Will the service be as secure without a Smart Card and Smart Card Reader?
Yes – for Autopay Online Plus we’ve increased security at log-in. You’ll now enter two factors of authentication to access the system. These are:
Username and password
Code from your Multi-Factor Authentication (MFA) Key Fob.
The MFA Key Fob is a handy, portable token which increases security and ensures that Autopay Online Plus remains flexible, allowing you to access the system from anywhere.
Additionally, at the point of committing a payment, you’ll need to enter a code from your MFA Key Fob.
Previously you needed to tell BACS that you were making a payment using your Smart Card and Smart Card Reader. Autopay Online Plus does this for you using a Cloud Security Module. This is an industry standard method of authentication. Autopay Online Plus meets all the latest industry standards for Transport Layer Security to ensure that no one can alter your file as it is passed to BACS.
Can I use Hardware Security Model (HSM) with Autopay Online Plus?
Currently Autopay Online Plus does not support the use of an onsite Hardware Signing Module. However, all files sent to BACS using Autopay Online Plus are authorized by using your Multi-Factor Authentication Key Fob. Autopay Online Plus then connects to BACS via a Cloud Security Module.
If you require a Hardware Security Module (HSM) the bank can still provide sponsorship for use with alternative systems that utilise a Hardware Security Module.
Can I use Hardware Security Model (HSM) with Autopay Online Plus?
Currently Autopay Online Plus does not support the use of an onsite Hardware Signing Module. However, all files sent to BACS using Autopay Online Plus are authorized by using your Multi-factor Authentication Key Fob. Autopay Online Plus then connects to BACS via a Cloud Security Module.
If you require a Hardware Security Module (HSM) the bank can still provide sponsorship for use with alternative systems that utilise a Hardware Security Module.
What authorisation settings does Autopay Online Plus have?
Autopay Online Plus can be configured in a number of ways to meet the needs of your business.
You can set up multiple approvals within a payment profile and request for up to three people to approve a file before it is committed to BACS.
The Roles functionality, allows you to give one group of people access, for example, to a payroll payments profile and another group of people access to a supplier payments profile and then tailor the capabilities of each user with access to that profile
You can also choose to put controls around administrative changes by opting to have dual administration within Autopay Online Plus.
What does dual administration mean?
In Autopay Online Plus you can add additional security around the administration of your system through the dual administration functionality. This will require all administrative changes (such as adding/deleting users, setting/amending permissions) to be authorised by more than one person.
Does the Bacs security upgrade to SHA-256 impact me?
The Bacs security upgrade will not impact you providing you have moved before the migration deadline as Autopay Online Plus is fully SHA-256 compliant.