Transaction authorization

Related sub-modules

Banking - Transfer types.

Description

Some transfer types require authorization before they can be processed. Only after the authorizing user has authorized the payment the payment is made. This submodule arranges all possible forms of authorizations.

Business rules

There are authorization levels, these levels determine in which order the authorizations are demanded beginning with the first level and finishing with the last level (e.g. if the receiver has the first level and the payer the second and a payment between them is made, first the status of the payment will be "pending receiver" and after the receiver has accepted the payment the status will be "pending payer". Finally, after the payer has accepted the payment, the status will be "authorized").

The following users can authorize a payment:

• Receiver, in this case the (destination) user receiving the payment will have to accept the payment. The receiver can authorize the payment by clicking on the "authorize" button in the pending authorization details.
• Payer, in this case the the payer (originator) will have to accept the payment.
• Broker, the broker of the member that made the payment will need to accept the payment.
• "Role", in the authorization roles overview page roles can be created. These roles can be assigned in the permissions of the administrator group. The administrator having a role can authorize a payment done with a transfer type in which the role is defined in the authorization level.

Per level multiple users can be selected, in that case both users can authorize the transfer in a certain level. When one of the users has accepted the transfer the other user doesn't need to accept it anymore.

For authorization, there are two general rules:

• When creating the authorization levels: an authorizer can only be inserted once, except for authorization roles. E.g. if a level allows broker, then no other level can also allow broker. This is not applied for roles, as there could be cases where more than one administrator needs to authorize a payment, but they both belong to the same role.
• The same user cannot authorize a payment twice, even if he has the roles (this from a security point of view).

A transfer always has the following status: Pending authorization Additionally it is stated that it is Awaiting authorization by

• receiver
• payer
• broker
• administrator (when there is a role assigned).
• or a combination of the above (e.g. "broker/administrator" or "payer/broker/administrator")

Notifications

See authorize payments

Page: Authorization roles overview

Security

Roles:

• Admin

View permission:

• Account configuration - View

Other permission:

• Account configuration - Manage

Page sections

Search page (filters)

Fields	Type	Rules
New	Action button	Opens a details page for creation of a new authorization role.

Search results (list *)

* Automatically shows all authorization roles of the system, sorted by name.

Fields	Type	Rules
Name	Text (read only)	The name of the authorization role.
Quick link to transfer types	Hyper link	Shows a list of all transfer types in which that role is used: The transfer types are listed under each other. The transfer types are hyperlinks and link to the transfer type authorization levels overview.
Remove	Icon	Removes the authorization role. Roles can be removed althought there are authorization levels which use that role. Authorization levels will be removed if they have the removed role as unique role.

Page: Authorization role details

Security

Roles:

• Admin

View permission:

• Account configuration - View

Other permission:

• Account configuration - Manage

Page sections

Details page

Fields	Type	Rules
Name	Text	Required Max. length: 100 characters
Save	Action button	Saves the name of the authorization role. A new role name must be unique.

Page: Transfer type authorization levels overview

Security

Roles:

• admin

View permission:

• Account configuration - View

Other permission:

• Account configuration - Manage

Comments:

• After an authorization level has been used (it has been used even if it is pending) it cannot be deleted anymore, but it can be changed. Also it is possible to turn of authorization in the transfer details page.

Page sections

Search page (filters)

Fields	Type	Rules
Add	Action button	Opens an empty "Create new authorization level" page. The following message is shown always: After saving, don't forget to set the permissions and notifications in the product of each authorizer (receiver/payer/broker or role bearer). If your transfertype also allows scheduled payments, be aware that each authorizer should also have the permission to view scheduled payments. If the receiver is an authorizer and you allow scheduled payments, be sure to check the "show scheduled payments to receiver" checkbox in the transfer type.

Search result (list) *

* Automatically shows all transfer type authorization levels specified for the transfer type, sorted on level.

Fields	Type	Rules
Level	Text (ready only)	The authorization level.
Authorizer(s)	Text (read only)	Shows the selected authorizers for this level e.g.: "Receiver, Role 1, Role 2." or "Broker, Payer, Role3.".
Remove	Icon	Removes the authorization level. Only visible if the administrator has the Account configuration - Manage permission. Only visible if the authorization level has not been used yet (it has been used even if it is pending).
Row	"Row"	Opens the details transfer type authorization levels details page.

Page: Transfer type authorization levels details

Security

Roles:

• admin

View permission:

• Account configuration - View

Other permission:

• Account configuration - Manage

Page sections

Details page

Fields	Type	Rules
Authorizers - Authorizers section
Receiver	Boolean	When this checkbox is selected the receiver has to authorize the transfer. This field is hidden and disabled if it is already used in another level of this transfer type. Note for admins configuring Cyclos: please be aware that the receiver needs the permission to authorize payments ( Payments authorization - Authorize / Deny), otherwise he cannot authorize the payment.
Payer	Boolean	When this checkbox is selected the payer has to authorize the transfer. This field is hidden and disabled if it is already used in another level of this transfer type. Note for admins configuring Cyclos: please be aware that the payer needs the permission to authorize payments ( Payments authorization - Authorize / Deny), otherwise he cannot authorize the payment.
Broker	Boolean	When this checkbox is selected the broker has to authorize the transfer. This field is hidden and disabled if it is already used in another level of this transfer type.
Administrator (roles)	Checkbox group	When this checkbox is selected the selected roles have to authorize the transfer. All roles are listed with a checkbox selection, that are not used in another level already.
Save	Action button	Saves the settings. At least one of the authorizers needs to be selected (Reciever, Payer, Broker or Role).