The Equation security model is designed to ensure that users are authenticated, actions are authorised and all activities are audited. Authentication is the process used to establish that a user is who they claim to be. In Equation, the standard level of authentication is carried via user identifiers and passwords. Additional levels of authentication, for example using security tokens and biometrics can also be used. Once authenticated, users’ actions are authorised and controlled ensuring that users only see what they are authorised to see, and only access the system functions they are authorised to access. Users are grouped into role profiles or types, and the level of access for each type is configurable.

With Equation’s fine-grained security and control system, the bank can:

• Restrict access to enquiries and updates;
• Limit the ability to carry out inter-branch transactions;
• Define procedures for authorisation of error and exception conditions;
• Apply limits to debit and credit transactions for individual users;
• Apply debit and credit authorisation limits.

Equation provides extensive journaling facilities, in that all system activities are logged in sufficient detail to reconstruct events as they occurred. In most cases, activities are simply logged, however Equation can be configured to raise alarms if specific situations occur.

Equation can be configured to operate in situations where technical expertise is limited, and where user access needs to be strictly controlled. In addition to the standard security features provided by the technology platform, Equation offers an extensive set of additional controls which govern access to the system and the underlying data.