SymXchange implementation blueprint for customer use
This blueprint is used to configure SymXchange for credit unions. The minimum Episys release currently supported is 2020.01.
SYSTEM Web Console
Certificate configuration
Network traffic between Episys and Banno uses the SymXchange HTTPS protocol. This requires a certificate to be generated and exchanged between the client systems.
Create a Key configuration and certificate to be used for your Banno SymXchange instance
- Log in to System Web Console.
- Navigate to Key Management > Key Store Configuration.
- Click the New Configuration button.
- At the
Name
prompt, enter a name for the new key configuration.- Ex: BANNO_SYMxxx (where xxx is the SYM number)
- At the
Description
prompt, enter a description for the new key configuration. - At the
Host SYM
prompt, select the SYM under which SymXchange runs. - Click Save.
- The new key configuration now appears in the key store configuration list.
- From the list, select the new key configuration.
- Tip: The new key configuration may be on the second or third page.
- Click the Key Stores tab.
- Click the Open Key Store icon next to the key store.
- Click Create Key.
- At the
Alias
prompt, enter an alias.- Ex: banno_symxxx (where xxx is the SYM number)
- At the
Days of Validity
prompt, type 3650. - At the
Key Size
prompt, select 2048 bits. - At the
Common Name (CN)
prompt, enter a name.- Ex: symx.<CU_Name>.local
- Ex: symx.<CU_Name>.local
- Remaining fields are not required but can be filled in if desired.
- Click Create.
- The new key alias now appears in the key store.
Export the Public Key from the Banno instance
- Log in to the System Web Console.
- In the System Web Console window, select Key Management from the menu list.
- The Key Store Configuration List pane appears.
- In the Configuration Name column, select the key configuration created for Banno.
- Select the Key Stores tab, and then click the Open Key Store icon.
- The Key Management pane appears.
- Click the Export icon.
- The Export Key dialog box appears.
- Leave the
Private Key Password
prompt blank. - At the
File Name
prompt, type a relevant name. - At the
File Format
prompt, click the drop-down arrow, and then select PEM. - Click the Export button to save the .pem file to your local drive.
- Upload the certificate to the Banno Implementation/Update jSource case.
- Important: You must upload the file to a secure internal access point. Send the file using a secured method. Do not use email.
Create a Certificate for ECAAS
- Log in to System Web Console.
- Navigate to Key Management > Key Store Configuration.
- From the list, click the Banno key configuration created previously.
- The key configuration may be on the second or third page.
- Click the Key Stores tab.
- Click the Open Key Store (folder) icon to the right of the key store.
- Click Create Key.
- At the
Alias
prompt, type ecaas_id_provider. The alias must be ecaas_id_provider. ID cannot be changed to the sym number. - At the
Days of Validity
prompt, type 3650. - At the
Key Size
prompt, select 2048 bits. - At the
Common Name (CN)
prompt, type ECAAS. - Leave any remaining fields empty.
- Click Create.
- Click the button in the Trust column for the ecaas_id_provider entry.
- The following message appears:
Trust key result: Successfully copied certificate.
- The following message appears:
Import Banno’s Public Certificate into SymXchange and ECAAS
- Log in to System Web Console.
- Navigate to Key Management > Key Store Configuration.
- From the list, click the Banno key configuration created previously.
- The key configuration may be on the second or third page.
- Click the Key Stores tab.
- Click the Open Trust Store (folder) icon to the right of the key store.
- Click Import.
- Click Choose, and then navigate to the file containing the Banno-provided certificate.
- Click Upload.
- A dialog box appears with the public key in .pem format.
- At the
Alias
prompt, enter service_banno.- The alias must be service_banno.
- The alias should be all lowercase without spaces.
- Click Import.
- The public certificate now appears as part of the trust store.
SymXchange web services configurations
Enable services for SymXchange Instance Services Configuration:
Service | Version |
---|---|
AccountService | |
EcaaService | |
EpisysInformationService | |
FileManagementService | |
FindByService | |
PowerOnService | |
TransactionsService |
SymXchange Instance Device Mapping Configuration | |
---|---|
Device Type | BANNO |
Device Number | 20 + CU 3-digit # |
Client Number | Use first available for Instance, usually 0 |
SymXchange Instance Web Server Configuration | |
---|---|
HTTP(s) Port Number | Any available |
Protocol+++ | https |
Key Configuration Name+++ | Select from dropdown |
Key Alias+++ | Select from dropdown |
Add White List IPv4 Addresses |
+++ Requires Certificate Configuration to be completed first in order to make selection.
SymXchange Instance Details Configuration | |
---|---|
Number of SymXchange Web Service Posters | 15 |
SymXchange Parameters
SymXchange Client Parameters
The following SymXchange Client Parameters are a small list of parameters that should be set, however, it is the CU’s responsibility to ensure remaining SymXchange parameters are reviewed to confirm that they’re set up according to their policies:
Parameter Name | Setting |
---|---|
Client System User Number | _Set accordingly_ |
Client System Name | SymXchange – Banno |
Report Title | SymXchange – Banno |
Administrative Password | CU Preference |
Use HB Password? | Yes |
Allow PIN FM? | Yes |
Credit Card Masking Method | 1 |
Transaction Source Code | _Set accordingly_ |
Inv Attempts Before Frozen | 20 |
FM in Posting Journal | Yes |
Review ALL Past Due Days Parameters | _Set accordingly_ |
Review ALL GL Parameters | _Set accordingly_ |
Services for Transfer In, Out, Withdrawal and Deposit | _Set accordingly_ |
Maximum Response Fields | 10,000 |
Maximum Specfile Lines | 10,000 |
Maximum All Field Count | 10,000 |
ODT/ODP settings | _Set accordingly_ |
Service operations
Enable the specified credential(s) for the SymXchange per Operation Credentials Parameters for each method(s):
Service | Record | Operation | Credential(s) |
---|---|---|---|
Account | Account | getAccount | Home Banking, Admin Password |
Account | Account | getAccountSelectFieldsFilterChildren | Home Banking, Admin Password |
Account | Account | updateAccountByID | Home Banking, Admin Password |
Account | Card | searchCardSelectFields | Home Banking, Admin Password |
Account | Card | updateCardByID | Home Banking, Admin Password |
Account | EFT | createEft | Home Banking, Admin Password |
Account | EFT | deleteEft | Home Banking, Admin Password |
Account | EFT | getEftListSelectFields | Home Banking, Admin Password |
Account | EFT | getEftSelectFields | Home Banking, Admin Password |
Account | EFT | updateEftByID | Home Banking, Admin Password |
Account | Loan | getLoan | Home Banking, Admin Password |
Account | Loan | getLoanListSelectFields | Home Banking, Admin Password |
Account | Loan | getLoanSelectFieldsFilterChildren | Home Banking, Admin Password |
Account | Loan | updateLoanByID | Home Banking, Admin Password |
Account | LoanTransaction | getLoanTransactionPagedListSelectFields | Home Banking, Admin Password |
Account | LoanTransfer | createLoanTransfer | Home Banking, Admin Password |
Account | LoanTransfer | deleteLoanTransfer | Home Banking, Admin Password |
Account | LoanTransfer | getLoanTransferListSelectFields | Home Banking, Admin Password |
Account | LoanTransfer | getLoanTransferSelectFields | Home Banking, Admin Password |
Account | LoanTransfer | updateLoanTransferByID | Home Banking, Admin Password |
Account | LoanTransfer | searchLoanTransferPagedSelectFields | Home Banking, Admin Password |
Account | Name | getNameListSelectFields | Home Banking, Admin Password |
Account | Name | searchNameSelectFields | Home Banking, Admin Password |
Account | Name | updateNameByID | Home Banking, Admin Password |
Account | Preference | createPreference | Home Banking, Admin Password |
Account | Preference | searchPreferenceSelectFields | Home Banking, Admin Password |
Account | Preference | updatePreferenceByID | Home Banking, Admin Password |
Account | Share | getShare | Home Banking, Admin Password |
Account | Share | getShareListSelectFields | Home Banking, Admin Password |
Account | Share | getShareSelectFieldsFilterChildren | Home Banking, Admin Password |
Account | Share | updateShareByID | Home Banking, Admin Password |
Account | ShareHold | createShareHold | Home Banking, Admin Password |
Account | ShareTransaction | getShareTransactionPagedListSelectFields | Home Banking, Admin Password |
Account | ShareTransaction | searchShareTransactionPagedSelectFields | Home Banking, Admin Password |
Account | ShareTransaction | searchShareTransactionSelectFields | Home Banking, Admin Password |
Account | ShareTransfer | createShareTransfer | Home Banking, Admin Password |
Account | ShareTransfer | deleteShareTransfer | Home Banking, Admin Password |
Account | ShareTransfer | getShareTransferListSelectFields | Home Banking, Admin Password |
Account | ShareTransfer | getShareTransferSelectFields | Home Banking, Admin Password |
Account | ShareTransfer | updateShareTransferByID | Home Banking, Admin Password |
Account | Tracking | searchTrackingSelectFields | Home Banking, Admin Password |
EpisysInformation | getGeneralEpisysInformation | Admin Password | |
FileManagement | downloadDataFile | Admin Password | |
FileManagement | uploadDataFile | Admin Password | |
FindBy | findByHomeUser | Admin Password | |
PowerOn | executePowerOn | Home Banking, Admin Password | |
Transactions | transfer | Home Banking, Admin Password | |
Transactions | withdrawFee | Home Banking, Admin Password |
PowerOns and Letterfiles
All available Banno feature PowerOn® specfiles and letterfiles can be provided by a SymXchange Analyst. Specfiles must be uploaded to the SYM, installed for demand use, and entered in the SymXchange Common Parameters for the SymXchange Instance using the Individual Specfile Load Method.
Required
The following PowerOn® specfiles are required for standard Banno features:
- BANNO.ALERT.TRANSACTIONS.V1
- BANNO.ALERT.TRANSFILE.V1
- BANNO.NT.ENROLLMENT.V2 (only required for NetTeller clients)
- BANNO.PENDINGTRANS.IQ.V3.POW
- SYMX.GETMISCPARAMS.BANNO
- BANNO.TRANSFERLIST.V6.POW
Optional
The following PowerOn® specfiles and letterfiles are for specific optional features that are not part of standard Banno services and will require the credit union to open a support case with Banno to assist with additional configurations.
PowerOn | LetterFile |
---|---|
BANNO.CDRENEW.V1.POW | BANNO.CDRENEW.V1.CFG |
BANNO.CHANGE.ADDR.V1.POW | BANNO.CHANGE.ADDR.V1.CFG |
BANNO.LOANPAYMENT.SKIP.V1.POW | BANNO.LOANPAYMENT.SKIP.CFG |
BANNO.LOAN.PAYOFF.V1.POW | BANNO.LOAN.PAYOFF.V1.CFG |
BANNO.ODTOPTIN.V1.POW | BANNO.ODTOPTIN.V1.CFG |
BANNO.NEWSUBCREATE.V1.CONFIG | |
BANNO.NEWSUBCREATE.V1.POW | |
BANNO.CHECK.WITHDRAW.V1.POW | BANNO.CHECK.WITHDRAW.V1.CFG |
BANNO.DATABASE.CHECK.V1.POW |
Change Log
Date | Document Action |
---|---|
10/18/2023 | Moved Database Check PowerOn from required to optional |
02/06/2023 | Added Create a Certificate for ECAAS section for Token Authentication |
12/02/2021 | Added searchLoanTransferPagedSelectFields in anticipation of the Loan Transfer record support project |
— | — |