There are no known issues related to the update so far.
Administrators can now also assist users in creating two-factor authentication (2FA) by performing this process on their behalf. Previously, this was only possible for removing a security key. The function Two-factor authentication in the menu More actions on the page Edit user in the user administration has been expanded accordingly. If required, the new assistance feature must be enabled by making an entry in the configuration file.
With the new system setting Two-factor authentication mandatory, administrators can require all users to set up two-factor authentication. An administrator must first configure a two-factor authentication for himself and can then activate the new system setting. Every user who does not yet use two-factor authentication is automatically redirected to the page Manage two-factor authentication the next time he logs in. It is also possible to configure this new system setting on a tenant-specific basis (information on this in the following section). A user who works in multiple tenants must configure two-factor authentication as soon as it is enforced in one of his tenants.
When entering or changing a password, the current password requirements are displayed as guidance.
In addition to the System settings, which apply system-wide and can only be changed by administrators, there are now system settings for individual tenants. These can also be edited by the managers of the respective tenant. In the system settings, first select the scope from the drop-down list Settings for ..., cross-tenant (the entire installation) or a particular tenant. A tenant-specific setting overrides the corresponding cross-tenant setting. Tenant-specific settings can also be opened from the tenant administration. By selecting for me personally, you can switch from the system settings to your personal user preferences, which, as before, are also available to users without administrative rights.
In System settings and User preferences, the function Load default values has been improved. Clicking on the button now displays a comparison of deviating settings and the respective default value. You can decide for each setting whether the deviating value should be saved or the default value restored.
In the User preferences, the preference Buttons on the start page has been added to the tab General. Each user can choose which of the available buttons should be displayed on his personal start page. The selected buttons are displayed if the user is authorized for the corresponding function.
In the User preferences, the preference Print additional account statement information has been added to the Print settings on the tab Account information. By default, any additional information from camt.053 statements is included in the printout. You can switch off the user preference if no additional information needs to be printed.
In the bank details of banks with EBICS version 3.0, the fetch order types on the tab Account statements, PDF Documents, and Notifications can now be edited more conveniently. The button Modify has been added to the input field of each fetch order type. This opens the familiar dialog in which you can configure the BTF to be used.
In the bank details, the setting Read EDS history from protocol has been removed from the tab EDS. In the overviews Signed EDS orders and Cancelled EDS orders, the action Update EDS orders now always retrieves the protocol and thus updates the EDS history.
The following functions and settings are working now as expected:
A user can initialize with several banks after the first login and continue working even if one of the initializations fails.
With Microsoft SQL Server as the database, sorting in Fetch schedules and Open payments works correctly again.
Cleaning up notifications and protocol based on the System settings now also deletes the data from the workspace directory, not only from the database.
Database entries for notifications and protocol have been revised to prevent error messages.
All fields in the bank details can be edited if a permission exists for the bank. Administrators can edit all banks, managers can edit the banks of their tenants. Users who are permitted to edit bank settings can edit the banks assigned to them.
When updating several bank connections at the same time, all banks are updated, even if the bank keys have to be updated for several of the banks.
Administrators can open all accounts under Settings – Accounts and make changes on the details page.
In payment recording, the display name for the selected recipient is now also displayed under the field for the recipient.
There are various new features for MT101 payments:
The payment types Austrian tax office express payment and Salary express payment have been added:
In Austrian tax office payments, the fees in the Fees area can now be selected by their abbreviation and name.
The new column Originator is available in the overviews for open, signed and periodic payments as well as payment templates. The column is not displayed by default, it can be shown via column configuration.
The following functions and settings are working now as expected:
If the recording of recipients is restricted to Allowed in four-eyes principle or Not allowed via the System settings, the direct sending of external payment files containing an unknown recipient account is now rejected.
Originator and recipient addresses that are stored in SEPA credit transfers are included in the order file when they are sent or exported. The same applies to the address of the debtor in SEPA direct debits.
If canceling an EDS order fails, a more meaningful error message is displayed.
Historical EDS orders remain accessible to users, even if the EBICS version of the bank connection has been changed since then.
IBANs up to 34 characters long can now be entered in the SEPA payment recording.
The account and originator are pre-assigned according to the corresponding user preference only when recording new payments, not when editing.
In the overview Balances, the balances are now displayed graphically in a diagram, in addition to the familiar tabular view.
In the transaction overview of an account, the menu at the end of the navigation path (Breadcrumb) has been expanded to include calendar years. This allows faster access to all statements or transactions for this account in the selected year
A new column Account number/IBAN of the recipient is now available in the overview Transactions. The column is not displayed by default, it can be shown via column configuration.
The following functions and settings are now working as expected:
Fetch schedules continue to run at the last set frequency if the database connection is interrupted.
The Type of execution of a collection schedule can be changed from calendar days to weekdays. The changed frequency is saved and the fetch schedule is executed accordingly.
MT940 account statements are assigned to the correct account, even if they only contain an account number and no bank code.
A transaction overview can also be sorted according to the column Account.
In all tables it is now possible to configure which columns should be shown. The order of them can also be specified. For that, above all tables was added on the left side a button to open the configuration dialog.
The following functions and settings are working now as expected:
If the keys of a bank connection have been changed, they are adopted.
When signing orders and using WebAuthn as the second factor an error message from the last operation is not shown anymore if the password dialog is opened again
A manager of a tenant can delete a bank also if he is not permitted for it himself.
If a ware description of an AWV report for transit trades has more than 140 characters, the report can be saved.
In the table "Open Payments", until now there used to be only the option to sort by the account name, which can be the display name beside the IBAN. Now one can sort only by the IBAN of the originator, too.
When uploading files into a send directory, it is checked if they are executable files. In that case the operation is rejected.
In the notifications table the description is extended by the order number that belongs to the notification.
The following functions and settings are working now as expected:
-For Austrian international transfers in the address of the recipient the town is a mandatory field as well as the country. According to that, the input form has been adjusted.
Austrian tax office payments that only contain an include arrear and no fees can now be displayed correctly.
If a periodic payment is generated from an open payments the originator is set correctly.
If a recipient is generated from a MT101 payment the IBAN is stored correctly, so later when creating payments for this recipient it does not come to a format error.
If cascaded amount limits are configured on the bank side (e.g. an E permission until one value, over that A permission) and limit check is active, the payment is not rejected anymore if the amount exceeds the lower value.
Errors that might have occurred under circumstances when opening open payments table or details of a sent order have been fixed.
When importing account statements it can now be selected if the automatic exports should be executed and if the imported transactions should be marked as read.
There are no known issues related to the update so far.
The Bootstrap framework for the web frontend has been updated to version 5.3.3.
The appearance of overviews is now configurable. You can choose which columns are displayed in which order. There is a new dialog window for the configuration, which can be opened with a button on the left above the overviews. The configuration applies individually per user and per overview.
If you try to reinitialize an EBICS bank access which is in the Ready or Waiting for activation state, you will now receive a warning informing you about the prerequisites and consequences, in particular that your existing EBICS keys will be overwritten.
In the overview of the fetch schedules, a blue info bar now indicates whether there are authorizations for other fetch order types for which fetch schedules can be created automatically.
When changing the password, the currently set password requirements are displayed.
In the details of a bank account, the three tabs DTAZV payments, MT101 payments and SEPA payments were combined on one single Payments tab.
If an administrator locks a user, the lock applies immediately and not at the next login. The locked user can no longer work in an open session.
The following functions and settings work again as expected:
Display of the intended purpose for all bookings when using the user preference Display complete intended purpose in overview.
Display of the error message within the dialog box after entering invalid parameters in a dialog box for filtering data.
Formatting of amounts when the language is set to Polish.
Processing of accounts independent of the set language.
Unlocking payments for large quantities.
Downloading files with non-German special characters in the file name.
Opening the bank details for all users in read-only mode.
If you specify an incorrect encoding when importing a CSV file, a meaningful error message is now displayed.
When importing payments, the setting of the checkbox Save recipient is saved.
The format of generated AXZ payment files (International XML Transfer) has been changed:
The default value for the service level is NURG (instead of NONE). The selectable service levels are correctly restricted depending on the country of the originator account.
The default value in the Charging scheme field is SHAR. An empty selection is not possible.
The account currency is always used in the payment file.
Under Sent files, the payment details of all payments within an order can now be exported as a CSV file. An Export button has been added to the Details for send order page for this purpose. Previously, only the currently displayed payment could be exported from the Payment details for send order page.
Austrian tax office payments can be recorded with a credit for certain types of tax. In addition, a general credit or general arrears can be entered. This is applied to the total amount.
For an international XML payment, the equivalent value in euros is displayed next to the amount field. This requires a conversion rate for the payment currency in euros. The display is without guarantee.
The following functions and settings work again as expected:
Sorting the Retrieved files overview by each column.
Export of payment details for SEPA direct debits from send order and EDS.
Opening SEPA direct debits where the value for the Sequence type is missing (possible with old data).
In the overview of balance lists, as in other overviews, the maximum number of entries displayed per page can now be limited. The display of the total amount always refers to all entries.
When deleting account statements, the number of statements to be deleted is indicated.
The following functions and settings work again as expected:
Execution of the fetch schedules for batched transaction files with the retrieval method selected in the bank settings instead of the retrieval method New.
Execution of a fetch schedule after an internal change of the order type used, resetting order type C52 of a fetch schedule to VMK.
There are no known issues related to the update so far.
Multiple parallel logins of the same user are now prevented. If a user logs into the program at another browser, all existing login sessions are deactivated.
Polish and Dutch were added as selectable languages in the user interface.
Autocomplete for Username fields can now be disabled. To do this, an administrator must add the following entry to the production.conf file in the installation directory:
bl.disableLoginAutocomplete=true.
The program security against HTML content injection-attacks was updated.
The following functions and settings are working as expected again:
Changing the language: The button to switch the language is no longer displayed on some form pages where changing the language would previously have resulted in an error.
Unlock payments: Now works for users who don't have permission for the Settings menu.
Advice processing for MT940 files without creation date
Advice processing for intraday camt.053 statements: Advices whose booking date is after the creation date of the intraday statement will no longer be deleted.
ZIP-Handling of concatenated XML files
Internal processing of the user protocol
There are no known issues related to the update so far.
The Play framework (technical component for the web application) has been updated to the current version 3.0.1.
The Java runtime environment used has been updated to version 21.
The program protection against XSS attacks and HTML injection attacks has been updated.
An eye button has been added to password fields with which the password can be shown and hidden again.
On some overview pages, the button bar has been tidied up. Rarely used actions can be found in the More actions menu.
When the program automatically identifies the name of a bank from an IBAN or BIC, this name will be displayed as a note directly below the input field.
The size of the balance list table on the landing page adapts to the size of the browser window.
For administrators, a new sub-menu System settings was added in the Settings menu.
All settings that have system-wide effects can be found here.
The old sub-menu Preferences now only contains settings that only apply to the logged in user.
Nothing changes for users without administrative rights.
An amount limit for sending payments has been implemented:
To use this, an administrator must first activate the Check amount limit setting under Settings - System settings on the Payment recording tab.
The limit per payment is automatically read from the HTD user profile provided by the bank.
If the bank does not provide a limit in the HTD, a limit can be set for each user and each account (under Settings - User administration on the Account selection tab).
Payments that are above the defined limit cannot be signed or transferred; instead, an error message is displayed with a reference to the given limit.
Administrators can now configure the number of failed login attempts after which a user is locked.
There is a new option Lock user after failed attempts under Settings - System Settings in the Password requirements area.
The default value remains 5.
A new user preference Print only one payment details table per page has been added for EDS printing, which will print each payment on a separate page when printing payment details. The preference is disabled by default.
Deleting a bank connection is only possible if there are no longer any active EBICS connections for this bank. This prevents an administrator from accidentally deleting other users' active EBICS connections.
It is possible to enter values with lowercase letters and certain special characters for the EBICS host ID and the EBICS customer ID.
The outdated EBICS version 2.4 (H003) is no longer available for creating new bank connections.
The following functions and settings are working as expected again:
Setting Recipient recording: Not allowed
Deactivation of the Display payment details system setting for EDS (hides the Payment details table in the detailed view of an EDS order)
Payment import of Austrian Postbar payments
Loading the EDS overview page in case a bank supplies EDS records with an empty amount
Correct display of validation error messages on some form fields
Display of the calculated total amount (concerns the overview of open payments in the case that several payments are selected via SHIFT-click or CTRL-click)
Display of the correct originator account of a sent file, a signed payment or an EDS order
Display of the error messages for errors occurring during CSV import, regardless of the number of errors
Delete button for instructions on existing MT101 payments.
The management of address data has been streamlined:
Addresses for SEPA payments and SEPA direct debits (e.g. recipient address, payer address, ...) are now only recorded as structured addresses.
The old format with two address lines and country has been removed.
The structured address data has also been expanded to include the fields building name and floor.
Rarely used address fields (department, sub department, building name, floor and country subdivision) are not displayed by default, but can be included by clicking a button.
Importing payments from tabular files (Excel/CSV) has been expanded to include several new fields:
for SEPA transfers: country code, originator address, account currency, currency and priority;
for SEPA direct debits: account currency, payer address and currency;
for international XML payments: account currency.
For filtering payments and sent files, the unequal option has been added to the Payment type field.
MT101 payment forms have been improved:
The statement type EQUI has been added and
Specifying additional information is now only possible for instruction types for which additional information is processed.
The Execution interval column has been added to the periodic payments overview table.
For Austrian tax office payments, a limit of 6 fees per payment has been introduced. This limit prevents payments from being created with a purpose that is too long (and therefore invalid).
BL Banking Web supports the callback of SEPA orders via camt.055.
This allows you to request a cancellation for an order if it has already been fully approved (in contrast to EDS cancellation, which is only possible as long as not all signatures have been provided).
To use the new function, your bank must support SEPA callbacks (order type C55 or BTF SCT:DE_camt.055). The recall can then be used under Sent Files and under Signed Payments.
The filter in the EDS overview allows to filter by the submitter of the order.
The Execution date column has been added to the EDS overview.
In the form for creating a directory for files to send, a hint has been added that explains how the Filename mask field can be used.
Sending files with unknown formats is generally permitted in order to not exclude correct, unknown formats from being sent.
With the send general file option, sending will only be rejected due to format errors if the specified order type occurs in the Send parameters of the bank details.
Other order types can be sent without validation. However, it is possible for the bank to reject the file.
The filter option by originator account in open or historical EDS orders has been removed for consistency reasons.
The interaction between the filters for the overview tables under Sent files, EDS overview, Signed EDS orders and Cancelled EDS orders has been improved.
In the protocol of a sent order, users are now consistently displayed in the form Username (ParticipantID / CustomerID).
When printing the transmission report of an order, the name of the generated PDF file has been improved. The name now also contains the name of the client account (if unique).
In the preview for signing an order, a new column Single booking is now displayed in the payments overview table, which indicates whether the corresponding payment will be displayed as an individual entry in the account statements.
The column Submitter has been added to the overview table under Sent files.
The blue info bar Total amount of the X selected payments: N EUR that is displayed when multiple payments are selected is now also displayed in the Sent files, Signed EDS orders and Cancelled EDS orders tables.
SEPA notifications for foreign payments (AXS) can be fetched and processed.
In the Retrieved files overview table, the User column has been added, which indicates which user fetched the file.
When creating a fetch schedule, the retrieval method In the period from has been added for the Freely configurable fetch type. This makes it possible to fetch the specified data for a given period relative to the execution date. This allows data to be retrieved even if it is no longer delivered in the current provision.
Exporting advices and batched transaction files is now possible.
When creating a new group under Balance lists, the selection of the accounts or account groups to include is now possible using checkboxes.
Technical improvements
To improve the protection against brute force attacks against the BL Banking Web login interface, the following changes have been implemented:
All successful and failed login attempts are now logged in the logs with the user name and IP address used.
After entering an incorrect password when logging in, there is now a delay of 5 seconds before the entry can be attempted again. This delay can be configured in the production.conf file using the 'bl.invalidPasswordDelay' parameter (a value of 0 disables the delay).
Bug fixes
Fixed an error that could cause the associated order file of a send order to be deleted locally when the associated order is signed or canceled in the EDS.
An error has been corrected that, under certain circumstances, prevented the creation of a new recipient during the creation of an open payment.
Known Issues with the Update
There are no known issues related to the update so far.
Technical improvements
Updated Bootstrap to version 5.3.1 and jQuery to version 3.7.0.
New features have been added to simplify the management of fetch schedules. More details can be found under "File Fetching & Fetch Schedules" of the changelog.
On the start page, new EDS orders and new account statements are now indicated by the "EDS overview" and "Account overview" tiles. If EDS orders are ready to be signed, the number of these orders is displayed on the "EDS orders" tile, and if there are unread account statements, the number of accounts for which there are unread statements is displayed on the "Account overview" tile. In addition, the current EDS overview is now fetched from the bank server immediately after login, if the user preference "Call up EDS overview automatically" is activated.
Static links to an imprint and to a data security page can now be configured, which will then be displayed in the page footer.
Settings & User Preferences
New user preference "Show complete purpose in overview". When this is active, not only the first line of the purpose is displayed in booking tables, but the entire purpose. This preference is enabled by default and can be disabled in the "Account information" tab of the preferences.
Bug fixes
An error has been fixed which could cause very large amounts (14 digits or more) in some forms to be falsified by automatic formatting/conversion.
It is no longer possible to click the "Submit" button in forms or modal windows multiple times. This avoids certain errors, e.g. during initialization.
When importing payments or payment templates, the importing user's account and order type permissions are now properly checked. Previously, it could happen that a user was able to import payments successfully, but these were then not displayed due to missing permissions.
Fetch schedules for SEPA notifications now correctly use the order types configured in the bank settings.
Some display errors have been corrected in the accompanying ticket and in the details dialog window of an order.
Payment recording
Open payments and signed payments can now be filtered by payment type. Signed payments can now also be filtered by their status.
The choice between "Intended purpose" and "Creditor reference" when entering a SEPA payment is now also offered for periodic payments and payment templates.
The import of recipients has been improved. Additional special characters are now accepted (e.g. '_', 'ø', 'å', 'æ') and BIC codes are now accepted even when their bank is not known by the program.
When a payment folder is deleted, the user can now specify for all open/periodic payments and payment templates contained in the folder whether they should be deleted alongside the folder or retained.
If the "Save recipient" checkbox is activated when entering a payment, you can now further choose between "Create new recipient" and "Update existing recipient". If "Create new recipient" is selected, a new recipient is always created. If "Update existing recipient" is selected, the existing recipient will be updated with the entered values if possible - otherwise a new recipient will also be created.
Several open payments are combined into individual files when saving according to payment type and - if several payment types were saved together - returned bundled in a ZIP file. If only one payment method was selected, the summarized file is returned directly.
The filters for sent files and signed payments have been revised. The individual states have been grouped by topic to make filtering easier. For example, the statuses "Transmitted" and "Transmission confirmed" have been combined into "Transmitted".
File Sending & EDS
In the EDS overview, the total sum of the selected orders is now displayed above the table, similarly to how it is displayed for the open payments.
A filter has been added to the EDS overview. The filter options are based on the filter for signed EDS orders.
The display of the EDS overview has been revised: the orders are no longer grouped by bank and the additional header for each bank was removed. Instead, if required, the new filter function can be used to filter by bank.
The EDS orders and sent orders can now also be filtered by payment type.
The program can now determine EDS order details from locally available send orders, provided the corresponding send order is available locally. This reduces the number of cases where no order details can be displayed for signed or canceled EDS orders.
If the extended file check for SEPA files is activated and a format error is found when sending an external SEPA file, the file will no longer be rejected, but only a corresponding warning will be displayed. This allows users to send files even when a format error is detected - however, such files might still be rejected by the bank.
File Fetching & Fetch Schedules
In the form for creating a new bank account, there is now a checkbox "Create fetch schedule for account statements". If this is checked, a fetch schedule for account statements is automatically created when the bank is created, which fetches statements on weekday mornings. The fetch schedule can be edited as usual under "Settings" -> "Fetch schedules".
In the fetch schedules overview there is now a new button "Create missing fetch schedules". This will check the existing fetch permissions, compare them with the existing fetch schedules and offer a list of additional fetch schedules that can be generated automatically. The fetch frequencies "hourly on weekdays", "morning on weekdays" and "monthly on the 1st" are available. Other frequencies can be configured as usual after creation under "Settings" -> "fetch schedules".
In the overview for fetch schedules there is now a new button "Adjust assigned users" available for administrators or users with tenant administration privileges. This button checks the existing fetch schedules and un-assigns those assigned users who are not initialized, who are deactivated, or who do not have authorization for the fetch order type used. Affected fetch schedules are automatically assigned to another, suitable user the next time they are executed.
If a fetch schedule for account statements or advices fails with the default fetch order types C53 or C52, it is now automatically checked whether fetching with the old order types STA or VMK is successful instead - if so, the fetch order type for this bank connection is permanently switched to STA/VMK.
When a user is deleted or removed from a bank, the user's fetch schedules are no longer deleted from this bank, but remain (without an assigned user). A suitable user will be assigned automatically the next time these fetch schedules are executed.
When the program automatically assigns users to a fetch schedule that previously had no assigned user, it also takes into account the assigned user's fetch order type permissions.
Account statements
In the balance overview there is now a button "Recalculate value balances".
Under "Balance lists" there is now a "Reset" button in the dialog window for "Change period" with which the time window to be displayed can be reset to the default. Empty entries are now also permitted in this dialog, which are interpreted accordingly as "Use default value".
The button "Create SEPA transfer for this transaction" in the overviews of transactions/batched transactions can now also be used for several transactions at once.
The account holder can now be used in conversions as well as in printouts for statements and transactions.
Transactions
If transactions are to be printed and no transactions are available for the selected parameters, an explaining message is now displayed instead of an empty printout being created.
A From-To printout option was added for transactions. This is available when the "Print" button is used in the "Transactions" overview without a selection. There is then the option of either printing out all displayed transactions or limiting them to a specific period of time.
Additional options "Sorted by credit/debit and amount" and "Sorted by debit/credit and amount" were added to the Account information print settings in the Preferences menu.
Automatic Exports
A new filter for the "Exported files" overview has been created. You can filter by "Automatic export", "Creation time" and "File name".
The sorting of the "File name" and "Directory" columns in the "Exported files" overview is no longer case-sensitive.
Administrators can now see all exported files.
Known Issues with the Update
When using a Microsoft SQL (MSSQL) database, the first time BL Banking Web is called up in the browser after the update, the database setup page may be displayed with an error message on the JDBC URL field, that includes "unable to find valid certification path to requested target". The message can be fixed by adding parameters to the JDBC URL. First make sure that MSSQL is selected as the database type. Then, if the previous JDBC URL looked like this:
jdbc:sqlserver://localhost:1433;databaseName=blbanking
... it should be adjusted as follows:
jdbc:sqlserver://localhost:1433;databaseName=blbanking;encrypt=true;trustServerCertificate=true
Technical improvements
For load balancing in heavily used systems, BL Banking Web can now be operated in cluster mode with several server nodes. More detailed information can be found in the installation instructions.
If the database is updated in the background after an update of BL Banking Web, status information is now displayed in the web interface.
The EBICS keys of the users are now stored exclusively in the database (encrypted). Previously, the signature keys were stored as encrypted files in the workspace. Existing keys are automatically migrated to the database. The old keybag files are not deleted, but are no longer used by the program.
The security of the application against cross-site scripting (XSS) attacks has been improved.
Settings & User Preferences
To avoid errors and performance problems, the maximum number of entries per page in table views has been limited to 1000.
A new user preference "Initialization of account and originator" has been added to link originators to accounts and to enable account and originator pre-assignment depending on each other.
A new option was added for a user's permission regarding salary payments: "User has permission to see salary payments during signing (without details)"; this user will no longer see recipients, accounts and purposes of salary payments.
In the detail view of a bank account, the users assigned to the bank can now be configured via the new "Users" tab. Previously, bank assignment was only possible in the menu of a user.
Bank connections can now be deactivated locally for individual users - file sending and fetching are then paused without having to remove the bank access and without affecting the user status on the bank side. A deactivated bank access can be reactivated at any time. Administrators can also see and change the status of other users in the "Users" tab of a bank account.
In the detail view of a bank account, the new tabs "Notifications" and "MT101 payments" have been added, in which additional settings can be made.
In the detail view of an account, administrators can now see and change the access permissions of individual users in the new "Permissions" tab.
Users with administrator privileges now see all accounts in the account overview under "Settings", even if they are not assigned to the corresponding bank of an account.
Local users can now be copied. For this purpose, the new action "Duplicate user" is available in the user administration under "More actions".
For certain payment types, the scheme to be used can now be configured under "Send parameters" in the bank settings.
In the detail view of a bank connection, the HTD user profile of the user can now be printed.
It is now possible to use an EBICS customer ID or EBICS user ID with lowercase letters.
Bug fixes
In the "Account selection" tab of a local user, "Authorized" for an account is no longer displayed incorrectly if the user is not assigned to this account and no authorization exists. In addition, banks to which the user is not assigned are no longer visible.
Fixed a bug where too many payments were generated when importing open payments from an EDS order.
Fixed an error that could occur if no fee was specified when creating an Austrian tax office payment template.
Fixed a bug where the tax account number could be formatted incorrectly and not fully saved for Austrian tax office payments.
For Austrian bank accounts, the correct Austrian send order types and fetch order types as well as BTFs are now preset.
Fixed an error that prevented the deletion of tenants for which AVW messages existed.
When creating a bank account with EBICS 3.0, the correct E002/X002 hash values are now preset.
Fixed a bug that caused all fetch schedules of a bank to be deleted when a user was removed from that bank.
Fixed an error during Excel import that could occur if the server language is set to English.
Fixed an error that could occur when selecting "Payments without folders" in the payment templates.
If a connection error occurs while syncing with the Android/iPhone app, the user will now see a corresponding error message.
An error has been fixed that caused the selected country not to be saved for new bank details.
Fixed a bug that could cause URLs that were too long when sending CSV files.
Fixed an error that prevented the overview for periodic payments from being displayed after a database migration.
Fixed a bug where it was no longer possible to switch back to "Intended purpose" when saving a "Creditor reference" in an open payment.
Fixed a bug where very large files (>100 MB) in the EDS could not be signed.
Fixed a bug where it was not possible to create open payments from EDS orders under certain conditions.
If the assignment of a local user (user without bank access) to a bank is removed, no (unnecessary) warning is displayed any more.
Fixed a bug where the "Delete" button in the detail view of an open payment in edit mode was without function.
Fixed a bug where the automatic field assignment did not work when importing payments from Excel files.
Fixed a bug where certain invalid configurations in filter dialogs could cause the corresponding overview page (e.g. bookings) to no longer be displayable.
Fixed a bug where the selection menu for the payment folder could be empty when creating/editing an open payment if the user was assigned to multiple tenants.
Fixed a bug where a periodic payment could no longer be edited after the originator account that is used in the payment was changed.
Possible layout problems caused by too long text content in pop-up dialog windows have been fixed.
Payment recording
For SEPA originators, recipients and payments/direct debits, it is now possible to provide address data. This information is usually only necessary for certain sender/recipient countries. The address data can be entered via a dialog box, which can be opened with the "House" button next to the originator/recipient field.
Added the ability to convert DTAZV recipients into SEPA recipients or international SEPA recipients.
It is now possible to import multiple payment files at once. For this purpose, several files can be selected in the file selection dialog with the CTRL key pressed.
When "4-eyes principle" is used for receiver recording, saving and duplication of recipients is now only allowed for confirmed recipients.
If a user is assigned to several tenants, the user can now select from the recipients of all tenants during payment recording. Previously, the selection was limited to the tenant of the sending account.
The date for the "first execution" of a periodic payment can now be modified as long as no open payment has been created from the periodic payment.
The uniqueness of names for payment templates is no longer checked across different tenants.
If an input error is reported in a form with fold-out "accordion" elements (e.g. DTAZV payment), the corresponding accordion is now always expanded so that the error message is immediately visible.
File Sending & EDS
Historical EDS orders can no longer be deleted by users in the user interface (analogous to signed payments). This change was made to improve the traceability of completed transactions.
If the user preference "Display signed payments from external files" is disabled, the button "Show payment details" and the table "Payments" are now hidden in the sending details when sending external files.
The user experience when signing multiple orders at the same time has been improved.
File Fetching & Fetch Schedules
In the "Fetch schedules" table there is now a new button "Reset fetch schedules", with which the service for the fetch schedules can be restarted if necessary.
Fetch schedules can now use the order type HAA to update the user's list of all available order types.
A warning is now displayed when creating a fetch schedule if the user is not authorized for the order type used.
In the table of fetch schedules, if any problems occurred during the last retrieval, status information is now additionally displayed in the "Last fetch" column.
Account statements
It is now possible to create remittances from account transactions. For this purpose, there is a new button "Create SEPA transfer for this transaction" under transactions/batched transactions.
Exporting multiple MT940 payments now generates a single MT940 file instead of a ZIP file.
Automatic Exports
When creating an automatic export, the tenant can now be selected if several tenants exist.
When editing/creating an automatic export, there is now a new checkbox "Apply export to selected accounts only".
When clicking on "Exported files" in the navigation bar or in the action bar of the automatic exports, all exported files are listed. When clicking on "Display exported files" in the detail view of an individual automatic export, the view is restricted to the files that were created by this export.
General UI Changes
Numerous actions that were previously only offered in the action bars of the overview tables are now also offered in the detail views: for example, signing, deleting, printing and exporting an open payment is now also possible in the detail view of the payment.
"Edit" mode: In numerous form views (e.g. that of an open payment), the fields are now initially locked for editing and can only be changed after the "Edit" mode has been activated using the button in the action bar. In addition, many of the actions offered in the detail view can only be used if the "edit" mode is deactivated. This is intended as a protection against unwanted changes and ensures that no unsaved changes are lost when executing actions in the detail view (e.g. signing an open payment).
The order of buttons in the action bars and sub-items in "More Actions" menus has been unified.
Various buttons for linking similar objects have been added to some pages. For example, in "Retrieved Files" you will find the "Fetch Schedules" button and vice versa.
Some buttons have been renamed to standardize and/or clarify the action they perform.
Tenant management
The "Tenants" and "Edit Tenants" pages have been redesigned. In order to create a new tenant or edit a tenant in the "Tenants" overview, a dialog window now opens instead of a form page, in which the name and the maximum number of participants in the tenant are specified. For existing tenants, this dialog window can be opened with the action button "Edit tenant" in the overview or the detail view. In the detail view of a tenant, the users of the tenant are now listed in an overview. The name and the maximum number of participants for the tenant are now displayed above this user table. The action bar offers the buttons "Edit tenant", "Delete", "Add user" and "Remove from tenant". Clicking on one of the users in the overview table of a tenant opens a dialog window in which detailed information and actions for this user are offered: The user's bank access is displayed with the bank logo, other tenants of the user are displayed, a button for granting/withdrawing the authorization to manage the tenant, as well as a button to edit the user.
If a tenant is selected in the user management, then only the users with administration rights for this tenant are displayed. In this case, users with administration rights for other tenants are shown with a minus symbol. Administrators are always represented with a gear wheel symbol. Users who do not have administration rights for tenants are shown with a minus symbol in the overview. If "All tenants" is selected, all users who have administration rights for one or more tenants are displayed.
A user who has permission to manage a tenant can also grant/revoke this permission to other users under "Tenants".
Settings & Preferences
Parameters for fetching "Credit advices for SEPA instant credit transfers" and for "Batched transaction files" can now be configured in the "Account statements" tab in the settings menu for bank details.
A new column "Protocol version" has been added to the bank overview.
The processing of the user profile (HTD) has been improved: The "Permissions" and "Order types" tabs in the bank details are divided into fetch order types and send order types. In addition, the "Signature class" and "Signatures" columns in the "Order types" and "Permissions" tabs for the fetch order types in the bank details have been removed, as these orders are not signed.
There are two new preferences "Refresh user profile (HTD) automatically" and "Check permission for order type/BTF when recording a payment".
For the sake of clarity, collapsible panels for the "Display settings" and "Print settings" have been added to the payment entry preferences. In addition, these user preferences are now sorted by topic.
Payment Recording
Unstructured or structured addresses can now be used for the payment types "International XML transfer" and "Cheque payment in XML format". Structured and unstructured addresses can be added when entering/editing new SEPA originators and new international (cheque) recipients.
It is now possible to enter the address of the payer for SEPA mandates and direct debits. (This is necessary for debits to Switzerland/Liechtenstein or Great Britain. No address is necessary for direct debits within the European Economic Area.)
The import of payments has been standardized: Open payments, periodic payments and payment templates can now be imported from payment files and from CSV files with payment data. The import form is unified - the type of payment to be imported (open/periodic/template) can be selected using the dropdown menu.
If the mandate management for direct debits is activated, a new mandate can now be created during the creation of a direct debit. Previously, only the selection of existing mandates was possible there.
A new "Status" column has been added to the "SEPA mandates" overview if the recipient was recorded using the 4-eyes principle.
Under "Open Payments" and "Periodic Payments", the initial creator of a payment is now displayed in the "Creator" column.
The forms for entering Austrian foreign payments and Austrian foreign cheque payments had some fields (e.g. "ultimate cheque recipient") that were not supported by the schema. These fields have been removed.
Retrieved Files
If errors occur when processing retrieved files, these files are now marked as erroneus in the "Retrieved files" overview. The error message is displayed in the tooltip and in the detail dialog window.
In the "Retrieved files" overview there is now a new button "Restart processing" with which the selected files can be processed again. This allows to, e.g., restore deleted account statements in the account overview.
Fetch Schedules
Fetch schedules can now also run monthly.
The "Fetch Schedules" overview now has the additional column "Tenant" if "All tenants" is selected in the tenant filter.
Account Statements
The navigation bar now offers a new sub-item "Exported files" in the "Account statements" tab.
The sub-item "Create new group" has been added under "More actions" in the account overview, with which account groups can be created.
A new filter for PDF account statements has been added. In the filter dialog you can filter by bank, account and statement date.
Administrators and users who have administration rights for one or more tenants can now see all automatic exports of their managed tenants, even if the automatic exports are assigned to other users.
Updating system components
Bootstrap was updated to version 5.1.3. An update of jQuery to version 3.6 was also implemented. This is also associated with security improvements, in particular mechanisms against cross site scripting (XSS).
User administration
The administrator or a user who has authorization to manage a tenant can lock/inactivate a user. For this purpose, there is the sub-item "Lock login" in the user administration under "More actions".
As with the login, a user now also has a limited number of attempts to enter the correct password when signing a payment/order until the user is locked. If the user has entered a wrong password five times, he is locked.
Added new permission "Admin user is authorized to create users and to modify or delete other admin users." that allows a Super-Admin to remove these permissions from other administrators.
Permissions "User is authorized to delete account statements and PDF statements." and "User is authorized to edit bank settings." were added.
Two-factor authentication
When adding a security key, one can now add a description. For existing security keys, a description can be added later.
An administrator or a user who has authorization to manage a tenant can remove a two-factor authentication of another user. This function was added so that a user does not have to reinitialize with the bank if a Yubikey is lost.
Bank connection
Users with an active bank connection can enter or change their own subscriber ID in the bank settings. Administrators can change the subscriber ID for users with an active bank connection. If the users's bank connection is inactive, the administrator can delete the subscriber ID.
When creating a user, the associated banks for the user can be assigned and the respective subscriber ID for the banks can be preset. This is optional - the subscriber ID can still be entered or modified during initialization.
If the permission "User is authorized to view banks and accounts in the settings menu." has been granted for an administrator in the user administration, this administrator can create and remove new banks and, in addition, all banks can be edited.
When creating a bank, you can specify the country of the bank; the standard send parameters and fetch parameters are adapted depending on the country. You can select Germany, Switzerland, Austria or France as the country.
If no user profile (HTD) is available, the option "Settings from user profile" for the account authorizations in the user administration is no longer displayed. In such cases there are only two choices: "Authorized" and "Not authorized". The default value is "Authorized".
Tenants
In the overview of tenants, the column "Number of participants" has been added. The column "Number of participants" shows the number of users who are assigned to the tenant and have a bank connection.
A filter function has been added to the overview for tenants, so that searches are simplified here.
If the maximum number of participants of a tenant has been reached, it is still possible to assign users without bank connection to the tenant with the function "Configure users".
In the user administration there is a new authorization "Admin user is authorized to create and delete tenants." which allows Super-Admins to remove these permissions from other administrators. If this authorization is not set, the administrator can still see and edit all tenants, only creation and deletion are limited.
Fetch schedules
An administrator can create a fetch schedule for other users with bank connection. The administrator can assign a fetch schedule to another user. It is also possible for an administrator to create fetch schedules in advance, even though there are no active bank connections yet. In this case, "User is assigned automatically" is entered as the user. When the fetch schedule is executed, it is automatically tried to assign a user with active bank connection to it.
Preferences
The preference "Write EBICS traces" can be set per user.
If the clean up setting in the preference was deactivated, it was no longer possible to activate it. This error has been corrected.
Other
Resetting a filter is now more convenient. When a filter is active, the "Reset" button appears so that you do not have to open the filter dialogue separately.
Accompanying ticket for containers with SEPA payments
When signing sent files, an accompanying ticket is now displayed for containers with SEPA credit transfer and for containers with SEPA direct debits. Containers with SEPA credit transfer are sent with the order type CCC, CCS or CCX and containers with SEPA direct debits are sent with the order type C1C, C1S, C1X, C2C, C2S, C2X, CDC, CDS or CDX.
Payment details of send orders
Clicking on a row in the overview "Sent Files" will take you to the send details of the send order. On this page there is now a button "Show Payment Details", which allows you to view the payment details of the send request.
Above the displayed payment details of a sending order there is now an "Export" button, which allows you to export the payment details as a CSV file.
DTAZV foreign transfer
The option "Equivalent payment in" can only be activated for DTAZV foreign transfers if the account currency of the originator's account is EUR.
If a DTAZV foreign transfer with mixed currencies is transmitted, the total amount over all currencies is displayed without currency in the overview of the sent files.
Filter for periodic payments and payment templates
The overviews for periodic payments and payment templates have been extended by filter functions, thus simplifying the search.
Account overview
The account overview shows the balances of all accounts. If you select accounts, the display of the balances changes and the balances are limited to the selected accounts.
In the user defaults there is the setting "Highlight new account statements in account and entry overviews". With this you can determine whether new account statements and new batched transactions are displayed in bold in the overview. The options are "deactivated", "automatically mark as read" and "manually mark as read". This setting, as well as the account statements marked as "read", are stored separately for each user.
Transactions
The "current balance" column is only displayed in the transactions overview when using the standard sorting, to avoid misinterpretation.
Automatic Exports
Automatic exports regularly create files that an administrator can delete through a cleanup setting. The cleanup setting can be set in the user preferences.
EBICS 3.0
The EBICS version 3.0, which is obligatory for all German banks since November 22, 2021, can now be used for communication with banks. When creating a new bank account, EBICS 3.0 can then be selected. Existing bank connections can also be updated to EBICS 3.0. If the length of the current bank keys is below 2048 bits, the user must change the keys, which however runs automatically and does not require an approval by the bank. If there are other users for this bank access having an insufficient key length, these employees must also perform a key change. Since the security mechanisms that are used in EBICS 2.3 are not longer considered safe, this protocol version is not offered anymore when creating a new bank.
Settings
With the new preference Allow non-administrators to rename accounts, it can be configured that only employees with admistrator privileges are able to define or change account names.
In the bank settings, the information about the used EBICS keys is shown for the current user. The bank names and icons can now only be changed by administrators. In the new tab Send parameters the technical order type (or BTF for EBICS 3.0) to be used for the transfer to the bank can be configured for each payment type.
When creating a new bank connection, a new button was added that allows to automatically determine the newest EBICS protocol version supported by the bank.
In the user administration, an export function has been added to allow to create a CSV file with the information from the overview. Additionally the overview has been extended by a filter to reduce the shown entries in which the user name contains the entered search text.
Orders
A filter function was added to the tables for fetched files and notifications to make searching easier here.
User interface
In the navigation bar, a button for the creation of payments was added to allow quick access to the payment recording page from everywhere in the program. With the new preference Show balance list on start page it is possible to configure that information about the account balances is displayed directly on the start page.
The filter criteria for texts have been extended by two more options to show only these entries in which the according field either starts or ends with the entered text.
In all forms the mandatory fields are marked with an asterisk (*).
AWV notifications
In the table of the notifications, a column has been added to show the origin of the notification, i.e., if it was created from payment data, account statements or manually.
File transfer
In the form for sending files, the file type (SEPA file, CSV or Excel file or for sending general files) must now be specified before uploading.
The filter in the table of sent files now contains the originator account as criterion. So now it is possible to show only the files from the selected originator account.
Access to the order details or the customer protocol of sent files is now only allowed when the current user has permission for the originator account.
When sending orders via an EBICS 3.0 connection, an additional information can be entered, which is shown to the other employees having permission to sign the order when they open the details view of the open EDS order, and afterwards also in the signed or cancelled EDS order. This information is not forwarded to the payment recipient.
The hash value of the sent file is shown in the order details view now.
Distributed Electronical Signature
The tables for signed and cancelled EDS orders again show all orders, not only the orders that the user signed or cancelled himself/herself.
Access to the order details or the customer protocol of signed or cancelled EDS orders is now only allowed when the current user has permission for the originator account.
In the table of open EDS orders, a button has been added that allows to create open payments from the selected orders. So in the case an error is noticed when checking an order, it can be sent again after correction.
Payment recording
When creating a new payment, only those payment types are available that the user has permissions for. Also, in the payment forms only those originator accounts can be selected for which the user has permission.
Austrian tax office payments and Postbar payments are now supported as additional payment types. For these new types, payment originators and recipients a available, too. Tax office payments are a special form of SEPA payments, which allow to record several types of duties (e.g. VAT) for different time periods, and the intended purpose is automatically generated by specification. Postbar (postal cash) payments offer the possibility to send money to a recipient who does not have a bank account.
The payment folders have also been integrated in the tables Signed payments and Payment templates. If an open payment from a folder is signed, it appears in that same folder in the Signed payments table. Similarly, from payment templates that belong to a folder, all open payments that are generated are put inside the same folder.
With the preference Show account number in recipient column it can be configured to show the recipient IBAN for SEPA payments in the table Open payments. Moreover, in the payment tables the account number or IBAN of the originator account can be shown additionally to the account name, if the new preference Show column with IBAN of the originator is activated.
When creating SEPA payments now either the intended purpose or the payment reference can be entered. For differentation, the field currently named Reference has been renamed to End-to-end reference. With the new preference Allow only valid ISO 11649 creditor references it can be configured whether the entered payment reference is to be checked for valid values. Also when importing SEPA payments from CSV or Excel files, a payment reference can now be defined.
In the forms for creating SEPA payments, SEPA recipients and SEPA mandates, for the recipient account a dialog has been added to allow to determine the IBAN and BIC from a German bank code and account number. The preference Display dialog to determine IBAN and BIC allows to configure whether this button shall be shown. Similarly a button with this function has been added to the form for recording German accounts, too.
The payment format of open SEPA credit transfers can be switched between SEPA transfer, SEPA express transfer and SEPA instant transfer during or after payment recording with new buttons provided at the top of the payment form. This is possible only if the user has permissions for the payment types.
In the payment forms, the recipient bank is now shown in a text field if the IBAN or BIC has been entered and if this information allows to determine the bank. For DTAZV international transfers, the bank name is shown there now but not preset anymore in the field Bank name.
The recording of payment recipients can now be done using 'four-eyes principle'. For this, the preference Recipient recording has been extended by the option Allowed in four-eyes principle. If this option is configured, all changes in the recipient data including the creation and deletion must first be confirmed by another user, only then the recipient data is applied in the payment recording. Changed payment recipients are marked in in the table and the modified fields are marked in the forms, so the second, confirming user is informed about the modifications.
It is now possible to create multiple open payments from a payment template in one single action. Additionally, when creating or modifying payment templates, no execution date must be defined anymore.
When importing recipients, the display name can now be specified in the imported file - previously it had just been generated from the recipient name.
Payment import
The payment import from CSV and Excel files now supports MT101 payments, too.
For the import of payments, the check for invalid characters has been extended.
Account statements
The table of the accounts overview now offers three additional columns to be displayed: Opening balance, Total debit transactions and Total credit transactions. These columns can be configured with the new preference Display columns with opening balance, total debit and total credit available in the Display settings of the Account information preferences.
Account statements and bookings can now be exported directly from the user interface using a specified conversion. By now this was only possible using a detour via an automatic export.
Automatic Exports
With the preference Language for automatic exports now the language to use for creating the exported files can be configured. Beside the localized texts it is also applied for the date and amount formats.
Payment recording
When creating payments, the account currency is preselected for the payment.
An error during look-up of BICs in the SCL directory was fixed.
Login
The login name is not case-sensitive anymore.
Payment recording
When recording SEPA debit transfers, an error could occur, if mandate administration is active and originator recording is not allowed. This issue has been fixed.
When creating open payments they are assigned to the folder that is currently opened.
Sending files
When editing folders for files to send, now the send order types are shown for selection.
For the import and direct sending of SEPA payment data, now files in ISO 20022 format can be used.
A performance issue occurred in the fields for selection fetch order types has been fixed.
Update of system components
Play Framework has been updated to version 2.8.8. This is also associated with security improvements, especially mechanisms against Cross site scripting (XSS) and Cross size request forgery (CSRF).
Java is used in version 1.8.292 10.1 now.
Multi-tenancy
It is possible now, to enable a separation of the application data by configuring tenants. So banks and all information belonging to them, payment originators and recipients, SEPA mandates and automatic exports are assigned to exactly one tenant. A user is assigned to at least one tenant but may have access to multiple tenants.
Security
Support of further mechanisms for the two-factor-authorization (additionally to Yubikey): OAth and WebAuthn.
Support for Single Sign On (SSO). To activate it, the information of the OpenID must be configured in the file production.conf.
It is possible now to define a timeout after which active sessions are to be deactivated. This can be configured in the file production.conf with the parameter bl.sessionTimeout.
Fixed that expired passwords are not asked to be renewed.
User interface
A Help button has been added to access the online help of BL Banking Web directly. With that always the entry is opened that belongs to the page that is currently shown.
The application supports three more languages now: French, Spanish and Portuguese.
In the details view of an EDS order the existing signatures are shown in chronological order now.
The function to delete send orders has been removed.
In the table Retrieved files, in column Order additionally to the order type a corresponding text and the fetch period are shown.
Filters configured for the table views are reset after logout.
In table Notifications now is shown to which order the notification belongs.
In the notification details the button for Saving the original files is not shown anymore for notifications from the customer protocol. In this case an empty file has been created before.
When configuring the database connection, the type of the used database can be selected. By this in the field JDBC URL a template is shown.
Bugfixes in editing fetch schedules, bank connections and accounts.
When editing text fields, in most cases only allowed characters are accepted.
User administration
For a user now permission can be specified, if this user gets access for the following areas: account statements, send files, fetch files, EDS, payments, AWV and send folders.
The import of users has been modified, so the user is only created for the import first, the synchronization process is to be started by the user itself when logging in the first time. Additionally inside the import the allocation to already existing banks has been improved.
In the user list every bank state is marked in color depending on the state: green for state Ready, red for state Locked, otherwise black.
When resetting a user the configured two-factor-authentication can be reset as well. In addition to this, when resetting a user its keys are locked on the bank side to allow to do the initialization instantly after logging in the next time.
After changing the own user name the user is not logged out anymore.
When editing a user the setting for the permission to synchronize with the mobile app is considered.
EDS
Inside the EDS history the amounts could have a wrong decimal place in certain circumstances.
Miscellaneous
The application detects if it is tried to send a signature for an EDS order multiple times, e.g. by double-clicking the Sign button. In this case the order has been rejected by the bank before.
A problem when signing multiple EDS orders, in which an error occured for one order, has been fixed.
Sending files
If there are no keys for the bank connection of a users, a corresponding error message is shown when signing.
When sorting inside the payment table it is always sorted by the creation date additionally to the sort criterion.
If files that are to be transferred to the bank have the SEPA format, it is not necessary anymore to specify the bank or order type, this information is taken from the payment data directly.
It is possible now to upload files for sending from a directory inside the application. Files that have been sent successfully from a directory are deleted now.
When signing an order the contained payments are shown in a table.
Performance problems when sending large files and in table Sent files have been fixed.
Payment recording
The originator account that has been used at last is preset when creating the next payment.
When editing SEPA express transfers the fields for ultimate originators and recipients have been removed as they cannot be used. Additionally for the originators and recipients no BIC must be specified anymore and the selectable payment types and categories have been reduced to INTC and CORT.
The selection of the currency for AZV payments has been reduced to entries that are currently valid.
When editing periodic payments in purpose field now a wildcard can be selected to insert it into the purpose field. A description for using the wildcards is show below the field. In the periodic payments table the purpose is also shown if it contains wildcards.
The timeout for web sockets has been increased to 10 min so the import of payment data from a CSV file is not aborted so fast anymore.
Bugfixes when applying the account holder as the originator of a payment or when selecting a SEPA mandate. If the account holder contained special characters (e.g. an ampersand) it has been shown wrong before or the fields has not been filled.
Payment tables
In the open payments table a column for the payment folder has been added, it is only shown if no folder is currently selected. The filter in this table has been expanded, so it is possible now to filter by the user that created the payments.
Below the button New payment only the payment types are shown for which the user has permission on the bank side. If a user doesn't have access to a bank, all payments types are shown.
When importing payments, more detailed error messages are shown. Additionally salary payments are ignored if the user has no permission for editing salary payments.
When modifying multiple open payments the bank has not been updated if the selected originator account belongs to another bank. This error has been fixed.
Account statements
In the account overview it is now possible to apply a text filter on the displayed accounts. Above the overview the posting and value date balances over all displayed accounts are shown. An export of the account overview has been added.
The last selected account group is stored and applied again when showing the account overview again.
In the transactions view in the selection menu for the account statement the date is shown additionally to the statement number. If the transactions for all accounts are shown in the overview, a column for the account is displayed.
In the balance list a column with the standard name of the accounts is displayed, if the preference Display column with standard account name is active. Additionally the balance list can be exported to a CSV file.
Fixed that the date of the last statements fetch is not updated if no data was available.
Automatic Exports
After clicking the button Display exported files in the automatic exports table only the files are shown that belong to the selected exports. If no exports are selected, farther all exported files are shown.
Two-factor authentication with Yubikey tokens
For improved security we now support two-factor authentication. Users can configure one or more Yubikey security tokens, provided by the company Yubico. During login and when signing a payment a one-time password generated by the security token is required as an additional security measure after entering the user password.
Notification about software updates
When a new software version is available, a corresponding note will be shown on the landing page. This note contains a reference to the change log. The update will not be installed automatically.
User administration
Users can be imported more conveniently from a different installation or e.g. BL Banking. This uses the same method that already exists for the synchronisation with the mobile apps (iPhone and Android app). Using the new button "Import user" will lead to a form where you can enter the name of the new user and the synchronisation number. Here you can enter either the 12 digit number or, when using the QR Code synchronisation, the text shown beneath the QR Code.
When setting up the application the first user that is created is no longer required to have a bank access. Thus it is possible to first set up e.g. a technical administrator who can then create further users and banks.
Users can now be reset, e.g. if they forgot their password. When doing this, the bank connections will be reset, so the user needs to reinitialise with the banks as soon as he logs in. In order to be able to do this, the EBICS keys must be reset by the bank.
When the maximum number of allowed users has been reached you will now still be able to create further local users without bank access.
Administration of bank connections
Bank connections can only be created by administrators form now on. Setting up the bank connection is a separate process from the EBICS initialisation, so the administrator, who is creating the bank connection, does not have to do an initialisation. The creation of duplicate bank connections is no longer possible.
Fetch schedules
Additionally to the existing fetch types it is now possible to create a freely configurable fetch schedule. It uses a freely configureable order type and the fetched files can be saved to a configurable directory.
Payments
When selecting the originator account in the payment forms the account holder will be entered into the text box for the originator name.
Customer protocol
The delay for the automatic refresh of the customer protocol after sending a file can now be configured in seconds, not minutes.
Export of balances and balance lists
The balances and balance lists shown in the corresponding tables can now be exported in CSV format via the download function of the browser.
PDF statements
The order type used for PDF statements can now be configured in the bank settings.
Bookings
The sorting of bookings by booking date or value date has been corrected for advices with multiple statements per day, so the current balance is displayed chronologically correctly.
Bugfixes for PDF statements
Some problems have been fixed that were caused by invalid PDF statement files.
Account groups from balance list
When creating account groups from the balance list view, an error occurred when using a PostgreSQL database. This behavior has been fixed.
Bugfixes for PDF statements
The date for fetching and the download of existing statements have been fixed.
Presentation
If only the bank icon without the name is shown in the tables, the bank name appears as a tooltip on the bank icon
When displaying amounts, they are shown in red, if the amount is debitted from own accounts. Amounts that are credited to own accounts still appear in black.
Sending files from transfer folders
Folders can be configured to hand over files that are to be transferred. These files are listed under the new menu item "Orders" -> "Files to transfer" and can be sent directly from there.
Create and send SEPA instant payments
SEPA instant payments can now be created and sent.
Displaying payment details when signing and order and in open and historical EDS orders
In the views "Sign order" and "Details for EDS order" the payment details are listed in a table for known payment formats. By selecting the payments the payment details can be displayed.
Total amount of the selected payments in the payment tables
In the views "Open payments", "Periodic payments" and "Payment templates" the total amount of the selected payments is displayed when selecting two or more payments having the same currency.
Extended payment filter in open and signed payments
In the views "Open payments" and "Signed payments" the filter can be set for an originator account and the execution date.
Bugfixes/optimization
In the edit page for payments the ampersand character can be used in text search for payment recipients.
Fix for the currency shown in table "Sent files" for SEPA credit transfers.
In the view "Sign order" a button has been added to print the accompanying ticket.
Presentation
In the transactions table, the sorting was fixed for statements having multiple pages.
With the new preference "Show single bookings instead of batched bookings" it can be configured, if the single bookings in the view "Transactions" are shown directly or the batched bookings at first.
When creating or editing automatic exports the accounts to apply the automatic export for are shown with a check box.
Adjustments in the user administration
In the overview table of the users the time of the last login and the number of failed login attempts are displayed for each user. Is the number of possible attempts exceeded, an adminstrator can reset this value back to 0, so the user can newly try to log in.
Adjustments for MT101 payments
In the send report of a RFT order, analogously to the other payment formats (SEPA and DTAZV) a table with the payment details is printed.
If a user is not permitted for the originator account, a wrong originator account was shown in the payment details of the EDS order. The page for the MT101 payment details has been adjusted, so the correct originator account is displayed correctly is this case, too.
Printing of the account overview
If the column for the standard name (e.g. the IBAN) is displayed in the account overview, it also appears in the printed overview.
AWV notifications
It is possible to record registration parts according to the German foreign trade regulations (AWV) and export them in a Z4 file or in CSV format for a report month. The information that is to be reported can be extracted from account statements and sent payments so it can be completed manually.
Bank settings
In the bank details the DTAZV and EDS settings are displayed to allow to modify the configuration.
Bugfixes/optimization
Now SSL key files that are not protected (or protected with an empty password) can be configured in the SSL settings.
The user setting for "Administrator" is deactivated, if the user is editing itself.
The EDS overview is also fetched automatically after the user logged out from the application and subsequently logged in again (possibly another user).
SEPA payments
The option "Display as single transaction in the account statement (only for SEPA)" when importing or directly sending SEPA payments from CSV files was fixed.
When editing SEPA payments the purpose is set when the recipient is selected.
DTAZV and MT101 payments
When editing DTAZV recipients, unknown BICs are allowed now, too.
For DTAZV payments with accounts having different currencies than EUR, now the correct originator account is displayed.
When selecting the originator account for DTAZV and MT101 payments, the currency of the payment is set to the account currency.
When editing DTAZV payments the bank name is updated if known BICs are selected.
Fetch schedules for PDF statements
PDF (or BKA) statements can be fetched scheduled (or manually) now. If the view "PDF statements" fetched statements can be viewed, saved and deleted. The export directory for these files can be configured.
Bugfix
The start and end time for fetch schedules is checked when it is saved, a wrong input could cause, that the user could not log in anymore.
Setup
For the operating systems Linux and MacOS the program ist distributed as a setup, by now this only existed for Windows. The setup assistant was improved and extended, so the proxy and SSL settings can be configured here.
The password for the SSL key file is stored itself encrypted in the configuration files.
The supplied Java has been updated to version 8 build 181.
EDS overview
If multiple banks are configured with the same name, only the orders of one of these banks have been displayed. This bug is fixed, now also in this case all open EDS orders are shown.
miscellaneous
For the folder, in which the EBICS user keys are stored, the umlauts are converted as otherwise encoding errors could occur.
For users can be configured now, if they are allowed to synchronize the EBICS access information with a mobile app.
IBANs are shown everywhere formatted in groups of four characters.
MT101 payments
Payments in MT101 format (order type RFT) can be created and edited. Analogously to the existing payment types, the originators and payment recipients can be managed for MT101 payments, too.
DTAZV payments
Counter value payments are also possible. if the currency is set to EUR.
When creating new payments, EUR is set as currency.
A bug determining the recipient country from the IBAN or BIC has been fixed.
SEPA payments
For SEPA payments with other currencies than EUR the order type XCT is used. Is the user not permitted for this order type, a corresponding message is shown when editing the payment.
miscellaneous
From the payment data of the sent orders the originator information is extracted and stored in the application.
The setting for the salary payments are applied in all views. Also saving salary payments is denied if it is configured that the user should not see the salary payments or the amounts are hidden for these payments.
If the preference "Extract sent orders of other users from the customer protocol" is activated, unknown orders can be created from the information found in the customer protocol.
If a user is not permitted for an order type, a corresponding error message is shown when saving payments for this order type.
When saving periodic payments, an open payment is created if it is due.
Conversions
Conversions now can be imported from another application and exported from BL Banking Web.
Account administration
When saving account settings with activated option "Show value date balances without cash concentration" it is checked, if the fields "Opening balance" and start date are set, because otherwise it has come to problems then.
User administration
The button for creating a new user is also shown, if the allowed maximum number of users exceeded. The button then appears deactivated and a tool tip with a corresponding message. The check if the maximum number of users exceed was not working correctly before and has been fixed.
Creating and editing accounts
The administration of user permissions has been removed from the form for accounts, because it caused several different problems. The permissions can be set inside the user administration.
Also for manual accounts the bank can not be modified in retrospective as it leads to problems with database entries referencing them. If the bank of an account is to be changed, the account needs to be deleted first (including the referencing entries) and a new one needs to be created.
Account permissions in periodic payments and payment templates
In the views for periodic payments and payment templates are only shown the accounts for which the user has permissions for.
Fix in DTAZV payments
For DTAZV payments the account currency of the originator account is stored in the payment data.
Sending of payments from invalid CSV files
If it is tried to send payments from invalid CSV files, more precise error messages are shown.
New preference to only show the accounts for which the user has permissions
With the new preference "Display only accounts for which payment permissions exist" can be configured, if only accounts are shown in the account overview, for which the user has permissions for.
Editing automatic exports
A problem was fixed that could occur when saving automatic exports.
Bugfixes
A problem for Javascript calls in Firefox and Internet Explorer has been fixed.
Users without bank access were getting an error by now when sending traces. This problem has been fixed.
First version