SEPA Files Transmission: Implementing security guarantees in enterprise resource planning systems

Abstract

The SEPA regulation has defined a set of technical and business requirements and common standards that any payment system must respect to be considered compatible with the Single Euro Payments Area (SEPA) project. The technical requirements and the mandatory nature set by the EU of joining the SEPA project require a set of adaptations to be made by companies in their business relationship with Payment Service Providers (PSPs), with particular emphasis on: adapting their Enterprise Resource Planning Systems (ERPs), often referred to as "ERP SEPA compliance", and the integration of secure C2B file transmission solutions, since a XML file is readable and editable. This paper describes a project developed at SBX Consulting targeting the implementation of security guarantees for the sending of SEPA files between a client company and the banking entities with which the company works. The security software solution developed addresses the encryption and hashing of the SEPA files and was integrated into the existing SAP system used by the company.