Off: Select to disable payment security. Doing so allows users that have access to the payment review and processing pages to access all payment information in the Financial Gateway.

Apply Rules Based On

If payment security is enabled, determine whether the security rules are enforced based on the user's identity or role. This is a system-wide option and is not based on business unit or SetID. In addition, it is not possible to base security on a combination of role and user; you must base it on role or identity.

Secured Fields

Lists the fields on which you want to base your system's payment security. For example, by enabling the BANK_ACCT_KEY field, you can then define a user's access to payment information based on specific bank accounts (on the Security Rules page), limiting them to payment information for only those accounts.

Fields not enabled on this page will not be available for selection in the Field Name field of the Security Rules page. The options are:

  • BANK_ACCT_KEY: Bank Account to which the payments are being sent.

  • BANK_CD: Bank code

  • BUSINESS_UNIT: Business unit.

  • CREATED_BY_USER: User that created the payment.

  • FROM_BNK_ACCT_NUM: The originating bank account.

  • FROM_BNK_ID_NBR: The originating bank's ID number.

  • PMT_SOURCE: Payment Source—application from which the payment originated.

Click to jump to parent topicCreating Payment Security Rules

The section discusses how to define security rules.

Click to jump to top of pageClick to jump to parent topicPage Used to Create Payment Security Rules

Page Name

Object Name

Navigation

Usage

Security Rules

PMT_SEC_RULE

Financial Gateway, Payment Security, View Security, Rules

Define payment security rules that can be assigned to users or roles.

Click to jump to top of pageClick to jump to parent topicDefining Security Rules

Access the Security Rules page.

Use the Sequence, Field Name, Operation, Value, Operator, and Open and Close fields to create rules that specifically define which payments are accessible to the roles or users to which the rules are assigned.

Use the open and close columns fields for parentheses around SQL statements.

Test Rule

Click to run a test on the validity of the rule's logic.

Click to jump to parent topicAssigning Payment Security Rules

This section discusses how to assign security rules.

Click to jump to top of pageClick to jump to parent topicPages Used to Assign Payment Security Rules

Page Name

Object Name

Navigation

Usage

Payment Security Role Assignment

PMT_SEC_ROLE

Financial Gateway, Payment Security, View Security, Role Assignment

Assign payment security rules to a role.

Payment Security User Assignment

PMT_SEC_USER

Financial Gateway, Payment Security, View Security, User Assignment

Assign payment security rules to a user.

Click to jump to top of pageClick to jump to parent topicAssigning Security Rules

Access the Payment Security User Assignment page or the Payment Security Role Assignment page.

Use this page to assign rules that define the payments to which the user will have access.