Payables & Cash Management

Get Involved. Join the Conversation.

Topic

    Logan Wacker
    Decrypting Incoming Bank Statements
    Topic posted November 6, 2018 by Logan WackerSilver Trophy: 7,500+ Points, last edited January 30, 2019, tagged Cash Management, Financials, Payables 
    331 Views, 5 Comments
    Title:
    Decrypting Incoming Bank Statements
    Content:

    We have an external bank parter (Capital One), that we've integrated with via SFTP for incoming current and prior day BAI files. They use SSH key in place of an SFTP password (which works fine), and they are required to use PGP encryption. In R13's manage transmission configuration task we generated the necessary PGP keys and provided them to the bank. When attempting to process the electronic bank statements, we received an error in the log file during the PGP step saying its not supported. MOS confirmed that decrypting an inbound bank statement file isn't possible. More banks are moving toward using PGP encrypted bank statements, curious if any others have ran into this issue. Or if there is a known ER for the same.

    Thanks.

    Logan

    Comment

     

    • Felix Beaudoin

      Hey Logan!
      Curious as we have never encountered this issue with our banks in Canada. Is Capital One not able to provide a standard SFTP password instead of an SSH key? Seems like SSH would not be supported in Oracle Cloud as all banks are indeed moving towards PGP encryption with a SFTP password to fetch the file from the server and load it into Cloud. I think the issue is really around the SSH key because both private and public keys should be working the same way (i.e. PGP public with SFTP password and PGP private with SFTP password).
      I've also seen many recurring issues around the wallet file being difficult in R13. You can ask Oracle to validate that the wallet file has truly been generated and is available for use as that could also be the issue.

      Let me know once you have an update around this.
      Regards,
      Felix

    • Becky Alvarez

      Logan,

      The information I have is that IBY has enabled the decryption on Bank Statement Transmission protocols, and the PGP encryption/decryption support was implemented via bug below.  Note that we only support PGP encryption.

       

      -        23308542 - PGP:TRANSMIT CONFIG UI SIMPLIFICATION AND IMPORT CREDENTIAL ESS JOB ERADICATION

    • Magesh Raj

      Hi Logan,

            It could be due to the PGP encryption done at the bank. We have implemented decryption of incoming bank statement using staged approach.

      1. Receive bank encrypted in stage server inside the firewall
      2. Decrypt the bank file and encrypt the file using cloud PGP encryption key using the following command
        1. “gpg -e --armor -r 071918_210057_<podname>  <bank stmt file name>”
      3. Place the file in sftp server and run the ESS job “Process Electronic statements”

      If you can ask the bank to encrypt using “gpg –e –armor –r “command then it should be possible to directly import encrypted inbound bank files.

      Make sure the in the Transmission configuration page -> PGP Private Key Password entered while generating the PGP key as well same key typed in before saving Manage Transmission configuration page.

      Thanks,

      Magesh

    • sai sudheer

      Hi,

       

      How is that you were trying to Decrypt the file that you have received from the Bank.

      and did you get the Public Key from the bank?

    • Magesh Raj

      Hi Sai,

       You provide  your Public PGP key to the bank to encrypt the files.

       

      Thanks,

      Magesh