An Integrated Payments Strategy Through 3SKey
by Andrew Owens, Managing Director, Global Payments, SunGard
Ensuring the integrity and security of payments is a major priority for every company, with considerable progress made in recent years. Building a secure, robust and automated payments process involves a series of elements, of which one of the most recent, and important, is 3Skey for personal digital signatures on payments and other transactions. This article looks at how 3SKey is used by corporations, the benefits, and its role as part of a wider payment security strategy.
Elements of an efficient payments environment
Centralisation of payments processing through a payments factory or shared service centre (SSC) is often an important first step by implementing consistent payment and approval processes, making the best use of specialist resources and leveraging a single technology environment.
The second major step for companies is to rationalise their bank communications technology in order to limit the number of proprietary electronic banking systems that are in place, minimise the interfaces that need to be maintained and standardise security mechanisms. In many cases, particularly (but by no means exclusively) amongst larger multinational corporations, treasurers and finance managers are replacing their proprietary banking systems with SWIFT, a bank-neutral robust, secure communications platform that allows companies to connect with multiple banking partners through a single channel.
A final step in companies’ payment security strategy is to secure individual payments and payment batches, to ensure that each has been approved by one or more authorised individual(s) in accordance with their security rights. A highly effective way to achieve this is using 3SKey, SWIFT’s personal digital signatory capability. This can be used to replace individual bank tokens with a single token that can be used to digitally sign payments through SWIFT or through banks’ proprietary systems.
Securing payment transmission
When sending messages and files over SWIFT there are several means of ensuring that transactions are not tampered with or intercepted en route. In addition to the inherent security and resilience offered by the SWIFT network, payment files sent from a corporate to its bank through SWIFT’s file-based communication protocol FileAct can be encrypted and ‘signed’ to validate that the file has originated from the company itself. This ensures that the integrity of file contents are protected and that the receiving bank can be sure of the sender’s identity at an organisation level.