1. Manager of users:
BBVA Business is an application multiuser. It has multiple user profiles that the company can allocate to its staff according to its operational structure.
A profile specific, Manager of Users, defines and manages the users of the company in BBVA Business. Can exist one or several Managers of Users and have different levels of delegation (without be able to or with be able to solidary or joint). Every user is allocated a profile that is defined with the most possible detail.
To authorize transactions, the options are:
- Without be able to: not able to authorize transactions.
- Proxy: may be joint and several or joint.
This structure allows a group of users as restrictive as the company wishes, in order to guarantee at all times that:
- Accesses just to the services and accounts that establishes the Manager of Users.
- Can carry out just those enquiries and operations that you authorizes the Manager of Users.
- They may or may not have powers to authorize transactions.
- There is a monetary limit according to transaction and account, as defined by the administrator.
- Only if is Manager of Users be able to consult, as well as your profile, the relationship of defined users in your company, your profiles, the access to services and the powers that have assigned.
2. Activity control:
The users can carry out a tracking of the operatoria of the company in BBVA Business through:
- The “Statistics” unit (signatures and files: Statistics): view transactions in a given period.
- “Audit orders” (Signatures and files: Signature and follow-up of files): monitoring of the operations of each user of the entity.
- “Audit users” (Administration: Audit): reflects what actions has carried out each of the Managers of Users within the circuit of users.
3. Credentials of user:
As mechanism of authentication reinforced, BBVA Business adds the double factor of security in the access. Every 90 days, be necessary that, as well as your code of company, user and password, introduce the code generated for your device of security or token (if not have one, receive the double factor via email). In the case of access BBVA Business from the app: the token is comprehensive and the double factor been worth automatically, without need of introduce no code additional to the already usual.
- Although the passwords not expire, you recommend modify them every month.
- The password must be 8 alphanumeric characters, to make it harder to crack.
- Passwords are stored through irreversible encryption in specialist user and identity management systems, so that they cannot be obtained or determined.
The password must be changed upon the first access: for prevent the suplantación of the user, in your first connection to BBVA Business, you requires that modify your access password.
Blockade of users:
- The error in the introduction of the user or the password necessary to BBVA's activation Business in a repeated way, causes the blockade of your account, that not be able to be activated until BBVA not generates a new key of activation.
- In the case of the access password, after several unsuccessful attempts the user is blocked.
- The error in the introduction of the generated safety code for your device of security five times consecutive, causes the blockade of the token in BBVA Business.
- The Manager of Users has autonomy for block the access or give of cancellation to the users of your company, so, before any cancellation of an employee, the access can be immediately revoked.
4. Identification and authentication:
Traceability of transactions: accesses and completed transactions are recorded in automated transaction records that collect the completed transaction, the date and time thereof and the user that executed it, to determine the validity of the recorded transactions.
Information on the last connection:
- If the user enters for the first time, BBVA Business it point out.
- On successive log-ins, BBVA Net Cash will show the user the date and time of their last connection.
Cookies active only while you are logged in: the cookies that place in the operating system of the user, necessary to the navigation of sure way by any website, are active just during the connection to BBVA Business and are erased when the user disconnects from the application.
Automatic timeout: as additional action of security in BBVA Business, to the 5 minutes of inactivity or to the 60 of session, proceeds to finish the session of the user and disconnect it of the system.