Hello everyone,
I have question which is fairly broad but I would appreciate the insight of the professionals on this forum.
(I operate on the receiving end )
Question:
When a loader essentially plans on making a wire transfer, he/she has to initially pass/by-pass the security layers before being able to make the deposit(drop).
But with what I am faced with in reality, is that many of the loaders that I have come into contact with do not necessarily see this issue as a potential impasse to a successful execution of their job.
Each transaction has a UETR(unique end to end transaction reference number). In order to dedicate a UETR to a transaction, the Client-Server Hello Exchange process had to be successfully conducted for certain security codes to be generated/encrypted. These codes are reflected in the transfer slip(customer copy) or sometimes they arent. But this does not negate the need for the exchange of such keys(secret key, master key(private/public), fingerprint,CA) to initially create a secure connection between the sending party and receiving party. In some wallet apps this process is called firmware authentication(i think).
But in reality, what I am faced with is a generated slip from loader and their insistence on the authenticity and correctness of the work with distegard to the vital issues mentioned above.
I understand that for US and Canada, some ask for Routing code (EFT,MICR) and assume that armed with these and personal details about the account holder, a successful deposit can be made. This is absolutely correct only when the job is performed from a legit bank platform/app. But Routing code is similar to SWIFT/BICS/IBAN in other transaction procedures.
On the other hand, there is the issue of the loaders anonymity. If the sole purpose/aim of loader would be to work on small numbers from funds accessed from different accounts(credit cards, etc) then this question is not relevant. But for loaders who are big players and have been in the game for many years and actually make serious money, how do you maneuver around this battlefield(TLS,SSL,SSH,CA,fingerprint====>BKE,PKI,MAC,PAC,CHE,etc..) while at the same time preserving your anonymity and therby creating a secure transfer where the transaction will have an origin of fund thus preventing rejection, recall, hold, return orders and preventing the filing of suspicious transaction report(STR) and getting the receiving account flagged.
Furthermore, is there any way for a receiver to actually validate whether the database from which the loader is preparing the data packets(xml,xls,txt) is authentic before entering into a business engagement?
Most claim they have the secret-key/masterkey(private) to access their database(Farm42/44/107, etc) but one can never be certain. How can a receiver be certain a loader is fully aware of the coding required to make a proper/viable/potent data packet?
The whole issue regarding coding for enumerators(enums1,2,3,4,5),integers, strings,threads,multi-threads?
How can a receiver be certain that a loader is actually aware and possesses the coding for ISO20022(SEPA,wire transfer) or ISO15022(SWIFT) to make a successful transfer.?
When attempting protocol 101, is the request for online login access essentially to bypass the security measures of the bank?
Please keep in mind I am new to this forum. I have never conducted business with loaders from this forum. So any previous experiences mentioned above are not in reference to anyone on this forum.
From what I have read in this forum, I have found the information very useful hence the question i have posted.
I would sincerely appreciate any/all professional input and feedback and corrections to the question above.
I have question which is fairly broad but I would appreciate the insight of the professionals on this forum.
(I operate on the receiving end )
Question:
When a loader essentially plans on making a wire transfer, he/she has to initially pass/by-pass the security layers before being able to make the deposit(drop).
But with what I am faced with in reality, is that many of the loaders that I have come into contact with do not necessarily see this issue as a potential impasse to a successful execution of their job.
Each transaction has a UETR(unique end to end transaction reference number). In order to dedicate a UETR to a transaction, the Client-Server Hello Exchange process had to be successfully conducted for certain security codes to be generated/encrypted. These codes are reflected in the transfer slip(customer copy) or sometimes they arent. But this does not negate the need for the exchange of such keys(secret key, master key(private/public), fingerprint,CA) to initially create a secure connection between the sending party and receiving party. In some wallet apps this process is called firmware authentication(i think).
But in reality, what I am faced with is a generated slip from loader and their insistence on the authenticity and correctness of the work with distegard to the vital issues mentioned above.
I understand that for US and Canada, some ask for Routing code (EFT,MICR) and assume that armed with these and personal details about the account holder, a successful deposit can be made. This is absolutely correct only when the job is performed from a legit bank platform/app. But Routing code is similar to SWIFT/BICS/IBAN in other transaction procedures.
On the other hand, there is the issue of the loaders anonymity. If the sole purpose/aim of loader would be to work on small numbers from funds accessed from different accounts(credit cards, etc) then this question is not relevant. But for loaders who are big players and have been in the game for many years and actually make serious money, how do you maneuver around this battlefield(TLS,SSL,SSH,CA,fingerprint====>BKE,PKI,MAC,PAC,CHE,etc..) while at the same time preserving your anonymity and therby creating a secure transfer where the transaction will have an origin of fund thus preventing rejection, recall, hold, return orders and preventing the filing of suspicious transaction report(STR) and getting the receiving account flagged.
Furthermore, is there any way for a receiver to actually validate whether the database from which the loader is preparing the data packets(xml,xls,txt) is authentic before entering into a business engagement?
Most claim they have the secret-key/masterkey(private) to access their database(Farm42/44/107, etc) but one can never be certain. How can a receiver be certain a loader is fully aware of the coding required to make a proper/viable/potent data packet?
The whole issue regarding coding for enumerators(enums1,2,3,4,5),integers, strings,threads,multi-threads?
How can a receiver be certain that a loader is actually aware and possesses the coding for ISO20022(SEPA,wire transfer) or ISO15022(SWIFT) to make a successful transfer.?
When attempting protocol 101, is the request for online login access essentially to bypass the security measures of the bank?
Please keep in mind I am new to this forum. I have never conducted business with loaders from this forum. So any previous experiences mentioned above are not in reference to anyone on this forum.
From what I have read in this forum, I have found the information very useful hence the question i have posted.
I would sincerely appreciate any/all professional input and feedback and corrections to the question above.
