CA
Authorization Centre

Process management
in your organization
and much more

Authorization Centre is proprietary software created by Softax that is used to centrally manage processes in an organization. For many years, it has been supporting the largest institutions in Poland.

Due to the high flexibility and individual character of the software we create, the proposed solution can be used in many ways. CA platform is perfect for medium and large organizations, regardless of the profile of their activity. It supports various business processes, simplifies the work of consultants in the Contact Centre and operators in the Back Office. In addition, it facilitates control and supports the security of the institution and the data stored in it.

The presented solution can be implemented in a full, comprehensive form or with a selected part of the functionality. The system meets the requirements of the European Payment Services Directive 2 (PSD2).

CA is a stable and reliable system that successfully supports many large organizations, regardless of business profile.
We always put security first.
Implementation
Implementation with the help of Softax team specialists can take place in the cloud or using traditional methods.
Support
We offer support and a 24/7/365 stability guarantee.
Offer
We guarantee tailoring the product to your needs and technical infrastructure.

Many functionalities
in one place

Thanks to the latest technologies, Softax Authorization Centre is a fully complete and scalable platform that will be tailored to the needs, requirements and currently existing systems in the organization, without the need for costly infrastructure development. The multitude of implementations and experience of our specialists have enabled us to create a fully functional, efficient and secure system. Below are the mechanisms that our product meets:
Access authentication
Customer access control to transaction systems
Control of employees' access to systems in the organization
Access control to physical resources in the organization
Verification of employee permissions
Defining secure key vaults
Secure data storage
Granting permissions
Authorization of operations
Maker-checker procedures support
Digital certificate support
Public Key Infrastructure technology

Access Channels

For the authentication and authorization process, CA platform uses access channels created for this purpose, i.e. applications that are the user interface, or places where user authentication is required.

The list of supported access channels depends on the organization's structure and is one of the elements of system parameterization. CA allows you to choose different methods of authentication and authorization for individual access channels. Similarly, this applies to the attributes of individual access channels (e.g. status or validity of an access channel) that are handled independently. At the access channel level, CA tracks and controls failed authentication and authorization of operations. It is possible to enable rules related to automatic blocking of access to a given channel after a specified number of errors and temporary blocking of access without the need for operational unblocking.

Authorization Centre
Capabilities

Permission support
Multi-party authorization
SSO support
Each user, depending on the assigned role in the system, should have a defined scope of permissions. Most often in the case of an individual customer, a simple model is used, and in the case of a corporate customer - very extensive. CA enables servicing different types of clients thanks to the application of the authorization model based on the Access Control List (ACL) mechanism. Permissions allow you to define what types of activities the customer can perform on a given object. The platform enables the User to independently manage, adjust and modify parameters. An additional functionality is the ability to define profiles (permissions group for a specific group of users). This significantly facilitates the management of these collections.

More features

Limit support

  • Quota limits
  • Quantitative limits
  • Periodic limits

Multiple login identifiers

  • Authorization Account identifier
  • Additional identifiers (e-mail, phone number)
  • Any identifier given by the user

Work schedule support

  • Temporary system access restriction
  • Configurable range of days and hours
  • Defined for a given access channel or user

Customer self-management

  • Current authorization tool
  • Login method
  • Active access channels
  • Limit values
  • Additional access restrictions

Access control based on IP

  • Control of the user's workplace
  • Protection against account scanning

White/black list

  • Blacklist support
  • Whitelist support
  • Integration with anti-fraud systems possible

Employee management

CA system mechanisms described above that are available to customers can be successfully applied to employees of the organization. An example is the use of access control functionality based on the IP address, or securing access to individual services using a hardware token or SmartCard. This solution works well for employees associated with customer service (Contact Centre or Back Office) as well as for all others for whom authorization of access to company resources can be introduced with the help of Authorization Centre. CA product is characterized by a wide range of possible applications in the institution.
Access passes
Access Management
VPN Support
Directory services
Substitution mechanism

Access passes

Authorization Centre uses the mechanism of assigning passes to user accounts, i.e. individual sets consisting of an identifier and password for additional systems that operate in the organization. This solution is used when the Application Programming Interface (API) of a given system requires employee's own authentication.

Passcards replace operations on external systems. All activities are public and enable auditing by each employee. Thanks to this solution, a specially created technical account has access to all login and authorization attempts. An additional functionality is the ability to set permissions in one central place, even for many systems in the organization.

Dedicated
administration console

Softax Authorization Centre provides the interface in the form of an administration console. Permissions management features include:

  • User management - adding, removing, blocking,
  • Setting the hierarchy of users in order to reflect the structure of cooperation, e.g. organization - partner company - partner company employee,
  • Managing user attributes, privileges and permissions
  • Creating profiles / roles that contain predefined permission sets,
  • Management of user authentication and authorization methods, with the possibility of assigning different methods to different systems,
  • Configuration of a typical user's work schedule,
  • Configuring notifications of successful, unsuccessful and unusual login attempts.

Public Key Infrastructure

Public Key Infrastructure (PKI) is a set of services that, in combination with procedures, are used to create, store, verify, use and revoke digital certificates. Softax's PKI solutions are compliant with numerous norms and standards.

RFC3280
PKCS#10
SPKAC
PKCS#11
RFC3369
RFC3211
RFC2560
RFC3029
RFC3161
PKCS#12
PEM
DER
PKCS#5
RFC3039
RFC4514
RFC3126

Authorization Centre provides PKI services including the functions of:

  • Non-qualified certificate management (issue, revocation, etc.),
  • Implementation of digital signatures using qualified certificates issued by Polish certification centers,
  • Time stamping using a qualified time source,
  • Electronic signature generation and maintenance,
  • CRL generation and distribution for issued certificates,
  • CRL processing for external certificates,
  • Encrypting and decrypting information using selected hardware solutions (HSM) or software libraries (Cryptographic Services).

Seamless integration
with other systems

The functionality of Authorization Centre is made available in the form of webservice in the Simple Object Access Protocol (SOAP) standard using the WS-Security extension, enabling other systems and applications to use the capabilities of the offered system. The scope of services includes most of the functions performed by CA:

  • Accounts and authorization channels management,
  • Permission management,
  • Authentication,
  • Authorization,
  • PKI services,
  • Digital certificate management.

CA in the IT architecture

ADVANTICA – comprehensive and reliable electronic banking system using the latest technologies. It consists of functionality designed for the organization and the client.

BPI – Business Integration Platform is an enterprise service bus for conducting convenient, secure and efficient data exchange between applications in the organization.

IFD – Interactive Fraud Detector is a proprietary tool for detecting and actively preventing abuse in the network. It guarantees high effectiveness and significantly reduces the number of attacks.

ICC – Modern IT platform ensuring contact between company service and its clients through various information distribution channels.

BMK – Bank Micro Kernel is a fully functional, integrated, modular and multi-currency banking system. Uses the latest information technologies.

IPS – New generation card and payment platform offering comprehensive support for card products and payment services. Enables support for contactless mobile payments.

Technologies

Environment
C++, Python, XML, Linux x86_64
Performance
Documented processing of millions messages and tens of thousands files per day
Distributed computing
Easy system scaling and rebuilding modules
Redundancy/Failover
In a distributed configuration, the system is resistant to failures of individual components
Uninterrupted reconfiguration
Changing parameters and changing the version takes place without interruptions in the availability of the service
Security
The use of comprehensive security mechanisms using leading security technologies
Do you want to manage processes in your organization more efficiently?