Skip to main content

Credit transfer security

FinDock SEPA Credit Transfer gives you the ability to instruct your bank to transfer money from your bank account to other bank accounts. There are many use cases where this is needed. However, you need to make sure the process of transferring money is secure and auditable.

Both Salesforce and FinDock offer a set of features to secure and audit your SEPA Credit Transfer usage. When implemented well, they provide safety and confidence, helping protect you from fraud and other potentially malicious actions.


This is not a complete overview of all security features, but a set of recommendations and best practices to help you implement what you need. Please be aware that you are responsible for the security at all times.

Data scope

When it comes to securing and auditing credit transfer data, there are certain options in the FinDock payment data model that you should prioritize. Not all fields on these objects are essential, however, below is an outline of the most important items, though this list is not necessarily exhaustive. The full scope needs to be defined by your organization, and should include at least the following.

Installment object credit transfer data

Field labelField nameData typeDescription
Amountcpm__Amount__cCurrency(16, 2)Full amount to be disbursed.
Payment methodcpm__Payment_Method__cPicklistValue must be 'SEPA Credit Transfer’ for credit transfers.
Payment profilecpm__Payment_Profile__cLookup(Payment Profile)Shows to which payment profile (of the beneficiary) the installment is linked
Payment schedulecpm__Payment_Schedule__cLookup(Payment Schedule)Shows to which payment schedule the installment is linked
Record typeRecordTypeIdRecord TypeValue must be ‘Payable’ for credit transfers.
Statuscpm__Status__cPicklistSee here for details.

Payment Profile object credit transfer data

Field labelField nameData typeDescription
Accountcpm__Account__cLookup(Account)Account of the credit transfer beneficiary
IBANcpm__IBAN__cText(35)Beneficiary's IBAN, which must be an IBAN within the SEPA zone

Payment Schedule object credit transfer data

Field labelField nameData typeDescription
Hashcodecpm__Hashcode__cText(255)Unique hash of the record, The hash is cleared if status is set back to ‘Scheduled’
Hashcode datecpm__Hashcode_date__cDateDate hash was generated
Statuscpm__Status__cPicklistStatus indicates which stages of the process the payment schedule has passed.

PaymentHub File object credit transfer data

Field labelField nameData typeDescription
Hashcodeproh__Hashcode__cText(80)Unique hash of the payment schedule record
Total elementsproh__Total_elements__cNumber(18, 0)Total number transactions in the payment schedule
Total Record Amountproh__Total_Record_Amount__cCurrency(16, 2)Total sum of all installment amounts attached to the payment schedule
Total Record Countproh__Total_Record_Count__cNumber(18, 0)Total number of individual records included in the payment schedule

Security best practices

Activate / Deactivate FinDock Credit Transfer

The simplest way of preventing fraud is by not having the ability to transfer money. This is why, by default, FinDock Credit Transfer is not enabled for your Salesforce org. It can only be enabled by FinDock. We recommend not enabling SEPA Credit Transfer in your Salesforce org unless you absolutely certain you need it. If you are certain, contact FinDock Support to enable the credit transfer functionality.

Restrict Salesforce Data Access

Salesforce provides a flexible, layered data sharing design that lets admins control access to data. Managing data access enhances security by exposing only the data that is relevant to and needed by users. Use permission sets, permission set groups and profiles to control the objects and fields users can access. Use org-wide sharing settings, user roles and sharing rules to specify the individual records that users can view and edit. For further information, see the Salesforce Help article Control Who Sees What.


Be extra careful with granting permission to delete records.

Approval processes

You can and should define an approval process to govern the execution of credit transfers. This enables users to quickly progress to the next stage and keeps an audit trail of the various stage changes and who approved the transfer. For further information, see Approval processes with Payment Schedules.

Auditing best practices

Auditing provides information about system use and activities which can be critical in diagnosing potential or real security issues. Auditing doesn't secure your org, but they are a critical part of definition and maintaining security. Your organisation should do regular audits to detect potential abuse.

To verify that your org is actually secure, you should perform audits to monitor unexpected changes or usage trends. The following sections provide an overview of the auditing tools that Salesforce and FinDock offer to help you audit the credit transfer processes.

Real-time monitoring

Salesforce Real-Time Event Monitoring gives you access to detailed performance, security and usage data on all your Salesforce apps. See who is accessing critical business data when, and from where in near real-time. You can store the event data for auditing or reporting purposes. You can create transaction security policies using Condition Builder—a point-and-click tool—or Apex code. For details, see the Salesforce Help article Real-Time Event Monitoring.

Hash of the credit transfer file

To help validate that the credit transfer file has not been changed between generation (on ProcessingHub) and uploading to the bank, a hash of the generated file is calculated and stored in Salesforce. The hashcode is stored on both the Payment Schedule in the fields cpm__Hashcode__c and cpm__Hashcode_date__c and on the PaymentHub File record in the field proh__Hashcode__c. When the credit transfer file is uploaded to the bank, the hash of the generated file can be compared to the hashcode as calculated by the banking application.

Comparing counts and totals

When the credit transfer file is being created (by ProcessingHub), FinDock performs two additional quality checks before moving the file to Salesforce. Both the number of records processed and the total amount of the processed records are counted and compared against the resulting credit transfer file. If either does not match the count from the processing job, the file creation is canceled, and FinDock generates an error message in ProcessingHub (viewable through ProcessingHub Manager).

The details of the file that is created and uploaded to your Salesforce org are stored on a PaymentHub File record. On this record you can find:

  • The payment schedule used to create the file
  • The related installment records
  • The number of records in the file
  • The sum of the amount to be transferred
  • The hash of the file
  • The actual file that was created

Every step of the credit transfer process is based on your data. This means you can use this data to implement your own checks and auditing on the credit transfer process by comparing the count of records and totals attached to

Salesforce Record Modification Fields

All objects include fields to store the name of the user who created the record and who last modified the record. This is useful basic auditing information.

Salesforce Login History

You can review a list of successful and failed login attempts to your org for the past six months. For more information, see the Salesforce Help article Monitor Login History.

Salesforce Field History Tracking

You can also enable auditing for individual fields, which automatically tracks any changes in the values of selected fields. For more information, see the Salesforce Help article Field History Tracking.

Field history data is retained for up to 18 months through your org, and up to 24 months via the API. Field Audit Trail, however, lets you define a policy to retain archived field history data up to 10 years from the time the data was archived. This feature helps you comply with industry regulations related to audit capability and data retention. For details, see the Salesforce Help article Field Audit Trail.

Salesforce Setup Audit Trail

Administrators can also view a Setup Audit Trail, which logs when modifications are made to your org’s configuration. For details, see the Salesforce Help article Monitor Setup Changes with Setup Audit Trail.

Salesforce Recycle Bin

When you allow certain users to delete records of certain objects, you can find those records in the Salesforce Recycle Bin.

As an admin, you have access to your own Recycle Bin and the Recycle Bin of the Salesforce org. You can view, restore and permanently delete records in the Recycle Bins. Use list view functionality to sort and filter to find the records you need and get insights into who deleted those records. For details, see the Salesforce Help article Recycle Bin.