To ensure maximum security, SambaAccess includes the following technological
SambaAccess uses a state-of-art
128-bit encryption technology to
scramble data exchanged between the
system and SambaAccess users.
Secure Socket Layer (SSL) and secured servers.
Use of DES Gold cards to generate dynamic password. A password is only valid
for one session. Every login to SambaAccess requires a new password for more
Usernames and passwords: Every user of SambaAccess is assigned a unique
username and a private PIN for authentication
In addition, procedural controls further protect the customers’ accounts and
transactions. These controls include:
Use of customer and user profiles: Each SambaAccess customer and user are
profiled by the bank at the customer request. The profile defines what
functions the user may access, what accounts the user may use, etc.
Use of authorization combinations: SambaAccess requires that all transactions
should be created by one user and verified/approved by one or two different
verifiers. This safeguards accounts against any errors in the transactions.
Function Access times: Users are allowed to access SambaAccess functions during
preset working hours as defined by the customer.
Recording of all activity of users and customers (Audit Trail): SambaAccess
tracks all the users’ actions and activities for each session. It provides the
capability to report on those activities, so that authorized users can view
Customer product limits: Each user is assigned a limit for each product, such
as account-to-account transfers. Users would not be allowed to exceed their
preset transfer amount.
Predefined beneficiaries: SambaAccess can be defined to restrict transfers to
certain beneficiaries only.
Idle time limits: As a security measure, SambaAccess will terminate the session
of any user who remains idle for fifteen (15) minutes. This prevents
unauthorized access to unattended terminals.