Diagram Technical Details Security System Requirements TECHNICAL DETAILS 1. i-PayOnline Client Software: BoE Bank provides the i-PayOnline client with software for a Microsoft platform consisting of COM components and Active Server Pages which must be edited and integrated into the supplier's online shop or procurement system. The COM component establishes the 128 bit encrypted session between the supplier's web server and the i-PayOnline server at the bank, and it handles the authentication of the supplier's server when it tries to log on to the i-PayOnline web server. In the case of a non-Microsoft client, BoE will allow the supplier to create his own client software. It must be able to: authenticate the client establish a 128 bit encrypted session do an http POST action 2. The i-PayOnline server is hosted at BoE Bank. Communication between the supplier's website and the i-PayOnline server can be over any TCP/IP connection (Internet/Leased Line). All the transaction information is stored on a central database at BoE Bank. A web-based administrative interface is available if a supplier wants to edit the Line Item Details, settle or refund a transaction. 3. When the i-PayOnline server receives a request for authorisation, it is forwarded to the Tandem (also at BoE Bank), from where it is routed to the correct issuing bank. 4. All the users of this system (buyers, suppliers and administrators) can access their information through a browser-based user interface. The system will identify each user by the digital certificates, which are provided by BoE Bank and can be downloaded into the browser's certificate store. No additional software is required to be able to view and edit transaction details.