Architecture, Technology, Security and Audit Insurance Cloud by eASPAYB.com
INSURANCE CLOUD
by eASPAYB.com
SOFTWARE FOR SOFTWARE FOR
INSURANCE COMPANIES
English Version
Insurance Cloud by eASPAYB.com
¿What is eASPAYB Insurance? • eASPAYB is the result of the collaboration of a group of experts with more than 20 years of experience and participation in different insurance in Mexico, Central and South America. • eASPAYB Insurance allows you to automate all areas of the insurance business, designing your processes and controlling the service levels of the entire insurer’s operation, making your company stand out quickly and competitively through cost reduction and processes improvement. eASPAYB Insurance consists of • WorkFlow: Workflows based on the Business Process Strategy • ERP: Specialized for the Insurance sector including all the functionality of the business • CRM: Strategy based on the MAIN asset THE CLIENT Allowing operation by: • Security • Audit • Information Filtering
2
Insurance Cloud by eASPAYB.com
CARS DAMAGE BRANCHES OF ENGINEERING
ERP BUSINESS TRANSACTIONALITY
SURETY BOND
HEALTH
LIFE INVESTMENT FUNDS 3
Modules
4
5
InsuranceCloud Cloud Insurance by eASPAYB.com by eASPAYB.com
Security
Certificates Valid Website Domain Security Tokens
16 Cryptographic Metho 3 Levels of Security for
Valid Email Domain to L Access Perimeter IPs
Time Limit for NOT OPER
Profiled of ROLES AND and PORTAL DEFINIT
Additional Levels of WOR
- Faculties Tab - Limitation of - Event Notific
Limitation of access to M 6 6
Insurance Broker Cloud by eASPAYB.com
ods for use on Sensitive Data your PASSWORD Strategy
Login
RATING the System
D USERS basic access modules TIONS by users
RKFLOW Security
ble f Activities cations
MOBILE PLATFORM 7
Insurance Cloud by eASPAYB.com
AUTHENTICATION MECHANISMS The AUTHENTICATION METHODS are described below supported, as well as mechanisms for user recertification AUTHENTICATION Authentication to our Cloud Platforms can be done through two ways: • PRIMARY authentication through the users themselves and accesses generated in the PLATFORM • Single institutional authentication for access to various platforms or WEB applications (SSO)
8
Insurance Cloud by eASPAYB.com
RECERTIFICATION OF USERS As a security basis for access users there are various methods of security and control within the platform which are described below: Suspension of Users for Inactivity: Functionality that allows defining the period that a user must be suspended due to inactivity in their account, this is configurable by the administrator and will establish that a user without entering the platform for a certain time can no longer access it until the administrator asks for its activation or recertify using the SSO authentication process. Scheduled password change: The platform allows the functionality that tells a user to change their password every certain time or every certain number of accesses, this only applies to primarily authenticated users.
Accessibility perimeters: Authentication based on certain geographical accessibility perimeters, that is, it is allowed to configure that certain users only access the platform from certain areas or places, this is done through established and registered IP addresses for said users. Valid email allowed: Limitation that all users who access the platform do so only with accesses with valid domains allowed, example, @empresacom.mx. Limiting the use of personal emails for data registration or manipulation.
Token generation: The generation of secure tokens for the exchange of information between layers, generation of JWT (JsonWebTokens) between the View layer and the Services layer, as well as the creation of a unique key by the Back-End to be able to execute the rules of business by the service layer. These are temporary tokens, which are valid for a certain time and are generated by session created by each user. Allowing to authenticate the requests received by each layer.
9
Insurance Cloud by eASPAYB.com
DATABASE DataBase: Critical data and Sensitive information at the Database level
live encrypted with mechanisms standardized by Oracle with the utility DBMS_CRYPTO y UTL_RAW
Pack Feature
DBMS_CRYPTO
DBMS_CRYPTO it is managed by an eASPAYB utility. Called PQ_UTL_CIFRADO, who is the one that determines passwords and encryption methods.
Sensitive data about users, executives, advisors, clients, suppliers, reinsurers, general data of any person who has registration in the system are stored in an independent data file / schema (DF_CIFRADO) where your data is not encrypted. In the physical objects they are related by an identifier (ID_CIFRADO). Additionally, these data are physically controlled by generic triggers so that their registration is through utilities managed by eASPAYB. It does not allow alterations at low level.
10
Insurance Cloud by eASPAYB.com
Cryptographic Hash Functions Nombre
Descripción
Audit: There is an audit trail of all transactions in the system, these are stored at the database level in XML structures. This record is made since a user has access to the application, the options that he accesses and releases. Every change that a user makes through system processes or manually, a detailed audit is carried out through XML records. Or the criteria with which a user generates reports are also stored.
SSL Security Certificate: which allows us to have the communication channel between the Client and Server encrypted, allowing the information that travels from the Front-End to reach the Back-End Database layer in a secure and complete manner. At the User Interface level, every field is validated by means of regular expressions, both at the Front-End level and at the back-End level, to avoid code injections from the user interfaces.
11
Insurance Cloud by eASPAYB.com
Logins AUDIT
Access to Mo
Session Moni
TTransactional
Audit Reports Notifications That Exports
System Usag 12
12
Insurance Cloud by eASPAYB.com
odules
itoring
lity
s by SMS, Email and user Platform Information
ge Monitoring 13
Insurance Cloud by eASPAYB.com
ARCHITECTURE
TLS (HTTPS)
Security Tokens and Communication
A B
B
Users Connected by WEB Browser
F
TLS 1.2 Cert (HTTPS)
Communication Token with Authentication and Expiration
C D E
Dynamism
Security
A
Front End Communication Token - Browser Front End Communication Token: Rest API Communication Token RestAPI - BussinessLogic & Data
Presentation Layer
F
Front-End
-HTML 5 -Bootstrap -ECMAScript 6 with Frameworks: -TypeScript -Angular
I
Server App NodeJS with auth for domains valid
Middleware
G
14
RestAPI
-Java 8 with Frameworks : -Spring Framework -Spring Security -JasperReports -Maven
BackEnd - Data Layer
J
Web Server App Java
H
Oracle DataBase Serv
-Oracle -PL/SQL Bussiness Log -Encrypt Sensitive Data -Transparent Data Encr -PL/SQL Wrapping Cod
Insurance Cloud by eASPAYB.com
Scalability
Low-Cost maintenance
Token Valid Client
Token Security Comunication
C FRONT-END
Vanguard Technologies Token Business Communication
D G
E BACK-END
RESTAPI
WS
I
ver
gic a rypt (TDE) de
K
J
Infrastructure
I IJ K
Each layer can be hosted on servers different or one.
15
Insurance Cloud by eASPAYB.com
DRP
DISASTER RECO
Define a strategy and actions to be followed to re-establish the IT services (HARDAWE AND SOFTWARE) that allow the eASPAYB Insurance Cloud SaaS service to be provided in the face of any eventuality. Types of disasters covered:
ORDER OF RECOVERY OF EACH SYSTEM
16
Insurance Cloud by eASPAYB.com
OVERY PLAN (DRP) Plataformas Cloud
17
Insurance Cloud by eASPAYB.com
BACKUP SYSTEM BY SERVER
18
Insurance Cloud by eASPAYB.com
19
Insurance Cloud by eASPAYB.com
SUPPORT PROCESS AND ASSISTANCE
ROLES AND CO
20
Insurance Cloud by eASPAYB.com
TIMES OF UNAVAILABLE TOLERATED
OMMUNICATION PLAN LOW SEVERITY
• PM •-•••CLIENT • •••• •••• ••• • •• • • • • • • • • SUPERVISOR - CLIENT • ••• • • • • • •• • • •••••••••••• •••• ••• • •• • • • • • • •
• ••• • • • • • • •CLIENT • • •••••••••••• •••• ••• • •• • • • • • • • • OPERATOR
It can continue to operate and it is an exception not up to an hour controlled by the system at the business rule level It can continue operating and it is some exception up to an hour in labels, wrong message, some filter and it depends on the front-end layer. They are accesses and it depends on the up to half an administrator assigned by Client to be channeled hour immediately. MEDIUM SEVERITY The result of some query or report is not adequate.
• ••• • • • • • • •OF • • •• • •• • • • • • •• • ••••••••••••••••••••••••• • OPERATORS • • •• • • • • •• • • • • • • • • • • HELP CENTER Problems with scan registration and won't let you
up to two hours up to an hour
• ••• • • • • • •• • • •• • •• • • • • • •• • ••••••••••••••••••••••••• It has problems generating agendas and sending SUPERVISOR • • •• • • • • •• OF •••••••••••• emails
Up to an hour and a halfv
continue
•
HELP CENTER
• BRAND MANAGER
HIGH SEVERITY
• ••• • • • • • • •• • •• • • • • • • • • • • • • •The • • system • • • • •is not available due to technical network
• XPERTYS DIRECTOR
• ••• •• • • • • • •••••••••• • • •• •• ••••••••
problems The system reports inaccessibility to the Client's access page, it will be immediately reported to the Client's assigned administrator
up to three hours Immediate.
21
Insurance Cloud by eASPAYB.com
Advantages Internationalization
It allows international operations, through multiple nodes. Tropicalizing each one to policies and configuration of the country in operation. • Language
• Tax Regimes and documents
• Geographic locations
• General catalogs
• Coins
• Identification documents
• Theme • Labels
Platform WEB Vanguard in Technology • SOA architecture • Scalable to new functionalities • Secure Technologies o Angular
o Java
o Oracle
• Security token at each communication layer
Transactional System - Workflow Personalized workflows in each Business Area • Access Control by Event • Notification to Supervisors • Authorization Levels 22
Insurance Cloud by eASPAYB.com
CRM Specialized • Unique Client Strategy • Management module and administration of people in their different roles: Prospects
Business Partners (Reinsurers/
Customers
Coinsurers
Agents
Dependents
Adjusters/Investigators
Beneficiaries
Hospitals Providers
Marketing • Cross Market • External Database • Special Dates
Product Factory Parameterizable platform for the business area • Creation and Configuration of Types of Insurance and Technical Branches • Product Configuration and Update • Parameterize all Business Lines and their different insurance behavior in each operational module • Definition and Rules of Rates 23
Insurance Cloud by eASPAYB.com
Digitization of Information • Administration of digital space by operating module • Information compression for optimization of digital space
Information Filtering • Portal for Clients • Portal for Brokers, Agents • Management Portal for Directors and Middle Managers
Information Volumes Information flows in real time • Suitable for working massive loads in business flows • Real-time update of information
Help Self-taught system and Support System • Online help for each section of the platform • Interactive step-by-step guides to operating sections • eSupport online support system for attention and measurement of Service Levels SLAs 24
Insurance Cloud by eASPAYB.com
25
Benefits 26
Insurance Cloud by eASPAYB.com
Customer Loyalty That the client has a single click, his TOTAL information, of what you manage. It will provide an exclusive, innovative and fast SERVICE. Generating direct communication with your client from the WEB or MOBILE platform.
Increased Productivity and Profitability With measured results and precise objectives, loyal customers and automated operations, you will achieve better financial results with the same investment.
Operations Automation Working under clear processes, the platform will support you in automating, having control of each collaborator and measurement of times between the attention to the insured and the insurer
Constant Measurement of Results eASPAYB promotes in a dynamic way the continuous measurement of the goals, KPIs and results set by your Insurer
Notifications on Time Visualize in real time what is most important and take immediate action on the events that are most important to your Insurer, such as: Prospecting, Agenda, Portfolio Conservation, Maturities, Production, Birthdays, etc. Take advantage of our AUTOPILOTS module. 27
28
INSURANCE CLOUD by eASPAYB.com