Rm07 - Customer Requirements Specification V1

Customer Requirements Specification CAPB Internet Banking

Internal Use Only

CAPB Internet Banking - Customer Requirements Specification Version 1.1, Status – draft Page 1 of 37

1.1 Document Control Status Owning Group Title Version Number Version Date Author Status Printed Location

CAPB IT, Solutions Delivery 8854293.doc 1.1 16.07.04 Barry Smith Draft 30/06/2004 11:28:00 AM \\fps_cluster\G:Projects\EBanking

1.2 Revision History and QA Control Version

Status

1.1 1.2 1.3 1.4

Draft Draft Final Final

Revision Date 16.07.04 29.09.04

Modified by

QA Doc Updated

Barry Smith Barry Smith Barry Smith Barry Smith

Description 3 additional requirements Minor updates Minor updates Update to CAPBIB37

1.3 Document Approval and Distribution Role

Name

Department

Head of CAPB It Project Manager

Nigel Brookes Dizzy Choat

Solutions Delivery

Review by (Date)

Sign-off by (Date)

CAPB Internet Banking - Customer Requirements Specification Version 1.1, Status – draft Page 2 of 37

Contents Page

1.1 Document Control............................................................................................................2 1.2 Revision History and QA Control.....................................................................................2 1.3 Document Approval and Distribution...............................................................................2 2 Management Summary.......................................................................................................4 3 Introduction.........................................................................................................................5 3.1 Purpose of Document......................................................................................................5 3.2 Project Background..........................................................................................................5 3.3 Stakeholders....................................................................................................................6 3.4 Associated Documents....................................................................................................6 4 Project Summary.................................................................................................................7 4.1 Project Objectives............................................................................................................7 4.2 Strategic Fit......................................................................................................................7 4.3 Project Scope...................................................................................................................7 4.4 Customer Environment....................................................................................................8 4.5 Implementation Constraints.............................................................................................8 4.6 Assumptions.....................................................................................................................8 4.7 Dependencies..................................................................................................................8 4.8 Target Dates.....................................................................................................................9 4.9 Future Needs...................................................................................................................9 5 Current State/Situation.....................................................................................................10 5.1 Current Functionality.....................................................................................................10 5.2 Current Limitations.........................................................................................................10 6 Business Requirements....................................................................................................11 6.1 Overall Product or Application Description....................................................................11 6.2 ‘Business Requirement Heading’ [Customer Requirement ID].....................................12 7 Non-Functional Requirements..........................................................................................26 7.1 Performance Requirements...........................................................................................26 7.2 Volumes.........................................................................................................................26 7.3 Availability......................................................................................................................26 7.4 Capacity.........................................................................................................................26 7.5 Disaster Recovery/Business Continuity........................................................................26 7.6 Security Requirements..................................................................................................26 7.7 Audit Requirements.......................................................................................................29 7.8 Support and Maintenance Requirements......................................................................30 7.9 Error Messages..............................................................................................................30 7.10 Archiving......................................................................................................................30 7.11 User Documentation....................................................................................................31 7.12 Replication ..................................................................................................................31 7.13 Service Level Agreements ..........................................................................................31 7.14 Disability Discrimination Act........................................................................................31 7.15 Screen Design.............................................................................................................32 8 User Acceptance Testing..................................................................................................33 9 Training.............................................................................................................................34 Appendix A Glossary...........................................................................................................35 CAPB Internet Banking - Customer Requirements Specification Version 1.1, Status – draft Page 3 of 37

2 Management Summary The implementation of e banking is critical to maintaining Cater Allen's position in the private banking sector. 25% of customers regularly request Internet banking and recent research has shown that 32% of all account closures are as a direct result of not offering Internet banking. In addition, 14% of intermediaries say clients have rejected recommendations for Cater Allen Accounts as there is no Internet service. In order to remain competitive and survive, Cater Allen must provide customers with Internet banking. Significant work has been carried out in earlier cancelled projects to implement an Internet service for CAPB and where possible and practical the solution being implemented now is to build upon already existing Ovation code. Detailed design work has been carried out as a part of the project approval and costing process and it is known that this project will leverage investment in existing Abbey IT infrastructures, which provide Internet services and authentication services.

CAPB Internet Banking - Customer Requirements Specification Version 1.1, Status – draft Page 4 of 37

3 Introduction 3.1 Purpose of Document This document details the agreed Customer requirements from an Internet service to be provided to CAPB clients.

3.2 Project Background The Internet (or Net) is a global network of computers with millions of users. It consists of many thousands of powerful computers (called Hosts) permanently linked by connections. Anyone with a computer and modem can join this network by using a standard phone line. The speed of this global network means that, depending on the mount of traffic, it can be just as quick for a user in Birmingham to access a computer in Sydney as in Sheffield. The Internet is helping companies to lower costs dramatically across their supply and demand chains, take their client service into a different league, enter new markets, create additional revenue streams and re-define their business relationships. It is believed that if in five years time a company is not using the Internet to do some, or all of these things, it will be superseded by competitors who are. Research conducted by Datamonitor has indicated the following statistics on Internet banking: • Managing a bank account is the most popular use of the internet for financial services; • 48.5 million European customers bank online; • The UK has the largest percentage of Europe’s customers banking online at 24.2%; • The growth in the UK Internet banking is strongly demonstrated by the fact that in 2000 5.5 million customers banked online. In 2002, this had grown to 9.9 million, a 33.9% CAGR. • In 2002, 53.3% of customers in the UK had a PC with Internet access. Recent research findings, which were conducted by George Street Research in April 2003, have identified the absence of Internet banking facilities as a potential barrier to take up of CAPB accounts by intermediaries’ clients. This is validated by the monthly customer survey. Within the rapidly expanding e-commerce market, Internet Banking presents a major opportunity for Cater Allen to deliver its vision where innovative thinking meets traditional service values. The project commenced within the former Fleming Premier Bank in 1999 and scoped to deliver a solution on Ovation – the banking system for that business. Following the purchase of Flemings by Cater Allen in 2001, the project was approved as a C2 objective for 2002. The project was subsequently “de-prioritised” following the rise in priority of the HICA migration to Ovation. There was also additional concern around installing internet for Ovation clients, leaving the HICA clients unsupported given it was the HICA product range that was continued to be promoted. Hence the delivery date was deferred for review until post migration. CAPB Internet Banking - Customer Requirements Specification Version 1.1, Status – draft Page 5 of 37

The deferment was agreed by Mac Millington and his team and Internet Banking for Cater Allen clients still remains an objective to be delivered. What has changed is the functional alignment and the question as to the right way forward.

3.3 Stakeholders Name Richard Dunn Sharaz Iqbal Sue Goodfellow Lynda Muller

Area Cater Allen Sheffield contact centre Bradford operations Marketing

Reason Sponsor

3.4 Associated Documents Document

Version

Author

Location

CAPB Internet Banking - Customer Requirements Specification Version 1.1, Status – draft Page 6 of 37

4 Project Summary 4.1 Project Objectives • . To design, develop and deliver content as specified within the requirements documentation and storyboards • To develop or adapt operational processes and procedures to support the Internet banking service. • To ensure that the most effective security measures are implemented so that risk for all parties is minimised. • To carry out systems testing and user acceptance testing prior to public launch. • To develop and implement marketing and communication plans for clients, Introducers and staff to support the launch of the internet banking service • To design and deliver training appropriate to the needs of operational support areas supplemented by intranet training designed to raise general awareness and understanding across the company. • To ensure that appropriate management information can be extracted on a weekly/monthly basis • To ensure that third party contracts are in place so that agreed service levels can be met. • To ensure that the service can be managed within the Abbey organisational structure. • To deliver the project in accordance with Abbey project management methodology and within defined timescales and budget.

4.2 Strategic Fit Operating Costs and Customer service are priorities for the Business and both of these will benefit from the implementation of an Internet Banking service for CAPB. Operating costs will be lowered because it is generally more efficient to service transactions automatically rather than via a call to a Contact centre. Customer service will be improved as clients will have an alternative channel for dealing with their banking requirements.

4.3 Project Scope The project is to design, build, test and implement an Internet interface for clients (not intermediaries) to the existing Ovation Banking system. The Business Case summarises the scope as to provide: •

A fully tested Internet banking service for Cater Allen account holders and account operators. CAPB Internet Banking - Customer Requirements Specification Version 1.1, Status – draft Page 7 of 37

• • • •

Marketing and communications for direct customers, intermediaries and staff. Training for all staff that are affected by Internet banking. Operational processes and procedures to support internet banking A pilot prior to going live

4.4 Customer Environment The application is to build on the core Ovation Banking system and to interface to the AWD workflow system for the secure messaging element of the service. CAPB staff will need to have visibility via Ovation Managers of transactions carried out directly by clients from the Internet. These Managers will be accessed, as at present, by staff in the Sheffield contact centre, Bradford operations and Payments in Prescot Street. Customers are to be supported when using current and current – 1 releases of both Internet explorer and Netscape. These customers geographical location is not to be restrained. The system will need to interface with the Tuxedo system for the issuing of passwords to clients.

4.5 Implementation Constraints The application must be built on the existing Ovation platform and interface with the AWD workflow system where necessary. All relevant Information security standards must be followed. Support for both Internet explorer and Netscape should be provided, both current and –1 releases of each. Implementation costs must be within the budget approved for the project,

4.6 Assumptions •

The Internet facing Infrastructure to support Cater Allen Internet Banking will be in place.

•

Disaster Recovery planning for Cater Allen will have been completed.

•

Functional requirements are still valid.

•

Group dependencies on other projects: e.g. Sirocco, AN End of Year change freeze, CAPB Change freeze, HICA-Ovation migration, Current Customer Review, AWD email and fax.

•

Resources will be available to ensure Cater Allen’s Internet Banking is delivered on time, on budget.

•

Only UK English will be supported in Phase 1 implementation in terms of user interface.

•

Implementation will be via a phased roll out, following a successful pilot

4.7 Dependencies The security enhancements to the Ovation implementation identified in 2003 and scoped by APAK will need to be implemented. CAPB Internet Banking - Customer Requirements Specification Version 1.1, Status – draft Page 8 of 37

4.8 Target Dates The target is to have an initial pilot phase live seven months after project start up.

4.9 Future Needs Continuing development of the services offered to clients via the Internet should be expected, i.e. this will not be a static system. A later phase that will be primarily aimed at Intermediaries is likely.

CAPB Internet Banking - Customer Requirements Specification Version 1.1, Status – draft Page 9 of 37

5 Current State/Situation 5.1 Current Functionality During previous cancelled projects to implement an internet Banking solution for Cater Allen basic functionality has been built into the core Ovation product but this has not been tested and also does not meet current requirements in many areas it has therefore been assumed that the existing functionality is nil. Ovation currently provides core banking application services to CAPB and these should not be adversely impacted by the addition of Internet services for clients. Clients will be directly interfacing with the same Ovation database as used by the existing Ovation Managers.

5.2 Current Limitations The existing Ovation implementation is not enabled for Internet access by clients.

CAPB Internet Banking - Customer Requirements Specification Version 1.1, Status – draft Page 10 of 37

6 Business Requirements 6.1 Overall Product or Application Description An Internet interface to their bank account is to be provided directly to clients. They need to be able to carry out all standard banking transactions: • View statement • View Balance • View overdraft facility • View uncleared credits • View manually held funds • View pending visa transactions • View/Cancel Direct Debits • View/create/amend/cancel standing orders • View/Create/amend/cancel Bill Payments • View/Create internal money transfers

CAPB Internet Banking - Customer Requirements Specification Version 1.1, Status – draft Page 11 of 37

6.2 ‘Business Requirement Heading’ [Customer Requirement ID]

CAPB Internet Banking - Customer Requirements Specification Version 1.1, Status – draft Page 12 of 37

Customer Requirement ID

CAPBIB01

Description

Register as an existing customer for Internet Banking

Originator/Source

Original BRS

Inputs

The requirement is that the registration process for Cater Allen Internet Banking will be by completion of either an online populated internet application form or a request generated via AWD when a customer calls to register for the first time, which will need to be signed and posted back to Cater Allen.

Outputs

Once clients register for this service, relevant documentation will be sent in the mail, including CIRN and internet password.

Benefits

If clients are able to download application forms it will reduce the number of calls to the contact centre requesting documents to be posted.

Acceptance Criteria All pages of the application form must print out on a locally attached printer at the client end. Formatting of the document must match the design approved by Marketing Customer Requirement ID

CAPBIB02

Description

Browser Compatibility The web site design should be able to handle the current and previous two versions of Netscape and IE browsers.

Originator/Source

Original BRS

Error Handling

If a user attempts to connect with a non supported browser or operating system then a message should be displayed advising them that their browser is unsupported and Cater Allen are not responsible for any display or format issues.

User Need

Clients need to be able to access the application using standard software tools.

Benefits

By supporting the main browsers CAPB will be able to offer the service to the majority of their clients.

Acceptance Criteria All screens developed must be displayed as designed. Test Approach

All test scripts aimed at validating page display and error handling must be tested in all supported browsers

Customer Requirement ID

CAPBIB03

Description

An online demo should be provided accessible via the Brochureware site that anyone can view. Marketing will define the actual data and flow of the demonstration.

Originator/Source

Original BRS

Scope for Use

This will be accessible to both registered and non-registered users and should reflect the live system.

Acceptance Criteria The demo should have the look and feel of the live site and match the flow defined by Marketing Customer Requirement ID

CAPBIB04

Description

The design of the web site should take into account brand principles and guidelines issued by the RNIB in respect of visually impaired users CAPB Internet Banking - Customer Requirements Specification Version 1.1, Status – draft Page 13 of 37

Originator/Source

Original BRS

User Need

All web sites must comply with the DDA guidelines.

Benefits

Regulatory compliance

Acceptance Criteria The Abbey standards must be complied with Customer Requirement ID

CAPBIB05

Description

Throughout the client facing screens, the terminology used should be consistent with language used by phone operators.

Originator/Source

Original BRS

Benefits

By being consistent there is less chance for confusion between staff and clients.

Acceptance Criteria A glossary of terms will be produced and used for verification purposes. Test Approach

See above

Customer Requirement ID

CAPBIB06

Description

A help button should be accessible to the client throughout the web site pages. This should provide them with guidance on using the service or additional information about specific topics - this should be context sensitive and should be available to provide the client with the information they require within that particular web page/screen that they are in.

Originator/Source

Original BRS

Outputs

Help screens will be unique to each page. The text for these pages will be developed by Marketing

Acceptance Criteria A map of help screen id to function screen id will be produced and the system must match this mapping. Test Approach

All pages must be tested to ensure that the correct help screen is displayed when the user clicks the help button

Customer Requirement ID

CAPBIB07

Description

The client must be able to take formatted prints of the on-screen information at any given point within the web site.

Originator/Source

Original BRS

Scope for Use

The browser toolbar will be disabled on all screens and users will only be able to access the print function by clicking on the print screen button.

Outputs

All printouts must be identifiable as from CAPB internet Banking. Pages are to be designed by Marketing

Error Handling

Where there is no printer available then an appropriate message must be displayed to the client

Acceptance Criteria Printouts from each page must match the mock up provided. Customer Requirement ID

CAPBIB08

Description

The client should have the option to return to the main menu from any screen within the web site.

Originator/Source

Original BRS

CAPB Internet Banking - Customer Requirements Specification Version 1.1, Status – draft Page 14 of 37

Error Handling

Where a session has timed out an error message should be displayed advising the user and a link provided to the logon pages

Acceptance Criteria Each page should link back to the client’s home page. Customer Requirement ID

CAPBIB10

Description

A Notice Board will be available on the web site where messages to clients can be displayed. I.e. Scheduled unavailability of the service. It should be possible to force this to be presented at logon.

Originator/Source

Original BRS

Scope for Use

This is required to inform registered users of relevant issues and should not be capable of being bypassed.

Acceptance Criteria Notice Board displayed when appropriate Customer Requirement ID

CAPBIB11

Description

A timed-out response should be system definable and be tailorable downwards by the individual users.

Originator/Source

Original BRS

Error Handling

If a user attempts to increase the time out time an appropriate message should be displayed with an option to reselect the time out required

Acceptance Criteria When a user selected timeout is selected then inactivity should auto logoff the user when that time is reached. Customer Requirement ID

CAPBIB12

Description

There will be a Contact Us menu for all queries.

Originator/Source

Original BRS A drop down list of topic areas should be presented to the client who can select only one. A free format text box should also be presented for the message to be entered. Attached documents are not permitted. Users should have a submit button to click to send the message Each drop down menu option will channel the message to an appropriate AWD work queue. The text box contents will be the message sent to the queue

Inputs

Outputs

Error Handling

If the message contents box is empty the message should not be sent but the client should receive an onscreen message advising them that message is empty.

Acceptance Criteria Messages keyed in to the front end are delivered to the appropriate AWD work queue. Customer Requirement ID

CAPBIB13

Description

The Client Internet Registration number (CIRN) will be randomly system generated and be eight digits (numeric only) in length.

Originator/Source

Original BRS

Scope for Use Inputs

The CIRN number is the same number that is currently used on the IVR and Telephone Banking The user will be required to enter this number on the logon screen

Error Handling

CAPB Internet Banking - Customer Requirements Specification An incorrect CIRN will result in an authentication failure

Version 1.1, Status – draft Page 15 of 37

Acceptance Criteria Clients with valid CIRNs will be able to access Internet Banking Customer Requirement ID

CAPBIB14

Description

Issue of Initial password

Originator/Source

Original BRS From the Ovation Admin Manager CAPB staff will activate the account for Internet Banking Access by changing the setting of a field. An initial Internet password will be randomly generated and be 8 characters in length. This will be sent by secure mailer to the client’s registered correspondence address.

Inputs Outputs

Acceptance Criteria Passwords are generated and securely issued via mailers Additional Information

As covered in CAPBIB16 the client will be prompted to change this on first logon to the Cater Allen Internet Banking service to a unique password that should be alphanumeric, case sensitive and not allow special characters (where special characters hold a particular meaning on Cater Allen’s internal product systems). The minimum password length should be 8 characters and the maximum should be system configurable within Designer to mirror the setting held within the Tuxedo system. Currently the maximum password length in Tuxedo for use with partial passwords is 8 characters but this may change.

Customer Requirement ID

CAPBIB15

Description

The Personal Access Code (PAC) will be randomly generated for clients and will be a total of 6 digits. To meet APAC standards, a partial password scheme consisting of 2 randomly selected PAC digits should be input by the client, in line with company protocol.

Originator/Source

Original BRS

Scope for Use

This should be the existing PAC required for the clients to authenticate themselves when they dial into the Call Centre. When clients register for the service the application form will ask if a new PAC is required. If a new PAC is required then the Client Manager will be used to generate the PAC from within Ovation A secure mailer will be produced containing the PAC

Inputs Outputs

Acceptance Criteria When setting up clients for Internet Banking a PAC can be produced and issued if required. Customer Requirement ID

CAPBIB16

Description

On first time logon to Internet Banking the user should be forced to change their password from the one supplied. The same process will apply when a password has been reissued by CAPB

Originator/Source

Original BRS The system should prompt for 2 random characers from the initial or newly issued password and on successful authentication a screen should be presented requesting them to select a new user definable password. New password will be stored

Inputs Outputs Error Handling

Entering a wrong partial password three times will suspend the account and a message will be displayed to the user advising them to contact CAPB CAPB Internet Banking - Customer Requirements Specification Version 1.1, Status – draft Page 16 of 37

Acceptance Criteria New passwords automatically expire on first use CAPBIB17 Customer Requirement ID Description

The users must have the ability to choose to change their password, this should be a menu option

Originator/Source

Original BRS

Inputs

User should select the change password option from a menu and then enter their existing password, new password and then rekey new password for verification purposes

Outputs

Update password on database

Error Handling

If new password and verify new passwords fields are not identical password change should fail and the user be prompted to re enter.

Acceptance Criteria Passwords should be successfully changed when option selected Customer Requirement ID

CAPBIB18

Description

The users must have the ability to choose to change their PAC, this should be a menu option

Originator/Source

Original BRS

Inputs

User should select the change PAC option from a menu and then enter their existing PAC, new PAC and then rekey new PAC for verification purposes

Outputs

Update PAC on Ovation database

Error Handling

If new PAC and verify new PAC fields are not identical PAC change should fail and the user be prompted to re enter.

Acceptance Criteria PAC should be successfully changed when option selected Customer Requirement ID

CAPBIB19

Description

View of last successful login attempt. Users at logon should be presented with a screen which advises them of the last successful logon to the system • Log off from Internet Banking • Ability to have separate access to personal and business accounts, if required by the customer. (The solution must not duplicate client ids.) Default to have access to all accounts

Originator/Source

Original BRS

Outputs

Screen display of last logon date and time

Acceptance Criteria Last successful logon message displayed at each logon subsequent to initial access to the system Customer Requirement ID

CAPBIB20 CAPB Internet Banking - Customer Requirements Specification Version 1.1, Status – draft Page 17 of 37

Description

Log off from Internet Banking. From any screen in the system a user should be able to select a logoff option that will immediately disconnect them from the system. Any uncompleted transactions will not be written to the database.

Originator/Source

Original BRS

Acceptance Criteria Logoff completed when user selects option from any screen in the system Customer Requirement ID

CAPBIB21

Description

Ability to have separate access to personal and business accounts, if required by the customer. (The solution must not duplicate client ids.) Default to have access to all accounts

Originator/Source

Original BRS

Acceptance Criteria If a user has selected to only display either business or personal accounts then only those account types should be displayed Customer Requirement ID

CAPBIB22

Description

View online statement transaction listing for variable user defined date ranges or number of transactions

Originator/Source

Original BRS

Inputs

The user should be able to select one of their accounts from a list (assuming more than account held) and input the start and end date for the statement to be produced. The start date should be no earlier than the oldest transaction on the ovation database. Online view of all transactions in recognised statement format.

Outputs

If a start date earlier than the oldest transaction on the database is entered then an appropriate error message should be displayed and the user prompted to choose a later date. If an end date of later than today’s date is entered the system should prompt for an earlier date with an appropriate message displayed to the user. Acceptance Criteria Online Statements viewed through the web interface should include all transactions made on the account between the dates specified. Customer CAPBIB23 Requirement ID My Account Listing Description Error Handling

Originator/Source Inputs Outputs Error Handling

Original BRS After authentication, or when selecting the option from the menu, clients should be presented with a list of all accounts which they have a financial joint relationship with. Online listing of accounts held If no account with a financial joint relationship is held a screen with a suitable message should be displayed.

Acceptance Criteria Listing of all accounts clients hold displayed to them on the screen CAPB Internet Banking - Customer Requirements Specification Version 1.1, Status – draft Page 18 of 37

Customer Requirement ID

CAPBIB24

Description

Search for account-by-account number (Client Accounts only)

Originator/Source

Original BRS

Scope for Use

Inputs

When a user has multiple client accounts many pages may be displayed on the main screen. In order to facilitate easy access to a specific account the user should be able to key in the account number they wish to access. Assuming a financial joint is held with tat account it should then be displayed Account number to be accessed

Outputs

Account main screen

Error Handling

If an account number is entered where there is no financial joint then an n error message indicating that no access to the account is permitted should be displayed.

Acceptance Criteria Accounts with financial joint relationship selectable by account number. No access permitted to other accounts Customer Requirement ID

CAPBIB25

Description

Secure messaging facility between client and bank

Originator/Source

Original BRS

Scope for Use Inputs

Clients need to be able to send free format messages in a secure manner to the bank. Clients will key message

Outputs

Message passed to AWD for processing

Error Handling

If user attempts to send a blank message an appropriate message should be displayed.

Acceptance Criteria Messages from clients sent encrypted across the internet and assigned to the appropriate queue in AWD for processing Customer Requirement ID

CAPBIB26

Description

Download Statement transactions following production of online statement

Originator/Source

Original BRS

Scope for Use

Users must be able to download a csv file of statement transactions for a preselected period. Once a statement has been produced online it should be possible to select an option to download these transactions The user should be prompted to select the output destination and a csv file of the statement should be saved to that location.

Inputs Outputs

Acceptance Criteria A csv file of all transactions for the statement period selected is produced in the chosen location Customer Requirement ID

CAPBIB27

CAPB Internet Banking - Customer Requirements Specification Version 1.1, Status – draft Page 19 of 37

Description

View Statement Balance – clients must be able to view the balance on their account(s)

Originator/Source

Original BRS

Outputs

An online listing of accounts with statement balance(s)

Acceptance Criteria Listing of all accounts which the client has a financial joint with should be displayed with their balances Customer Requirement ID

CAPBIB28

Description

View Available Balance

Originator/Source

Original BRS

Scope for Use

Available balance is the Account Balance plus Overdraft facility less pending Visa Transactions

Outputs

Screen display showing Total available balance and elements which make it up displayed in the browser

Acceptance Criteria Formatted screen presented to client with correct balance Customer Requirement ID

CAPBIB29

Description

View Pending credit list

Originator/Source Inputs

Original BRS User selects from menu option to view pending credit list

Outputs

Listing of all uncleared credits displayed

Error Handling

If no uncleared credits then an appropriate message should be returned to client

Acceptance Criteria Formatted screen listing all pending credits shown in browser window Customer Requirement ID

CAPBIB30

Description

View Overdraft limit

Originator/Source Inputs

Original BRS User selects option from menu

Outputs

Listing of accounts with overdraft limits displayed

Acceptance Criteria Correct listing of accounts overdraft limits displayed in browser window, Customer Requirement ID

CAPBIB31

Description

View Manually held funds

Originator/Source Inputs

Original BRS User selects option from menu to view manually held funds

Outputs

Screen display of all funds held manually

Error Handling

If no funds manually held an appropriate error message should be displayed CAPB Internet Banking - Customer Requirements Specification Version 1.1, Status – draft Page 20 of 37

Acceptance Criteria Correct listing of held funds displayed in browser Customer Requirement ID

CAPBIB32

Description

View Pending visa transactions

Originator/Source

Original BRS FDI provide feeds of visa transactions which are debited from account a given date. These pending transactions should be available to the client to view prior to their being applied to the account View of all visa transactions received from FDI displayed in browser

Inputs Outputs Error Handling

Where no pending transactions are on file then an appropriate message should be displayed to the user.

Acceptance Criteria Correct listing of pending transactions displayed in browser Customer Requirement ID

CAPBIB33

Description

View/cancel direct debits

Originator/Source

Original BRS From direct debit sub menu user should be able to select a specific direct debit which will then be displayed in a browser window, this screen should have an option to cancel the direct debit Screen display of direct debit.

Inputs Outputs

Acceptance Criteria All direct debits and their status displayed in browser window Customer Requirement ID

CAPBIB34

Description

When selecting standing orders from the menu a sub menu should be presented allowing the facility to View/create/amend/cancel standing orders. The viewing option should display details of the existing standing order, the create option will require the user to input recipients name, account number, sort code and free format description box

Originator/Source

Original BRS

Inputs

On creation: Recipient account details

Outputs

Created or amended standing order record in ovation

Acceptance Criteria Standing orders viewed, created and cancelled as appropriate Customer Requirement ID

CAPBIB35

Description

When selecting bill payments from the menu a sub menu should be presented allowing the facility to View/create/amend/cancel bill payments. The viewing option should display details of the existing payment, the create option will require the user to input recipients name, account number, sort code and free format description box

Originator/Source Inputs

Original BRS Recipients account details: name, account number and sort code

Outputs

Bill payment record CAPB in Ovation Internet Banking - Customer Requirements Specification Version 1.1, Status – draft Page 21 of 37

Acceptance Criteria Bill payments successfully created in Ovation Customer Requirement ID

CAPBIB36

Description

When selecting money transfers from the menu a sub menu should be presented allowing the facility to View/create/amend/cancel transfers. The viewing option should display details of the existing instruction, the create option will require the user to input recipients name, account number, sort code and free format text description box

Originator/Source Inputs

Original BRS Receiving account details

Outputs

Money transfer created in Ovation

Acceptance Criteria Transfers created in Ovation Customer Requirement ID

CAPBIB37

Description

A unique transaction reference number should be allocated to each transaction performed and be displayed to the user at the conclusion of the transaction. A history of the transaction numbers should be available. These should be held in a file which the client can gain access to so that they can quote the transaction reference number when logging a query with the Call Centre. Tranactions requiring a confirmation number are • • • • • • • • • • •

Originator/Source Inputs Outputs

Update of user timeout Update of user email address Update or insert of bill payment beneficiary Creation of a bill payment Cancellation of a bill payment Update or insert of standing order details Cancellation of Direct Debit Change of PAC Change or password 'Contact Us' messages My account view

Original BRS All database update transactions generated from the system will have a transaction reference number assigned to them for tracking purposes Unique transaction number

Acceptance Criteria Each update transaction completed in the system has a unique transaction number allocated Customer Requirement ID

CAPBIB38

Description

Search database using transaction confirmation number (internal use only)

Originator/Source

Original BRS

Scope for Use Inputs

To be used in Contact centre and Back office Transaction number

Outputs

Transaction details

Error Handling

If invalid transactionCAPB number appropriate message displayed Specification Internet Banking - Customer Requirements Version 1.1, Status – draft Page 22 of 37

User Need

To allow staff to support customers.

Acceptance Criteria Inputting of transaction number in Ovation Manager returns the corresponding transaction details Customer Requirement ID

CAPBIB39

Description

View transaction confirmation number

Originator/Source

Original BRS

Scope for Use

To be used by clients to recall transaction information User needs to enter a date range for transactions carried out

Inputs Outputs

List of all transaction numbers with the transaction type. Selecting the transaction redisplays the original confirmation screen

Acceptance Criteria When keying in transaction number the relevant details are returned to the browser window. Transaction numbers for other clients should not be accessible Customer Requirement ID

CAPBIB40

Description

In the event that there are no key depressions within a given period of time (i.e. 10 minutes) the client will be automatically signed out of the Cater Allen internet banking system, and would need to re-enter their Internet ID, password and PAC number in order to re-connect to the service. The time frame should be a configurable setting at the system level within Designer to allow for future flexibility.

Originator/Source

Original BRS

Acceptance Criteria A session should timeout at the interval specified is unused. Customer Requirement ID

CAPBIB41

Description

On timing out, or if the system is not responding, an appropriately worded pop-up message box should be displayed to the user, 30 seconds prior to timeout to warn clients of this so that they can be given the choice to either remained connected or be logged out, as required.

Originator/Source

Original BRS

Acceptance Criteria Pressing any key during the 30 second period the session should not be disconnected Customer Requirement ID

CAPBIB42

Description

The ability to withdraw a particular function (e.g. create bill pay, dd, etc.) is required in case of problems with that individual process.

Originator/Source

Original BRS An administrator should use an Ovation manager to temporarily remove a Inputs sub-function of the system. Acceptance Criteria Sub-functions selected for withdrawal should be unavailable to clients Customer Requirement ID

CAPBIB43

Description

Each user should only ever have one session open at any given time.

Originator/Source

Original BRS

CAPB Internet Banking - Customer Requirements Specification Version 1.1, Status – draft Page 23 of 37

Error Handling

If a user attempts to logon for a second session an error message should be displayed

Acceptance Criteria A second attempt to logon from either the same machine or another device should be refused Customer Requirement ID

CAPBIB44

Description

The existing Archive system should be capable of holding transaction information generated from Internet Banking, this should include transaction reference numbers

Originator/Source

Original BRS

Acceptance Criteria Transactions are archived successfully and can be retrieved using existing system Customer Requirement ID

CAPBIB45

Description

All pages printed from within the system using the print button should be in an appropriate format and include the Company logo. Mock ups of these prints should be provided by Marketing

Originator/Source

Original BRS

Outputs

Locally printed pages should be in a readable format

Acceptance Criteria Prints produced correspond to mock ups provided Customer Requirement ID

CAPBIB46

Description

Management Information Requirements

Inputs

This will be achieved by using the Ovation database. A project workstream to define the total MI requirements is required Original BRS To be defined

Outputs

To be defined

Error Handling

To be defined

Originator/Source

Acceptance Criteria To be defined Customer Requirement ID

CAPBIB47

Description

Client ID length. If a Clientid begins with one or more zeroes these should be added to the Clientid as entered by the client, i.e leading zeroes should not required to be keyed by the client Issues List

Originator/Source

Acceptance Criteria Accounts which begin with a zero will have these inserted automatically Customer Requirement ID

CAPBIB48

Description

Standing orders/bill payment within CAPB. If one client creates a standing order or bill payment where the beneficiary is an account within CAPB then the payment should be made directly and immediately rather than through BACS. Issues List Beneficiary accountCAPB details Internet Banking - Customer Requirements Specification

Originator/Source Inputs

Version 1.1, Status – draft Page 24 of 37

Error Handling

If the Account number supplied is not a valid account then an error message should be returned to the client and the transfer should fail.

Acceptance Criteria Transfers by clients to a third party also holding an account within CAPB will be made directly and immdiately, invalid account details will fail with an error message to the client. Customer Requirement ID

CAPBIB49

Description

Ovation will hold the clients e-mail address which will be displayed on all screens where name and address are already displayed. This data field needs to be updateable from within Ovation Managers. Issues List e-mail address as supplied by client

Originator/Source Inputs Error Handling

If e-mail address entered is not a valid format then an appropriate error message should be displayed

Acceptance Criteria E-mail address held in Ovation Customer Requirement ID

CAPBIB50

Description

Indicator if e-mail address can be used for Marketing. Clients need to have the ability to opt in to receive e-mails from CAPB for Marketing purposes. A field is required in Ovation for this Issues List Flag set from within an Ovation Admin Manager

Originator/Source Inputs

Acceptance Criteria Flag must be capable of being changed, clients choosing not to opt in for mailings will not be selected for such. Customer Requirement ID

CAPBIB51

Description

Flag indicating e-mail communication can be used with client for nonmarketing purposes Issues list Flag set from within Ovation Admin Manager

Originator/Source Inputs

Acceptance Criteria Flag must be capable of being changed Customer Requirement ID

CAPBIB52

Description

There should be the option of clients being automatically sent a message in response to any message sent to CAPB using the secure message facility (CAPBIB52). This will be dependant on which topic option clients select from the list available to them, for example clients notifying the Bank of anew address should be notified that they should send in documentary proof of this new address. The message should be configurable for each topic option and be up to 200 characters long. Any message to be given to the client should be displayed to them in the browser window acknowledging receipt of the message.

Originator/Source

Bradford ops following presentation from Barry Smith on 2oth July

Inputs

Client has selected a topic for communication on

Acceptance Criteria For topics which require an automated message back to the client an appropriately worded message is displayed in the browser. CAPB Internet Banking - Customer Requirements Specification Version 1.1, Status – draft Page 25 of 37

7 Non-Functional Requirements 7.1 Performance Requirements 1. The system is to be designed assuming that remote clients are connecting using a 56K modem connection. It is recognised that it is inappropriate to specify end-to-end performance timings for Internet applications, as there are significant. 2. The system should provide real time response for all Ovation transactions. On some occasions, it may not be possible to post to the account immediately. If a transaction cannot be posted immediately, it should be rejected with a user-friendly error message.

7.2 Volumes The Business case is based on 10% of transactions that currently come via the Contact centre will be diverted to the Internet Channel.

7.3 Availability The Internet service needs to be available 24 hours a day for enquiry access and at least between 7am and 11pm for full transactional access. The secure messaging service needs to be available 24 hours a day.

7.4 Capacity 1. It is assumed that the capacity of the Abbey networks will be capable of supporting the increase in transaction volumes. 2. An understanding of the peak intervals and how long they last for will be required, to ensure that the infrastructure is able to cope with demand. IT will work with the project team to understand the implications of any additional capacity requirements and any compensatory build will be put in place before the peaks are reached. Comprehensive Performance Testing will be carried out as part of the project and in conjunction with a controlled phased rollout any performance issues should be identified before any significant impact on Internet clients or the current system users.

7.5 Disaster Recovery/Business Continuity The web servers being implemented as a part of this project need to be fully fault tolerant and provide for the loss of the primary site at Shenley Wood. There is not currently an automatic fail over solution in place for the core Ovation banking system as the Business only requires recovery in a period of XX hours. The DR servers located in Bletchley are dual purpose as they also provide capacity testing capability. Any servers required in a production architecture will need to be replicated in the DR/Capacity Testing environment to provide a complete environment.

7.6 Security Requirements 3. Information Security has performed a SARA Risk Assessment and the key requirements are: CAPB Internet Banking - Customer Requirements Specification Version 1.1, Status – draft Page 26 of 37

4. The Client Internet Registration number (CIRN) will be randomly system generated and be eight digits (numeric only) in length. Please note that the CIRN number is the same number that is currently used on the IVR and Telephone Banking. 5. An initial Internet password will be randomly generated and be 8 characters in length. The client will be prompted to change this on first logon to the Cater Allen Internet Banking service to a unique password which should be alphanumeric, case sensitive and not allow special characters (where special characters hold a particular meaning on Cater Allen’s internal product systems). 6. This above process will also be followed if a client forgets their password. 7. The Personal Access Code (PAC) will be randomly generated for clients and will be a total of 6 digits. To meet APAC standards, a partial password scheme consisting of 2 randomly selected PAC digits should be input by the client, in line with company protocol. This will be required for the clients to authenticate themselves when they dial into the Call Centre. 8. The login process is to be split into 2 screens: 9. The first screen will ask clients for their CIRN and for two random characters from their 6 digit PAC which is chosen from a dropdown list box and displayed as '*' on the screen. 10. The second screen should ask the clients for 2 random characters from their password which is chosen from a dropdown list box and displayed as '*' on the screen. 11. To ensure the integrity of the login process is maintained, the user must be sent to the second screen and asked for a password even if the user id and PAC data is incorrect, and the user must not get a message revealing which data field is incorrect, only that some data was wrong and they should try again. 12. If a valid CIRN but an incorrect password or PAC is entered 3 times, then the system must lock the invalidated user account. Separate counters should be kept for invalid entries on both the PAC and password and when either counter reaches 3 the account should be locked. The contact centre must be able to see which has been violated as this would let the Call Centre staff know where the failure has occurred and what procedure needs to be followed. 13. The choice of characters for the partial password must be enforced by server side lookup and not by client side coding. The choice should become locked at the point of mis-entry. i.e. the client cannot force the session to change the requested characters for a minimum period of an hour. The benefit to CAPB is the client never types in their whole PAC, and shoulder surfing and keystroke logging risks are minimised. 14. CIRN, Internet Password and PAC generation should take into consideration company architectures, standards and guidelines published by Information Security. These provide mandatory information on designing new password CAPB Internet Banking - Customer Requirements Specification Version 1.1, Status – draft Page 27 of 37

systems and passwords themselves and can be found at: http://www.abbeynational.net/IT_TSS_InformationSecurity 15. Relevant Architectures include: Electronic Funds Transmission Firewall HSM Remote Access SSL Virus Prevention 16. Relevant standards include: Anti Virus Asset & Risk Management Authentication Backup & Archive Contingency Planning Cryptography Data Communications Firewall Security Infrastructure Management Internet Information Server (IIS 5.0) IT Rooms Legislation Remote Customer On-Line Identification and Verification Web Authentication (Draft available from December 2003 from IS) Third Party Access 17. Summary of key security issues to address: • Customer authentication data must not be transmitted over the enterprise data network in clear text at any time • Staff must not be able to obtain the users credentials at any time • The system should force the use of 128-bit SSL. Where this is not being used, no service should be offered to the client and they should be presented with a message advising them of the technical requirements necessary to access the service. The connection to the 128-bit SSL encrypted session must be made prior to logon. If the user disables 128SSL whilst within the site, the next time a page is requested, the system should decline the request and log the user out as above. • Approved encryption algorithms are Triple DES or AES (128 bit or higher) • All servers must be hardened and regularly patched • All Microsoft web servers must meet or exceed the Information Security IIS security standards • Anti virus must be deployed on all servers and regularly updated 18. All systems must take into account the current top vulnerabilities as listed at: http://www.sans.org/top20/ http://www.owasp.org/documentation/topten 19. An external company appointed by Information Security but paid for by the project will carry out a penetration test prior to launch. CAPB Internet Banking - Customer Requirements Specification Version 1.1, Status – draft Page 28 of 37

20. This needs to occur on the final version of code, and should occur at least two weeks prior to launch to allow for any major issues raised to be resolved. If major issues are found and can’t be resolved prior the agreed launch date, then the launch must be suspended until these issues are corrected. 21. If minor issues are raised then an action plan to address these must be submitted to Information Security within four weeks of the final penetration test report.

7.7 Audit Requirements 1. Audit have declined to be engaged by the Project Team to ensure their requirements are included in the final product, but have instructed us to follow the Abbey Group Standard protocols. 2. The following will be the minimum requirements delivered in order that we produce a complete audit trail of client and operator activity: 2.1 The client login time into the Internet Service should be recorded i.e. on successful input of the CIRN, Internet password and PAC number. 2.2 Unsuccessful log in attempts should be recorded. These should show the client number, day, time, and the reason the transaction was unsuccessful. In the case of invalidation of either the CIRN, PAC or the Internet password this should also be recorded. 2.3 Details of any client interaction with us should be recorded • for any Ovation supported transaction • for any secured message hitting the secured message database • all transactions should be recorded details to include the CIRN, the date, the time, whether the transaction was successful, the reason a transaction was unsuccessful. 2.4 The secured message database should hold the following information in relation to audit trails • The status of the secured message • Subsequent changes to status • User ID of operator initiating change • Date status changed • Time status changed 2.5 Appropriate security access will be necessary i.e. access to audit trails should be restricted to particular operator levels, with any audit trails being viewable but not alterable. 2.6 Six weeks is the minimum on line audit trail, following which information should be stored in an appropriate archive. 2.7 No logs are required to monitor or record the client’s navigation around the Internet Services site. 2.8 All secured message transaction requests should be retained, in line with CAPB Internet Banking - Customer Requirements Specification Internet banking.

Version 1.1, Status – draft Page 29 of 37

2.9 All E-Banking transactions should be retained for the same period as other Ovation generated transactions.

7.8 Support and Maintenance Requirements 1. CAPB should have its own independent UAT/Training environment, as they will be a need to train staff in the Ovation back end processes as well as the front end user interfaces. 2. This training will need to be reviewed to ensure that it is relevant to support Cater Allen‘s Internet Banking. A training programme for all staff in all sites will be delivered. 3. This solution will form part of the induction training for new members of staff and a quick reference guide will also be developed for staff. 4. Support for Ovation will continue to be required 24 x 7 but there is likely to be a need for enhanced overnight and weekend support as currently only batch processes are supported between 11pm and 7am and the implementation of this system will mean that a certain amount of user interaction occurs overnight. 5. Current working practices regarding Ovation upgrades will need to be reviewed as all planned downtime to facilitate releases will need to be published via the website in advance. This will mean reduced flexibility for changing release dates at short notice (decisions currently may be made the day of the release). It is not expected that the postponement of a release will be problemematic but the rescheduling to a later date may be. 6. Help desks are required to deal with both Registration enquiries and Technical enquiries including any problems with screen navigation etc. It is anticipated that the Contact Centre will provide the Registration enquiries support. 7. Maintenance of the Internet facing web environment is critical and all web servers and associated firewall infrastructure will need to be kept patched at the latest release level in order to minimise security risks.

7.9 Error Messages The error messages for Cater Allen Internet Banking need to be understandable, readable and meaningful. All error messages should indicate corrective messages, where possible, by way of a pop-up/prompt screen.

7.10Archiving 1. All Ovation data processed as part of Internet Banking should be archived in accordance with practices for that system in general. When considering any future changes to the archive strategy then Internet Banking should be considered. At least 6 months historic transactions should be available online to clients. 2. In line with current practices any AWD data generated should be archived within that system and be accessible for at least 7 years. CAPB Internet Banking - Customer Requirements Specification Version 1.1, Status – draft Page 30 of 37

7.11User Documentation Documentation will be required for both staff in the Sheffield Contact centre and the Bradford back office; the Project Team will develop this during the development and testing phases. All changes to Ovation Manager screens will be included in this documentation. Marketing will produce customer-facing materials.

7.12Replication No requirement to replicate data.

7.13Service Level Agreements 1. There are a three significant third parties involved in Cater Allen’s Internet banking service APAK (for Ovation and the HTML code), DSTI (for the AWD secure messaging service) and Halycon (secure mailing of passwords). It is essential that appropriate service level contracts are in place before implementation 2. It will also be necessary to implement service level agreements with internal teams to ensure that relevant support is available. These include: • IT Security Operations • Web Environment • Tuxedo Support • Enterprise NT • BT • Business operational areas Work will need to be carried to ensure that the appropriate agreements are in place for launch.

7.14Disability Discrimination Act 1. The growth of the Worldwide Web means that many people with serious sight problems are now able to read and enjoy a great wealth of information which was previously unavailable to them. 2. The majority of people with serious sight problems have some good vision, and read Websites in the same way as fully sighted people, with their eyes. However, the needs of people with poor sight vary considerably, depending on how their eye condition affects their vision. Some people prefer large text, while others can only read smaller text. Most need a highly contrasting colour scheme, while others can only read yellow text on a black background. To cater for everyone, websites should be flexible in design, enabling the individual to adjust the text and colour settings to suit their needs. 3. The RNIB have issued guidelines for the design of websites to make them accessible to people with visual impairment. Full details of these guidelines should be adhered to wherever possible when developing the client facing screens and apply with DDA guidelines, which are being produced for Abbey, e.t.a end of 2004. The key points to note are:•

When using a coloured background, choose one which is one solid colour rather than textured or patterned. CAPB Internet Banking - Customer Requirements Specification Version 1.1, Status – draft Page 31 of 37

• • • • • • •

The colour scheme must be able to be over-ridden by the browser settings if necessary. Italics should not be used. Use standard size text. Avoid the use of underlining. Avoid capitalisation of whole words. Image maps should be accompanied by a text only alternative. Links should not appear directly next to each other.

7.15Screen Design The storyboards will form the basis for the Cater Allen screen designs. The storyboards document the precise content and screen designs for the Cater Allen Internet banking service. Also, in order to minimise client queries via the phone, the web pages need to be very clear. For example, if there is a transaction deadline, then this needs to be emphasised clearly up front as a built in reminder so that when the client completes a transaction, they know “this will update your account in ……”.

CAPB Internet Banking - Customer Requirements Specification Version 1.1, Status – draft Page 32 of 37

8 User Acceptance Testing 1. Before the Cater Allen Internet banking service can go live, all aspects of the service will need to be tested. Solutions Delivery will co-ordinate all testing and will perform system level testing. The User Acceptance Testing phase will be managed by the project with resource provided either directly by them using ex Romford staff who have been retained specifically for this purpose or by staff from the Contact centre and Back office areas. 2. UAT is a critical element in this project and in parallel with the development phase a detailed testing strategy will be put in place. Producing comprehensive test cases with a suitable script will be a fundamental part of UATing. 3. An important part of testing will by performance related and this should be carried out on a production like environment, i.e. it will need to use the Bletchley environment purchased in 2002 for the dual purpose of providing Disaster Recovery and performance testing.

CAPB Internet Banking - Customer Requirements Specification Version 1.1, Status – draft Page 33 of 37

9 Training 1. CAPB should have its own independent UAT/Training environment, as they will be a need to train staff in the Ovation back end processes as well as the front end user interfaces. 2. This training will need to be reviewed to ensure that it is relevant to support Cater Allen‘s Internet Banking. A training programme for all staff in all sites will be delivered. 3. This solution will form part of the induction training for new members of staff and a quick reference guide will also be developed for staff. 4. IT Support staff will need to be trained in any new technology introduced as a part of this project. This is especially true for the Solutions Delivery CAPB Support Team who will need full training in the Ovation gateway that is a fundamental part of the system.

CAPB Internet Banking - Customer Requirements Specification Version 1.1, Status – draft Page 34 of 37

Appendix A Glossary Term ATM Bookmarking Browser

Client Registration (CIRN)

Description Automated Teller Machine Adding a web site address to your on-line ‘address book’ so you can easily visit the site again. A piece of software that allows you to find, view and manage information on World Wide Web sites. Information is saved in all kinds of formats but a browser will bring a consistent look to this information and make it easier to access it. Internet An 8 digit randomly generated number in length. Number used by the system to link different Cater Allen accounts held by a client.

Domain name The highest level name of a Web site File Transfer Protocol A method of making different types of files (FTP) compatible with each other, and compressing and transferring them from one computer to another Firewall Hardware and/or software that sets up a security barrier around a company’s internal network, protecting it from outside networks such as the Internet Frames Sections on a Web page that change independently of each other. Hits The number of visitors to a Web site Home Page The first Web site that users see each time they connect to the World Wide Web HTML Hyper Text Mark-up Language - the computer language of the World Wide Web HTTP Hypertext Transmission Protocol - the language computers use to transmit and receive files on the World Wide Web. You tell your computer to use this language when you type http at the start of a Web site address HTTPS The SSL secured form of HTTP Hyperlink A connection between hypermedia or hypertext documents and other media Hypertext Document format in the WWW which applies not only to text but also to graphics, sound files and videos. Information Provider An ISP that also provides a number of member-only services Internet The worldwide collection of interconnected computer networks ISDN The Integrated Services Digital Network is a digital telephone line capable of transferring much more information, in much shorter times that a normal analogue telephone line ISP Internet Service Provider. A company that provides third-party access to theInternet Internet CAPB Banking - Customer Requirements Specification Version 1.1, Status – draft Page 35 of 37

Linked accounts MFC Modem On Line POP Protocol Search Engines

Secure Messaging

SSL

Surfing

URL Web page Web Site World Wide Web

Cater Allen accounts which have a common client reference number Multi Function Card. The combined Visa Debit, ATM and Cheque Guarantee card issued to Cater Allen Account holders Modulator/demodulator. A device that enables computer signals to travel over phone lines Connected to the system and usable Point-of Presence. A Phone number through which users can assess an ISP A set of rules that all computers linked to a network must follow A facility that lets you find what you are looking for on the World Wide Web by using key words to search out relevant sites. Popular search engines include Alta Vista, Yahoo and Lycos Standard e-mail services are insecure. The data can be read or altered without the sender or recipient knowing. For confidential information, a secure method of communication is required. In this instance the communication is never transmitted outside the control of Abbey National, the clients sign in to our service and retrieve and store messages within an internal data store. Secure Socket Layer. A protocol developed by Netscape to secure internet transactions between clients and servers using encryption. Typical implementations use 128bit key strength. Colloquial expression for the practice of visiting Web pages and Web servers, and clicking with the mouse on hyperlinks in order to jump to particular resources Universal Resource Locator. The address of a Web site. Because it is universal, anyone can type it into their computer and find your Web site. A hypermedia document as viewed through a World Wide Web browser A collection of web pages Graphical service on the Internet which permits access to a wide variety of resources (documents, files, videos etc).

CAPB Internet Banking - Customer Requirements Specification Version 1.1, Status – draft Page 36 of 37

End of Document

CAPB Internet Banking - Customer Requirements Specification Version 1.1, Status – draft Page 37 of 37