The Coprocess System uses Roles based security to govern and control what a user has access to. This is in accordance with today’s best practice and as followed by Microsoft Windows for example.

The system is delivered with over 20 standard roles which cover all of the standard functions that any and all users might need. A user can be linked to many roles. In addition it is possible to create, modify and clone roles for a client’s specific needs.

4 Eyes

The Coprocess system comes with the (optional) ability to have 4 eyes approval on all changes to the system. 4 eyes approval is a standard technique used in many secured systems that requires a second user to approve any change made by another user. The system allows for 4 eyes to be activated for each table in the system. Therefore one can decide for example to activate 4 eyes for the bank instruction table. This would then require any change to a bank account (insertion, modification or deletion) to be approved by a second user before the change becomes active. Or another example is to activate 4 eyes for third party payments but not for Intercompany transactions.

The ability to approve a change is a permission which can be included or excluded from a role.

Single Sign-On

Single Sign-on (SSO) is an access control that permits a user to access our system without the need to login having been authenticated through their own central corporate authentication system. The Coprocess.Netting application provides two different SSO authentication modes:

  • LDAP: allows for a Single Sign-On through the client’s Active Directory. The application must be installed at the client and be part of the Active Directory.
  • SAML 2.0: allows for a remote Single Sign-On over the internet through an SAML-compliant Identity Provider. The application can be installed either at the client or in Coprocess hosting servers. SAML is an XML based protocol and is a standard for authentication and authorization between secure domains.

The benefits of SSO are:

  • Ease of Use. No need to login to Coprocess application. No need to remember password for the application.
  • Security: The user access is centrally controlled outside of the Coprocess application (for the whole group). Only users defined in the group authentication system can access the system. Similarly and very importantly when a user leaves the company they will be removed from the central authentication system as a matter of procedure and therefore automatically removed from the access to any corporate application including the Coprocess application.

Key Point: How many old users do you have still defined in your current netting system today? How big a security risk is this?

Secure File Transfer

Coprocess can deliver files via the SFTP protocol (SSH File Transfer Protocol). This has the following features:

  • File contents are encrypted.
  • The file is delivered and verified that it is delivered to the specified destination and
  • The file is checked that it has not been altered during transmission (even though it is encrypted it could have been altered making it unreadable when decrypted).

This can be used for delivery of any file, but is typically used for delivery of the payment file to the bank.

Audit Log

Coprocess logs all major events on the system and stores these in an encrypted table in the SQL database. Any change to any data by any users is logged; login and logout is logged; change of rates, modification of data, close period etc are all logged. The data stored includes when the event occurred, who made the change and which fields were changed from what to what. The user (with the appropriate role) has access to the Audit log. The User Interface on the audit log allows powerful searching and filtering so that they can find the events in question. The audit details are stored in perpetuity. (We will archive off the old audit data from the live database when it is more than 18 months old but we keep this data off line and it is available on request).

Two Factor Authentication (2FA)

This adds another level of security to the userid and password entry sign-on process. It utilises an authentication app (such as Google or Microsoft Authenticator) to create a second level to sign in. Once Coprocess has enabled the function on your database, the first time a user signs in they will receive a QR code, read this is the Authenticator app. From then on Coprocess will prompt for a 2FA key generated by the Authenticator app, whenever the user signs in.


Key Point: Have you ever wondered, when there is an incorrect rate in one of the currencies in the netting who changed the rate and when? With Coprocess you can go and look in the audit log and find out that in fact it was you who made the mistake – very bad for the ego, but oddly reassuring.

Submit to FacebookSubmit to TwitterSubmit to LinkedIn

Call us today for Free Trial

Europe & Asia
+41 22 311 1383

+1 888 279 2466

or click here

Free Trial

Request our Brochure

Europe & Asia
+41 22 311 1383

+1 888 279 2466

or click here

Request Brochure