When creating payments, the account currency is preselected for the payment.
An error during look-up of BICs in the SCL directory was fixed.
The login name is not case-sensitive anymore.
When recording SEPA debit transfers, an error could occur, if mandate administration is active and originator recording is not allowed. This issue has been fixed.
When creating open payments they are assigned to the folder that is currently opened.
When editing folders for files to send, now the send order types are shown for selection.
For the import and direct sending of SEPA payment data, now files in ISO 20022 format can be used.
A performance issue occurred in the fields for selection fetch order types has been fixed.
Update of system components
Play Framework has been updated to version 2.8.8. This is also associated with security improvements, especially mechanisms against Cross site scripting (XSS) and Cross size request forgery (CSRF).
Java is used in version 1.8.292 10.1 now.
It is possible now, to enable a separation of the application data by configuring tenants. So banks and all information belonging to them, payment originators and recipients, SEPA mandates and automatic exports are assigned to exactly one tenant. A user is assigned to at least one tenant but may have access to multiple tenants.
Support of further mechanisms for the two-factor-authorization (additionally to Yubikey): OAth and WebAuthn.
Support for Single Sign On (SSO). To activate it, the information of the OpenID must be configured in the file
It is possible now to define a timeout after which active sessions are to be deactivated. This can be configured in the file
production.conf with the parameter
Fixed that expired passwords are not asked to be renewed.
A Help button has been added to access the online help of BL Banking Web directly. With that always the entry is opened that belongs to the page that is currently shown.
The application supports three more languages now: French, Spanish and Portuguese.
In the details view of an EDS order the existing signatures are shown in chronological order now.
The function to delete send orders has been removed.
In the table "Retrieved files", in column "Order" additionally to the order type a corresponding text and the fetch period are shown.
Filters configured for the table views are reset after logout.
In table "Notifications" now is shown to which order the notification belongs.
In the notification details the button for Saving the original files is not shown anymore for notifications from the customer protocol. In this case an empty file has been created before.
When configuring the database connection, the type of the used database can be selected. By this in the field "JDBC URL" a template is shown.
Bugfixes in editing fetch schedules, bank connections and accounts.
When editing text fields, in most cases only allowed characters are accepted.
For a user now permission can be specified, if this user gets access for the following areas: account statements, send files, fetch files, EDS, payments, AWV and send folders.
The import of users has been modified, so the user is only created for the import first, the synchronization process is to be started by the user itself when logging in the first time. Additionally inside the import the allocation to already existing banks has been improved.
In the user list every bank state is marked in color depending on the state: green for state "Ready", red for state "Locked", otherwise black.
When resetting a user the configured two-factor-authentication can be reset as well. In addition to this, when resetting a user its keys are locked on the bank side to allow to do the initialization instantly after logging in the next time.
After changing the own user name the user is not logged out anymore.
When editing a user the setting for the permission to synchronize with the mobile app is considered.
Inside the EDS history the amounts could have a wrong decimal place in certain circumstances.
The application detects if it is tried to send a signature for an EDS order multiple times, e.g. by double-clicking the "Sign" button. In this case the order has been rejected by the bank before.
A problem when signing multiple EDS orders, in which an error occured for one order, has been fixed.
If there are no keys for the bank connection of a users, a corresponding error message is shown when signing.
When sorting inside the payment table it is always sorted by the creation date additionally to the sort criterion.
If files that are to be transferred to the bank have the SEPA format, it is not necessary anymore to specify the bank or order type, this information is taken from the payment data directly.
It is possible now to upload files for sending from a directory inside the application. Files that have been sent successfully from a directory are deleted now.
When signing an order the contained payments are shown in a table.
Performance problems when sending large files and in table "Sent files" have been fixed.
The originator account that has been used at last is preset when creating the next payment.
When editing SEPA express transfers the fields for ultimate originators and recipients have been removed as they cannot be used. Additionally for the originators and recipients no BIC must be specified anymore and the selectable payment types and categories have been reduced to INTC and CORT.
The selection of the currency for AZV payments has been reduced to entries that are currently valid.
When editing periodic payments in purpose field now a wildcard can be selected to insert it into the purpose field. A description for using the wildcards is show below the field. In the periodic payments table the purpose is also shown if it contains wildcards.
The timeout for web sockets has been increased to 10 min so the import of payment data from a CSV file is not aborted so fast anymore.
Bugfixes when applying the account holder as the originator of a payment or when selecting a SEPA mandate. If the account holder contained special characters (e.g. an ampersand) it has been shown wrong before or the fields has not been filled.
In the open payments table a column for the payment folder has been added, it is only shown if no folder is currently selected. The filter in this table has been expanded, so it is possible now to filter by the user that created the payments.
Below the button "New payment" only the payment types are shown for which the user has permission on the bank side. If a user doesn't have access to a bank, all payments types are shown.
When importing payments, more detailed error messages are shown. Additionally salary payments are ignored if the user has no permission for editing salary payments.
When modifying multiple open payments the bank has not been updated if the selected originator account belongs to another bank. This error has been fixed.
In the account overview table it is possible now to apply a text filter on the displayed accounts. Above the table the posting and value date balances over all displayed accounts are shown. An export of the account overview has been added.
The last selected account group is stored and applied again when showing the account overview again.
In the transactions view in the selection menu for the account statement the date is shown additionally to the statement number. If the transactions for all accounts are shown in the table, a column for the account is displayed.
In the balance list a column with the standard name of the accounts is displayed, if the preference "Display column with standard account name" is active. Additionally the balance list can be exported to a CSV file.
Fixed that the date of the last statements fetch is not updated if no data was available.
After clicking the button "Display exported files" in the automatic exports table only the files are shown that belong to the selected exports. If no exports are selected, farther all exported files are shown.
Two-factor authentication with Yubikey tokens
For improved security we now support two-factor authentication. Users can configure one or more Yubikey security tokens, provided by the company Yubico. During login and when signing a payment a one-time password generated by the security token is required as an additional security measure after entering the user password.
Notification about software updates
When a new software version is available, a corresponding note will be shown on the landing page. This note contains a reference to the change log. The update will not be installed automatically.
Users can be imported more conveniently from a different installation or e.g. BL Banking. This uses the same method that already exists for the synchronisation with the mobile apps (iPhone and Android app). Using the new button "Import user" will lead to a form where you can enter the name of the new user and the synchronisation number. Here you can enter either the 12 digit number or, when using the QR Code synchronisation, the text shown beneath the QR Code.
When setting up the application the first user that is created is no longer required to have a bank access. Thus it is possible to first set up e.g. a technical administrator who can then create further users and banks.
Users can now be reset, e.g. if they forgot their password. When doing this, the bank connections will be reset, so the user needs to reinitialise with the banks as soon as he logs in. In order to be able to do this, the EBICS keys must be reset by the bank.
When the maximum number of allowed users has been reached you will now still be able to create further local users without bank access.
Administration of bank connections
Bank connections can only be created by administrators form now on. Setting up the bank connection is a separate process from the EBICS initialisation, so the administrator, who is creating the bank connection, does not have to do an initialisation. The creation of duplicate bank connections is no longer possible.
Additionally to the existing fetch types it is now possible to create a freely configurable fetch schedule. It uses a freely configureable order type and the fetched files can be saved to a configurable directory.
When selecting the originator account in the payment forms the account holder will be entered into the text box for the originator name.
The delay for the automatic refresh of the customer protocol after sending a file can now be configured in seconds, not minutes.
Export of balances and balance lists
The balances and balance lists shown in the corresponding tables can now be exported in CSV format via the download function of the browser.
The order type used for PDF statements can now be configured in the bank settings.
The sorting of bookings by booking date or value date has been corrected for advices with multiple statements per day, so the current balance is displayed chronologically correctly.
Bugfixes for PDF statements
Some problems have been fixed that were caused by invalid PDF statement files.
Account groups from balance list
When creating account groups from the balance list view, an error occurred when using a PostgreSQL database. This behavior has been fixed.
Bugfixes for PDF statements
The date for fetching and the download of existing statements have been fixed.
If only the bank icon without the name is shown in the tables, the bank name appears as a tooltip on the bank icon
When displaying amounts, they are shown in red, if the amount is debitted from own accounts. Amounts that are credited to own accounts still appear in black.
Sending files from transfer folders
Folders can be configured to hand over files that are to be transferred. These files are listed under the new menu item "Orders" -> "Files to transfer" and can be sent directly from there.
Create and send SEPA instant payments
SEPA instant payments can now be created and sent.
Displaying payment details when signing and order and in open and historical EDS orders
In the views "Sign order" and "Details for EDS order" the payment details are listed in a table for known payment formats. By selecting the payments the payment details can be displayed.
Total amount of the selected payments in the payment tables
In the views "Open payments", "Periodic payments" and "Payment templates" the total amount of the selected payments is displayed when selecting two or more payments having the same currency.
Extended payment filter in open and signed payments
In the views "Open payments" and "Signed payments" the filter can be set for an originator account and the execution date.
In the edit page for payments the ampersand character can be used in text search for payment recipients.
Fix for the currency shown in table "Sent files" for SEPA credit transfers.
In the view "Sign order" a button has been added to print the accompanying ticket.
In the transactions table, the sorting was fixed for statements having multiple pages.
With the new preference "Show single bookings instead of batched bookings" it can be configured, if the single bookings in the view "Transactions" are shown directly or the batched bookings at first.
When creating or editing automatic exports the accounts to apply the automatic export for are shown with a check box.
Adjustments in the user administration
In the overview table of the users the time of the last login and the number of failed login attempts are displayed for each user. Is the number of possible attempts exceeded, an adminstrator can reset this value back to 0, so the user can newly try to log in.
Adjustments for MT101 payments
In the send report of a RFT order, analogously to the other payment formats (SEPA and DTAZV) a table with the payment details is printed.
If a user is not permitted for the originator account, a wrong originator account was shown in the payment details of the EDS order. The page for the MT101 payment details has been adjusted, so the correct originator account is displayed correctly is this case, too.
Printing of the account overview
If the column for the standard name (e.g. the IBAN) is displayed in the account overview, it also appears in the printed overview.
It is possible to record registration parts according to the German foreign trade regulations (AWV) and export them in a Z4 file or in CSV format for a report month. The information that is to be reported can be extracted from account statements and sent payments so it can be completed manually.
In the bank details the DTAZV and EDS settings are displayed to allow to modify the configuration.
Now SSL key files that are not protected (or protected with an empty password) can be configured in the SSL settings.
The user setting for "Administrator" is deactivated, if the user is editing itself.
The EDS overview is also fetched automatically after the user logged out from the application and subsequently logged in again (possibly another user).
The option "Display as single transaction in the account statement (only for SEPA)" when importing or directly sending SEPA payments from CSV files was fixed.
When editing SEPA payments the purpose is set when the recipient is selected.
DTAZV and MT101 payments
When editing DTAZV recipients, unknown BICs are allowed now, too.
For DTAZV payments with accounts having different currencies than EUR, now the correct originator account is displayed.
When selecting the originator account for DTAZV and MT101 payments, the currency of the payment is set to the account currency.
When editing DTAZV payments the bank name is updated if known BICs are selected.
Fetch schedules for PDF statements
PDF (or BKA) statements can be fetched scheduled (or manually) now. If the view "PDF statements" fetched statements can be viewed, saved and deleted. The export directory for these files can be configured.
The start and end time for fetch schedules is checked when it is saved, a wrong input could cause, that the user could not log in anymore.
For the operating systems Linux and MacOS the program ist distributed as a setup, by now this only existed for Windows. The setup assistant was improved and extended, so the proxy and SSL settings can be configured here.
The password for the SSL key file is stored itself encrypted in the configuration files.
The supplied Java has been updated to version 8 build 181.
If multiple banks are configured with the same name, only the orders of one of these banks have been displayed. This bug is fixed, now also in this case all open EDS orders are shown.
For the folder, in which the EBICS user keys are stored, the umlauts are converted as otherwise encoding errors could occur.
For users can be configured now, if they are allowed to synchronize the EBICS access information with a mobile app.
IBANs are shown everywhere formatted in groups of four characters.
Payments in MT101 format (order type RFT) can be created and edited. Analogously to the existing payment types, the originators and payment recipients can be managed for MT101 payments, too.
Counter value payments are also possible. if the currency is set to EUR.
When creating new payments, EUR is set as currency.
A bug determining the recipient country from the IBAN or BIC has been fixed.
For SEPA payments with other currencies than EUR the order type XCT is used. Is the user not permitted for this order type, a corresponding message is shown when editing the payment.
From the payment data of the sent orders the originator information is extracted and stored in the application.
The setting for the salary payments are applied in all views. Also saving salary payments is denied if it is configured that the user should not see the salary payments or the amounts are hidden for these payments.
If the preference "Extract sent orders of other users from the customer protocol" is activated, unknown orders can be created from the information found in the customer protocol.
If a user is not permitted for an order type, a corresponding error message is shown when saving payments for this order type.
When saving periodic payments, an open payment is created if it is due.
Conversions now can be imported from another application and exported from BL Banking Web.
When saving account settings with activated option "Show value date balances without cash concentration" it is checked, if the fields "Opening balance" and start date are set, because otherwise it has come to problems then.
The button for creating a new user is also shown, if the allowed maximum number of users exceeded. The button then appears deactivated and a tool tip with a corresponding message. The check if the maximum number of users exceed was not working correctly before and has been fixed.
Creating and editing accounts
The administration of user permissions has been removed from the form for accounts, because it caused several different problems. The permissions can be set inside the user administration.
Also for manual accounts the bank can not be modified in retrospective as it leads to problems with database entries referencing them. If the bank of an account is to be changed, the account needs to be deleted first (including the referencing entries) and a new one needs to be created.
Account permissions in periodic payments and payment templates
In the views for periodic payments and payment templates are only shown the accounts for which the user has permissions for.
Fix in DTAZV payments
For DTAZV payments the account currency of the originator account is stored in the payment data.
Sending of payments from invalid CSV files
If it is tried to send payments from invalid CSV files, more precise error messages are shown.
New preference to only show the accounts for which the user has permissions
With the new preference "Display only accounts for which payment permissions exist" can be configured, if only accounts are shown in the account overview, for which the user has permissions for.
Editing automatic exports
A problem was fixed that could occur when saving automatic exports.
Users without bank access were getting an error by now when sending traces. This problem has been fixed.