- 16 Feb 2024
- Print
- PDF
Get ready for Secure File Delivery
- Updated on 16 Feb 2024
- Print
- PDF
Background
Documentation, files, and reports containing general internal or confidential information may be shared via systems and tools such as email and Google Drive. In any instance when more sensitive information, including customer data, including non-public personal information (NPPI) or personal identifiable information (PII) must be shared, this should be done in more secure methods such as SFTP using encryption.
This standard does not apply to Fedwire file transfer. Fedwire is a real-time gross settlement system of central bank money used by Federal Reserve (Fed) banks to transfer funds electronically between member institutions. Fedwire file transfer standards are administered and managed via Fedwire.
Synctera’s Secure File Delivery architecture provides reliable, secure daily delivery of files of interest to our Sponsor Banks and FinTech partners.
How to request establishment of Secure File Delivery connections
This is a two step process. You must contact your Operations contact at Synctera and agree to:
- Share your ssh key to get access to the designated Secure File Transfer Protocol (SFTP) folder directories via an email to support@synctera.com
- Share your Pretty Good Privacy (PGP) Public Keyvia an email to support@synctera.com
How to access secure files
- Use your preferred SFTP client to connect to your folder and download the associated files.
- All Synctera PGP-encrypted files end with the suffix .pgp.
- Once the files are downloaded, decrypt the files using your associated encryption key.
- Google Cloud Platform (GCP) - Supports individual file sizes up to four gigabytes
- Amazon Web Services (AWS) via Transfer Family
- GCP Cloud Key Management Service (Cloud KMS)
- AWS Key Management Service
What to do if you face problems
Please contact support@synctera.com. We endeavor to reply to emails within one business day.
About Secure File Delivery
Security, accuracy and privacy are fundamental in Synctera’s product design. Synctera achieves this through the following ways:
File Encryption
- Synctera PGP-encrypts all files created through this process. Synctera uses our partner’s public key for this part of the process, guaranteeing that only the holders of the private key can decrypt the file.
- Synctera places the created files in our secure file transfer protocol (SFTP) folder, for partner access and download. This folder can be accessed only by holders of the requisite credentials.
Taken together, these two measures provide a two-step assurance that the data is accessible only by those people who are duly-authorized by both Synctera and theirs (SFTP credentials, SFTP folder access & PGP key).
Employees of Synctera cannot view the contents of these files since Synctera does not possess access to the partner’s private key.
All PII data is tokenized and placed in-vault at rest. Synctera de-tokenizes this information in-memory during the file delivery process.
Examples Files
Master Transaction File
The Master Transaction File aggregates all payments across rails and FinTechs into one daily file. This file will be sent from Synctera to the Sponsor Bank on a daily basis so that the Bank has visibility into all transactions that occurring on the platform. The information contained in the file is sensitive and must be transferred via SFTP with enhanced encryption.