Remote Payment Services

How does Mekorma protect my information?

Mekorma software takes advantage of Microsoft Dynamics 365 Business Central’s built-in security model. Only those users with permissions can see, report, and work with payment data based on their roles. This means only authorized users can approve or send payments to the outsource provider’s platform.

Connecting to Remote Payment Services

When Mekorma sends transactions from Business Central to our provider’s platform, we use security methods typically used by transaction providers:

• Credentials to access the provider’s API are stored encrypted in the database. They are only decrypted when needed for authentication and are never displayed to the user or accessible in a report.

• Credentials are used to access an authentication server to obtain an authorization token.

• The token is valid for a limited time (time varies with the provider) and is used to access the provider’s API.

• Communication with both servers is encrypted and secured using TLS 1.2 or newer.

We take security seriously to protect our endpoints.

How does the Remote Payment Services provider protect my information?

Mekorma’s Remote Payment Connector integrates Business Central with the Corpay (formerly Nvoicepay) platform. Corpay encrypts the transaction data before it is sent and also during transmission.

Corpay has adopted:

• AICPA (SOC 1, 2, and 3 Compliance)

• IAASB ISAE No. 3402 Standards

Corpay invests heavily to protect your data when it’s at rest and in transit. Additionally, they provide ongoing threat assessment and 24x7/365 security operations staff to protect your business continuity even in times of disaster.

Corpay can provide detailed standards reports and validations – you may be required to sign an NDA to access that information.