Finastra takes the security of the Non-Public Personal Information (NPPI) data very seriously. The data security put in place for Servicing Director provides very strong encryption of user credentials. This article includes a brief description of the technology and process used for the encryption, and benefits of implementation.
Servicing Director uses RC4 encryption with an MD5 message digest algorithm. Encryption is used solely for user credentials. An encryption key is hard-coded in a Servicing Director .dll file and used to encrypt the credentials. User credentials are hashed, encrypted, and stored in a shared memory location that can be accessed when loading different Servicing Director modules, so users do not have to log in again when opening a different module.
For borrowers, CSS uses a salted triple DES algorithm to encrypt user credentials in the session string. Salts are stored in the Service database for CSS access.
For tellers, CSS uses the same encryption method as SD encryption. This is because a teller is actually logging in with credentials created in SD. Borrowers will not be able to log directly log into SD, and will use CSS credentials.
Encryption Technologies
Databases can be encrypted using Microsoft SQL native Transparent Data Encryption (TDE), which offers encryption by the server which hosts the Servicing Director databases. TDE performs real-time encryption and decryption of the data so your Microsoft system administrator can implement it, and control the creation and maintenance of keys and certificates, and our Servicing Director product would not be aware of the encryption. Use your Microsoft support resources for more information about how to implement and manage TDE.
If your financial institution desires network transmission encryption, there are many generally available hardware / software solutions your Microsoft system administrator can implement in your environment to provide that encryption / decryption between points of transmissions.
ArticleNumber:
000053867