B2C Solutions
eArchive
Secure Statement Send
Group Access Control
Document Delivery
Check Payments
Credit Card Payments
PayNow
BillPay Assist
Customer Service Payments
Customer Payments Made Via Telephone
eDelivery Services
eLockbox Payment Services
Card Swipe Reader POS Attach
eInvoice Delivery
Secure Electronic Services
HealthCare Payment System
Special Options
B2B Solutions
Home   |   Site Map   |   Contact Sales

Gateway to customer service application

eArchive A Trusted Gateway For Customer Service Applications

The eArchive Trusted Gateway for Customer Service Applications is a special request feature that may be added to any eArchive Document Storage installation.
NOTE: Special request features are quoted separately and are not available with standard pricing. Special requests require sales engineering review to determine implementation requirements are adequately fulfilled.

Purpose

The eArchive Trusted Gateway allows external applications such as Customer Relationship Management (CRM) or Financial systems to retrieve documents from eArchive Document Storage without using the standard eArchive Customer Service interface. This is especially useful when an existing system is the primary customer service interface and the client is seeking minimum disruption to their current practices.

Benefits

  • Quick access to documents in the archive.
  • Reduces agent training requirements.
  • Easy to implement in both browser and client-server applications.

NOTE: The eArchive Trusted Gateway complements but does not eliminate the standard eArchive Customer Service interface . Some eArchive features, such as access to reports, ad hoc payment reporting, security control, activity tracking and other administration activities are only available through the standard eArchive interface.

Feature Specification Individual User Configuration

The eArchive Trusted Gateway uses URL (Uniform Resource Locater) parameters to request documents or launch payment requests. The gateway requires that each agent sign on to the eArchive service before calling for documents from the external application. This assures that the security structure of authentication and session control remain intact so information is not delivered to unverified sources. Subsequent document requests are secured using HTTPS / SSL links for access and by verifying the presence of a previously authenticated agent session (session cookies). A document request must seek documents that can be retrieved by unique key(s) and those the key(s) must be included as a standard eArchive index field. It is suggested that all URL parameters be created as colon separated strings and Base64 Encoded to make it more difficult to hijack a session.

Single Sign-on Configuration

The Single Sign-On Configuration supports systems that do not wish to predefine individual users and instead “pipe” all requests through a single user id and password. In this scenario, each individual document request carries a universal ID and password that when combined with the unique key field(s) provide sufficient authentication to complete the document retrieval request. A previously authenticated session is not required and session cookies are not used. Document requests are secured using HTTPS / SSL links for access and by verifying a user id and password, as well as, the domain name of the referrer. As above, a request must seek documents that can be retrieved by unique key(s) and those key(s) must be included as a standard eArchive index field. It is required that all URL parameters be created as colon separated strings and encrypted (MCRYPT_TripleDES with MCRYPT_MODE_ECB) to make it more difficult to hijack a session. Furthermore, the date/time must be included in the encrypted parameter list so that the appearance of the encrypted information varies. The time parameter will also form the basis of a mutually agreed time window. After the expiration of the time window, the request will be rejected. The time window is used to reduce the likelihood a URL parameter can be spoofed. The encrypted parameters must also be Base64 Encoded so they are successfully processed by a browser. Error messages, such as, user id and password denied or no document found are returned as PDF files formatted to contain a standard error message.

Additions to the Feature:
If an external interface to other eArchive capability is required, such as, credit card and eCheck payments, then a separate Change Control is required. Each biller, as uniquely identified in the system, requires a separate Trusted Gateway.

NOTE: A Change Control may result in changes to pricing and may also require fees for analysis based on the scope of the requested change.
About CTP Solutions | FAQ | References | Benefits | Privacy Policies | Location
Copyright © 2007 CTP Solutions, Inc.. All rights reserved