Version 4.15.0 (EN)

About this version

This version introduces new functions in payment entry as well as improvements to the connection channels and to security.

New are the option to scan QR codes from invoices and attach invoices as a file in the SEPA payment form, as well as a balance forecast in payment entry. You can find more about this under "New".

Regarding the connection channels, we are creating more clarity about the route via which payments are transferred to the bank and the route via which account information reaches konfipay. konfipay currently connects to your banks via EBICS and SRZ. In the future, additional connection channels are planned – and a clear, unambiguous assignment of these channels is the prerequisite for this. With this version, we are laying the corresponding foundations.

In addition, we have further increased security – through a shortened session duration with automatic logout as well as improved protection of API keys. You can find further details under "Improvements" and "Security".

New

• QR code scanning in payment entry: In the SEPA payment form, you can now scan QR codes from invoices directly with your camera and automatically create a payment. konfipay supports both the EPC QR code (GiroCode) and the Swiss QR code. The payment data contained in the code is automatically transferred to the corresponding fields – saving time and avoiding typing errors during manual entry.

  • Further information: Bank transfers | Create payment from QR code

• Invoice upload in payment entry: You can now attach the corresponding invoice as a file to a payment. Uploaded invoices (PDF) can be viewed directly in konfipay in a preview, so that the payment and the supporting document are available together.

  • Further information: Bank transfers | Attach PDF receipt to payment

• Balance forecast in payment entry: When creating a payment, konfipay now shows you a balance forecast for the selected bank account. In this way, the forecast supports your planning. It is a forecast based on the data visible in konfipay; the actual balance may differ.

  • Further information: Bank transfers | Balance forecast

Improvements

• Clearly defined channels for payments and account information: konfipay supports various ways of connecting to your banks (currently SRZ and EBICS), and we plan to establish additional channels in the future. With this update, we are laying the foundation for this: the route via which a payment is transferred to the bank, as well as the route via which account information (in particular account balances and account movements) reaches konfipay, are now clearly defined.

  Previously, a payment could switch to an alternative channel at runtime (fallback) if the transfer via the intended channel was not possible – for example due to a misconfiguration. We have removed this dynamic decision at runtime. The transfer route for payments is therefore clearly and predictably defined.

  The retrieval of account information (e.g. transaction files in MT940 or camt.053 format) now also follows a single, unambiguous route: per bank account, account data is retrieved via exactly one channel (either EBICS or SRZ, no longer via both at the same time).

  To manage these settings, you will find a new window under Master data > Bank accounts > Bank accesses, where you can clearly view and define the configuration across all bank accounts.

  Your existing settings are taken into account during the changeover: where fallbacks or multiple channels were previously used for an account, konfipay automatically sets the channel via which the most recent transaction files were retrieved for the respective account.

  • Further information: Bank accounts | Manage bank communication

Security

• Shortened session duration: To further optimize security, we have significantly shortened the duration of an active session in konfipay. A session now remains active for 30 minutes and is automatically extended on activity. So as long as you are working with konfipay, you remain logged in; only after 30 minutes of inactivity are you automatically logged out.

  Regardless of your activity, re-authentication is also required after a maximum of 4 hours in any case. This upper limit also contributes to increased security, as a session cannot be kept open indefinitely.

  The shorter session duration contributes to increased security: if a workstation is left unattended, the session is automatically ended promptly. This reduces the risk of unauthorized persons gaining access to an open, logged-in session, and the time window for possible misuse of a session is noticeably reduced.

  The following visible changes result for you:

  • You will now see the remaining session duration directly in the interface – as a progress bar in the user area and as a remaining-time display in the user menu.

  • In the event of inactivity, you will be automatically logged out once the session duration has elapsed. A message then appears on the login page indicating that your session has expired.

• Protection of API keys: For security reasons, API keys can no longer be permanently copied from konfipay. A newly created or newly regenerated key is displayed in full only once – immediately after creation, in a separate window with a copy function and a corresponding note. Please copy and save the key at this point, as it cannot be displayed to you again afterwards. In the overview and for all further retrievals, a key will now only be displayed masked (the first 10 characters, the rest hidden).

  The same applies to keys created via the konfipay API: when a key is created, it is returned once; when keys are listed or updated, the values are masked.

  This change also applies to existing API keys. Since konfipay has always provided a key in plain text up to now, it was not previously necessary to store it separately. Should an existing key not be stored anywhere else, you have two options:

  • Option A: For an existing key, you use the "Generate new" option. Only the key value changes, while all data linked to the key is retained. You should choose this option if the "Acknowledgement per API key" option is active and the key status (i.e. the acknowledgements) must not be lost.

  • Option B: You create a new API key with identical rights and store it in the relevant clients.

  • Further information: API keys