Have questions?
Get all your answers related to Integration services.
File integration questions and answers
Available Integration Channels
Integration Services channels offer a secure and automated single point of entry for payments, collections and reporting services provided by SEB.
It’s a global service covering a wide range of countries and payment types available in all markets where SEB is present, as well as with SEB's partner banks and other external banks.
We support the following Integration Services channels that enable full automation of customer financial core processes related to payments, reporting, reconciliation and collections:
- Global Corporate Access (GCA), which is a secure internet-based Host-2-Host channel using SFTP and AS2 file exchange protocols.
- Corporate Access over Swift (CAoS), which is a secure channel based on communication via SWIFTNet.
- Global Corporate Access via EBICS (GCAoE), which is a secure internet-based channel using EBICS communication standard.
As a semi-automated solution for when you don’t need a full integration with us, we offer File Handling Service (FHS) for manual ISO20022 file upload and download.
Yes, our current partnerships include ERP providers, Salary service providers, Bank integrators and Service Agencies.
- Global Corporate Access (GCA) is an internet-based communication and is aimed at any company with medium or high transaction volumes, typically large and medium size businesses. This integration requires supporting one of the following file transmission protocols – SFTP, AS2 or EBICS.
- Corporate Access over Swift (CAoS) is a SWIFTNet-based communication and is aimed at any company with medium or high transaction volumes and/or multiple bank relationships, typically large sized companies. This integration type requires SWIFTNet-membership.
Products & formats
SEB provides a full range of efficient payment services. This includes:
- domestic payment services – offering access to local ACH and market specific solutions
- cross border solutions for your international business needs
- intra-company solutions to settle your internal business.
List of all available payment types and cut-off times can be found here.
SEB provides a wide range of reporting. This includes:
- Credit advice
- Debit advice
- Collection credit and debit advice
- Financial statement
- Intra-day Balances
- Interest Report
- Billing statement
For each received pain.001 file SEB sends a Generic Acknowledgement pain.002 message, indicating if file is accepted or rejected by SEB based on file syntax and compliance, followed by Payment status pain.002 message, indicating rejected and/or accepted transactions.
Security and communication parameters
Pretty Good Privacy (PGP) is a computer programme that provides cryptographic privacy and authentication. PGP and similar products follow the OpenPGP standard for encrypting and decrypting data.
Each pain.001 payment file sent to us using Secure File Transfer Protocol (SFTP) must be signed with your private PGP key and optionally encrypted with our public PGP key to ensure the file hasn’t been tampered with on its way to SEB.
Signing pain.001 files with PGP key that are sent using Applicability Statement 2 (AS2) protocol is optional.
Detailed information about OpenPGP and available software can be found at www.gnupg.org
Secure File Transfer Protocol (SFTP) is one of two file transfer protocols we use in Global Corporate Access channel for file exchange with our customers over the internet between 2 remote servers.
Through SSH and encrypted FTP commands SFTP protocol protects the integrity of the transferred data, prevents “man-in-the-middle” attacks and “password sniffing”.
To connect to our SFTP server, you will need an IP address and authentication credentials that consist of username and password/or SSH key.
All files sent to us via SFTP must be signed using PGP key for an extra layer of protection.
SEB supports the following authentication methods in SFTP connection:
- SSH key which relies on asymmetric cryptographic algorithms that generate a pair of separate keys - one private and the other public. You share a public key with us to access our SFTP directory and keep the private key a secret. Only a user in possession of a private key that corresponds to the public key at the server will be able to authenticate successfully.
- A strong password which we generate and provide to you upon establishing STFP connection and which is then used in combination with unique username to log in to our server.
Applicability Statement 2 (AS2) is one of two file transfer protocols we use in Global Corporate Access channel for file exchange with our customers over the internet.
The AS2 standard uses Secure Multi-Purpose Internet Mail Extensions (S/MIME) and HTTP or HTTPS to transmit information securely. AS2 can be used by the Company to digitally sign/encrypt/ transport/verify all types of formats supported by the Bank, such as ISO 20022. Both successful and unsuccessful transfers are followed by an MDN (message disposition notice) if requested, allowing the sender to know if the file transfer was successful.
AS2 incorporates encryption and digital signatures. Once encrypted, only the intended recipient can read the data and once signed, there is confidence in who sent the data. AS2 uses public and private keys and certificates for encrypting and signing messages. PGP signatures can be used in addition to the native AS2 certificate.
AS2 is not an option if:
- You do not have a web server, which can be used to host the AS2 software.
- Your web server is not always accessible from the Internet due to your corporate firewall restrictions.
AS2 certificates are used for data signing and/or encryption, as well as for SSL (server and/or client authentication).
In a AS2 transaction there are always two certificates involved for data signing and encryption - your trading partner certificate and your own system certificate.
The certificates involved depend on the direction of the communication (Inbound or Outbound) as well as the certificate activity (signing and/or encryption):
- Outbound, where partner certificate (Public key) is used to encrypt the data. This means that only the partner that has the corresponding Private key will be able to decrypt that data. Your own system certificate is used to sign the data (Private key).
- Inbound, where your own system certificate (Private key) will be used to decrypt the data, since it has been encrypted by your partner using your public key. Partner’s certificate (Public key) is used to verify the data signature.
We will never collect files from your server to make sure you are in full control of what you send to SEB. We will therefore always ask you to connect to our server to push payment files to us.
Yes, all payment status and reporting files can be sent to your server if you choose so.
Establishing a new Integration Channel
To successfully integrate with us you’ll need a business representative who understands your business needs, a technician who will work with technical aspects of establishing connection, an ERP/TMS specialist who will configure your application and build files according to SEB’s Message Implementation Guidelines (MIG) and a tester who will test your readiness to go live with your new channel.
Once you found an Integration Service channel that suits your needs, please contact your representative at SEB. They will gather an implementation team to help you go over the details and kick-start the implementation.
Once we agree to proceed with the implementation, the steps are generally as follows:
- Going over the technical and business requirements
- Exchanging technical details
- File building and testing
- Signing necessary documentation
- Establishing the connection
- Production penny testing
- Go-live
Depending on whether you or your subsidiary is a new customer of SEB or an existing one, as well as on which agreements your company has already signed with us, you will have to provide and/or sign the following documentation:
- KYC documents for each site with an active account
- Cash management agreement
- Corporate power of attorney in case account management is outsourced
- GCA, GCAoE, FHS or CAoS agreements, depending on the choice of the channel
Having a correct payment file format in place is one of the key factors in successful implementation of Integration channel, therefore it’s crucial to test your files ahead of your first production payment.
To test your payment files, please order an access to our online testing tool called Test Bench using the following link. Test Bench will not only validate syntax and business logic in your uploaded pain.001 file but will also create a corresponding pain.002 status message, as well as camt.053 and camt.054 reports which you can then upload to your ERP.
Once Test Bench indicates no more errors in your payment files, please contact EBS Support at EBS.Support@seb.se or your appointed implementation lead at SEB if you have one to receive further feedback on the files you have built. Our team of experts will test your files in internal applications to make sure your file template is ready for production.