Understanding Payment Security
Because payments contain sensitive information, access to them should be restricted so that users can access only the payments that are needed to fulfill their job function. For example, a user whose job is to process payments for Payables should have access to only those payments that are associated with the Payables application. To address this issue, the Financial Gateway system enables an administrator to specify which types of payments users can view or process.
On all payment search pages, the payment security functionality limits the list of prompt values for secured fields to only those that meet the defined security-rule criteria. The prompt values are determined based on the rule definitions that are assigned to a given user or role.
The setup involves an administrator enabling the functionality and creating security rules that define what payments can be accessed. Next, the administrator assigns rules to user IDs or roles so that when users attempt to query payments, only those payments that comply with their assigned rules appear. Payment inquiries, whether online or in a report, filter out payments that are based on the requesting user and the criteria that are specified for them based on their user ID or their role.
This diagram defines the steps and related application pages that are necessary for setting up payment security. The Security Options page, where payment security is enabled and a user ID or role is designated. You then select the Security Rules page, where you establish rules based on the previously selected security options. Once the security rules are established, you move to either the Payment Security User Assignment page, if user ID was selected on the Security Options page, where the security rules are assigned to a user ID, or to the Payment Security Role Assignment page, if role was selected on the Security Options page, where the security rules are assigned by role.
Steps and related application pages that are necessary for setting up payment security
