Safety

We care about our customers' security and continuously work on analyses and improvements regarding all security aspects of Betalkontroll™.

File communication

Payment files can be delivered in various ways. Here are a few examples:

Betalkontroll™ "Connect"
Local software installed at the customer's premises that seals and sends payment files to Betalkontroll™ with AES256bit encryption over http.

SFTP client
Betalkontroll™ provides an SFTP server where the customer has been given a login/password to be able to retrieve and/or submit files. The files are sent securely via SSH File Transfer Protocol.

SFTP server or FTPS server
The customer provides a login/password for their own (S)FTP(S) server where Betalkontroll™ can retrieve/submit files. The files are sent securely via SSH File Transfer Protocol or FTP over SSL.

Manual upload/download
Customers can manually upload/download files via Betalkontroll's web interface. Secure encrypted communication via SSL/https.

Communication – users

User interfaces, API calls from web browsers, etc. only use SSL (HTTPS), i.e., encrypted transmission.

File storage

After a payment file has been indexed in Betalkontroll™, you can choose between deleting the file or saving an encrypted copy of the file on the server (this is an account setting). This file is then protected by an asymmetric certificate in combination with access keys. This means that if the certificate is removed, the files cannot be read.

Storage of data

Each customer can choose to protect their own database with TDE encryption. This protection means that the database can only be read if you have access to the asymmetric certificate that protects the database. In other words, if someone gets hold of a backup file, it cannot be used without the certificate.

Username and password

Usernames are protected by the account's asymmetric certificate, and passwords are stored only as hashes. This means that usernames cannot be retrieved using the certificate, and passwords cannot be decrypted.

Data protection policy

We care about our customers' security and privacy. Our Data Protection Policy explains how we collect and use your personal data and what your rights are in relation to us.