Oracle E-Business Suite Release 12 iReceivablesAll You Need to KnowAjaz AhmedRoyal College of Physicians and Surgeons of C...
FunctionalityiReceivables is a bolt-on module to the Oracle Receivables module. Any transactions or activities inOracle Re...
The Account Details page allows users to select transactions based on a variety of criteria such as AnyStatus, Closed, Ope...
Disputing an invoice is another powerful feature of iReceivables. The Dispute process is spread overthree pages. On the op...
Configuration Nuts and BoltsMost Oracle EBS implementations are deployed completely within an Organization’s intranet as t...
Figure 8 – Oracle EBS R12 – iReceivables integration and dependencies with other modules.The above diagram highlights some...
from the database to a servlet on the middle-tier application server. The “key-encryption” key is retrievedfrom the Oracle...
These credit card numbers are also documented in Oracle Metalink note “Test Credit Card Numbers [ID395462.1]”.Here are the...
Start                                                          iReceivables                                               ...
Complying with Payments Application Best PracticesOnline Payment applications, when implemented into a complete Payment Ap...
Minimum required setups for other EBS modules:In order to turn on Payments and Dispute features in iReceivables, a number ...
these setups is used while generating a receipt in Receivables for customers’ online payments. Thereceipt is then applied ...
EBS Application Name:                 Bills Presentment Architecture (BPA)EBS Responsibility Name:              Bills Pres...
Benefits of implementing iReceivables       Reduced DSO (Days Sales Outstanding)       Empowers customers to view, pay, ...
Upcoming SlideShare
Loading in …5
×

9642 ajaz ahmed wp_1

4,182 views

Published on

iReceivables - All you need to know whitepaper.

Published in: Technology
0 Comments
1 Like
Statistics
Notes
  • Be the first to comment

No Downloads
Views
Total views
4,182
On SlideShare
0
From Embeds
0
Number of Embeds
17
Actions
Shares
0
Downloads
140
Comments
0
Likes
1
Embeds 0
No embeds

No notes for slide

9642 ajaz ahmed wp_1

  1. 1. Oracle E-Business Suite Release 12 iReceivablesAll You Need to KnowAjaz AhmedRoyal College of Physicians and Surgeons of CanadaIntroductionThis paper introduces Oracle iReceivables functionality and process flows and offers a peek into theintegration details with other EBS modules. It is meant for a range of audiences i.e., ranging fromcustomers to finance department to EBS professionals. Oracle iReceivables is a self-service modulewithin E-Business suite (EBS) that allows customers to view, print, pay and even dispute theirtransactions on a 24/7 basis. Oracle iReceivables works seamlessly with other Oracle E-Business Suiteproducts to drive better decision-making, sustainable financial discipline, and regulatory compliance atthe lowest cost. It helps in reducing the cost of billing and collections while improving overall customerservice. Automated payment processing and dispute management reduces receivables and collectionscycle times, improves cash flow, and lowers days sales outstanding (DSO).Salient FeaturesiReceivables gives organizations control of receivables data presentment and search functionality usingthe personalization options and customization architecture. It offers capabilities to control data security indispute and payment processing via functional security, user registration, and Oracle database andapplication server technology. iReceivables offers customers self-service access to their accounts withreal-time balance and transaction information. In addition, customers can:  print their transactions – invoices, debit memo, credit memos or a list of variety of transactions;  dispute an invoice or any transaction on an invoice;  pay their invoices while they are logged on to iReceivables; and  can pay in any currencyFigure 1 – Oracle EBS R12 – iReceivables Salient Features Page 1 of 14COLLABORATE 12 – OAUG Forum Copyright © 2012 by Ajaz Ahmed
  2. 2. FunctionalityiReceivables is a bolt-on module to the Oracle Receivables module. Any transactions or activities inOracle Receivables can be made visible to a customer logged on to iReceivables. The product can beimplemented with or without “Pay” functionality. When used without Pay functionality, it will still allowcustomers to view, print and dispute their transactions online. However, the “Pay” functionality allowscustomers to pay their invoices online and puts payment control in the customer’s hands. iReceivablesoffers easy to use and intuitive payments pages and offers customers a worry free online paymentexperience. A payment made in iReceivables is tightly coupled to the invoice(s) selected by the customerand online payments are credited only to selected invoices. Payments of any amount can be maderanging from the minimum allowed to the maximum total of the outstanding invoice(s) that was selected topay.Figure 2 – Oracle EBS R12 – iReceivables Home PageiReceivables pages in EBS release 12 have been developed using Oracle Applications Framework (OAF)technology. Navigation through iReceivables is simple. Pages can be grouped into four major areas offunctionality – Accounts summary/details pages, Payment pages, Dispute pages and Print pages. TheHome Page displays Account Summary, the status of disputed transactions and alerts regardingdiscounts. The Home page also offers a Related Information Area in the form of a side bar where news,messages or web links can be published for customers’ information. The Statement Download areaallows customers to download up-to-date statements. iReceivables uses templates that have beendeveloped using Bills Presentment Architecture (BPA) to offer flexible printing options. This architecturegives organizations control of receivables data presentment to customize the content and format of thecustomer facing documents such as invoices, debit memos, credit memos, etc. BPA allows multipletemplates for a transaction class and then assigns these templates at the time of viewing or printingbased on assignment rules. For example, a different template can be used to view or print invoices basedon criteria such as organizational unit, customer name or invoice amount thresholds.Accounts Summary area is located at the top left side of the page and displays totals of various types.Clicking on any of the hyperlinks in the Accounts Summary area of the home page will open the AccountDetails page. Page 2 of 14COLLABORATE 12 – OAUG Forum Copyright © 2012 by Ajaz Ahmed
  3. 3. The Account Details page allows users to select transactions based on a variety of criteria such as AnyStatus, Closed, Open/pending, and Overdue or Current Transactions. All types of transactions such as,invoices, payments, credit memos or debit memos can be further drilled down to display their details.Figure 3 – Oracle EBS R12 – iReceivables Account Details Any open invoice(s) can be selected to make an online payment. Customers can pay invoices in twoways:- a) by selecting the required invoice and clicking on the Pay button; or b) or by clicking on theTransaction hyperlink or view the transaction details on a new page and then clicking the Pay button onthe transaction details page. In both cases customers are taken to a Payment page where customersprovide their credit card details, enter the amount to pay, and click the Apply button.Figure 4 – Oracle EBS R12 – iReceivables Payment PagePlease note that the message “Enter your credit card information for one time use only….” means that thecredit card information from the Payment page will be deleted and will not be visible when customer logson next time. However, credit card numbers are stored in Oracle Payments tables although in anencrypted format. This meets the compliance requirements with industry standards such as PaymentCard Industry Data Security Standards (PCI DSS) for online payments. Page 3 of 14COLLABORATE 12 – OAUG Forum Copyright © 2012 by Ajaz Ahmed
  4. 4. Disputing an invoice is another powerful feature of iReceivables. The Dispute process is spread overthree pages. On the opening page, the customer picks a Reason for Dispute from the drop down list andselects the desired section of the invoice. On the second page, the customer provides a disputed amountor a percentage of the actual amount along with textual details, if any, and on the third page, thecustomer reviews the dispute details and submits it.Figure 5 – Oracle EBS R12 – iReceivables Dispute PageFrom this point onward, the dispute gets routed to the relevant approval chain in the organizations usingOracle workflow. For example, when the final approver, often someone in the Accounts Receivablesdepartment, approves a disputed amount, an approved credit memo is issued and applied to the sameinvoice against which the dispute was launched and a notification is sent to the customer. If however, thedispute is rejected, then no further action is taken except customer notification. Customer is able to viewthese notifications when he logs in to iReceivables next time or he would receive an email dependingupon his notification preferences settings.Figure 6 – Oracle EBS R12 – iReceivables Dispute and Credit Memo process flow Page 4 of 14COLLABORATE 12 – OAUG Forum Copyright © 2012 by Ajaz Ahmed
  5. 5. Configuration Nuts and BoltsMost Oracle EBS implementations are deployed completely within an Organization’s intranet as they areonly accessible by trusted users within the Organization. Any employee requiring access to EBS throughthe internet is provided with a Virtual Private Network (VPN) account that uses a secure connection tunnelwith the intranet before accessing EBS. Oracle iReceivables, however, is a self-service (accessible fromthe internet) application within the EBS Credit to Cash suite of solutions. The customers usingiReceivables could be in the hundreds of thousands, residing in different parts of the world and hence theVPN solution could not work for them. Customers expect a hassle-free internet access using the internetwhereas at the same time organizations are reluctant to expose the entire EBS suite to the outside world.Oracle has documented various methods for making a subset of EBS R12 functionality accessible via theinternet to external users such as customers using iReceivables module. All of these methods require useof Demilitarized Zone (DMZ) protected with firewalls to ensure that only authorized traffic is allowed tocross firewall boundaries. This arrangement ensures that even if intrusion attempts against the DMZ aresuccessful, it remains contained within the DMZ, leaving intranet unaffected.The following configuration options are supported:  Using separate web node for external usage  Setting of server level profile options  Associating trust levels to application middle tier nodes  Limiting available responsibilities to a restricted set for the external web node  Deploying reverse proxy in front of the external web node  Configuring a URL firewall and “mod security” in the reverse proxy in front of external web node  Running only essential Oracle EBS Applications services on the external web tieriReceivables seamlessly integrates with a number of Oracle EBS R12 modules after the requiredimplementation steps are followed. Integration with third party Payment Processors or Gateways isrequired to allow iReceivables customers to pay online. Some payment system solutions come with anout of the box integration whereas, others may require significant development effort to integrate OraclePayments and the third party payment system.Figure 7 – Oracle EBS R12 – iReceivables configuration in DMZ along with rest of the EBS in Intranet Page 5 of 14COLLABORATE 12 – OAUG Forum Copyright © 2012 by Ajaz Ahmed
  6. 6. Figure 8 – Oracle EBS R12 – iReceivables integration and dependencies with other modules.The above diagram highlights some of the major elements required for implementing iReceivablessolution. It shows that other than setting up iReceivables, relevant setups in Oracle Receivables, OraclePayments, Bills Presentment Architecture, Oracle Workflow and System Administration have to becompleted as well. Moreover, integration between Oracle Payments R12 and a 3rd party PaymentProcessor/Payment Gateway would be a step required to be completed if the online payment capability ofiReceivables needs to be made available.Oracle Payments needs to communicate with third party financial institutions and payment processorsover open networks such as the Internet. PayPal as well as the following out-of-the-box payment systemsintegrations require such open-network connectivity:  Cybercash  Concord EFSNetWhereas the following out-of-the-box payment system integrations communicate with their destinationpayment systems using non-open networks (e.g., a leased line):  First Data North  PaymentechThe complexity of integrating payment processors or gateways with Oracle Payments varies from vendorto vendor.Technical Process Flows - Credit Cards ProcessingCredit Cards Storage:iReceivables calls Oracle Payments instrument creation Application Programming Interface (API) to store/retrieve credit card information to Oracle Payments tables. The request data is sent via a HTTP call-out Page 6 of 14COLLABORATE 12 – OAUG Forum Copyright © 2012 by Ajaz Ahmed
  7. 7. from the database to a servlet on the middle-tier application server. The “key-encryption” key is retrievedfrom the Oracle Wallet file and this key, and the original request data, is passed back to the database andanother stored procedure using Java Database Connectivity (JDBC). The results of the request arereturned to the original stored procedure (instrument creation API) in the HTTP response.Credit Card Authorizations:The authorization API makes a HTTP call-out to a servlet on the middle-tier application server. Theservlet uses the access encryption key from the wallet to decrypt any transaction data, formats it into apayment system-native instruction format, and passes the payment instruction to the payment systemeither directly or through a delivery servlet deployed outside the customer’s intranet. If the paymentsystem has a gateway interface (such as, Cybercash or Paypal), then this flow represents settlementsand chargebacks as well. For processor interface type payment systems (Paymentech, First Data) thesettlement and chargeback flow is slightly different. A scheduled concurrent program runs from aconcurrent progressing node and executes Oracle Payments within an embedded Java Virtual Macchine(JVM). Oracle Payments retrieves the access encryption key from the wallet file and passes it to thedatabase using the JDBC to perform bulk decryption of transaction data. The data is returned to the Javalayer and formatted into a batch payment instruction file delivered to the payment system either through adirect network connection or through transmitting the request to a specialized servlet outside thedeployment intranet.Payment Servlet CleanupPaymentech and First Data North servlets both store acknowledgment data that includes primary accountnumber (PAN) to prevent data loss to the middle-tier or check duplicate processing of a paymentinstruction. These acknowledgment files are always stored in encrypted format using a data-encryptionkey provided by the Payments engine. The Payments servlet archives payment system acknowledgmentsin the directory specified by the ARCHIVE_DIR servlet initialization parameter. The contents of thisdirectory must be periodically wiped by a secure data wipe executable. rdExample integration of a 3 Party Payment System:PayPal Gateway – Payflow Pro (formerly Verisign)PayPal has created its own integration with Oracle Payments for its Payflow Gateway. This integrationwas formerly built and maintained by VeriSign. Oracle Metalink note "Implementing PayPal With OraclePayments Release 12 [ID 879378.1] has replicated documentation that comes along with PayPalPayment Solution for R12. The Oracle note however, is a well written document and is easier to follow butit is a good idea to compare the two sets of instructions to ensure that they are the same before startingthe integration work. The latest PayPal servlet package at the time of writing this paper was version v4.50(pfpro_oPayments_R12_v4.50.zip). It is free to download from the following location:https://skydrive.live.com/?cid=586bda469e09784f&sc=documents&id=586BDA469E09784F%212693PayPal solution Payflow Pro (PFP) comes with 7 Jar files, 3 configuration file and one sql script. Jar filesand configuration files need to be copied on the application tier, and the SQL script need to be run asapps user in order to create two database tables. Make sure to follow all the instructions step by stepwhen copying files, adding classpaths, or modifying a configuration file. In order to test the integration, aPayPal test account is required to access PayPal Manager. The free test account can be obtained byregistering at http://manager.paypal.com Note that a PayPal test account only allows use of designatedcredit card numbers for testing purposes and all payments must be less than nine dollars in amount. Page 7 of 14COLLABORATE 12 – OAUG Forum Copyright © 2012 by Ajaz Ahmed
  8. 8. These credit card numbers are also documented in Oracle Metalink note “Test Credit Card Numbers [ID395462.1]”.Here are the major implementation steps for PayPal integration. 1. Copy Payflow Pro Jar files and Payflow Pro configuration files to required locations. 2. Add Jar files to classpaths 3. Create Logging directory for PayPal 4. Configure Payflow Pro servlet in OC4J by updating the template file orion_web_xml_1013.tmp and running AutoConfig and bouncing the concurrent manager 5. Run the “PFPRO_Create_Table.sql” script to create two tables for use by the PayPal Payflow plugin. 6. Modify “options” field in the concurrent program definition window for the concurrent program named “Submit Offline Transactions” 7. Ensure the relevant Profile values are setup correctly using System Administrator responsibility. 8. Login with Oracle Payments Administrator responsibility and define PayPal Payment system under Payment Systems section and Payee for PayPal under Payee section. This is where PayPal servers URL and PayPal account details are provided. 9. Bounce the oacore on all application tier hosts. 10. Bounce the concurrent manager.If integration is successful, the payment instruction would be passed on to the PayPal gateway that wouldcommunicate to the Payment Processor and return a message from Payment Processor back to the userin iReceivables. PayPal offers a choice of all major Payment Processors. This means the existingmerchant account with a Payment Processor can be used without going through the hassles of applyingfor a new merchant account. The ability to work with a variety of Payment Processors is a strong featureof PayPal’s solution. Moreover, due to a pre-configured plug-in for EBS R12, PayPal solution is mucheasier and quicker to implement for credit card processing. Page 8 of 14COLLABORATE 12 – OAUG Forum Copyright © 2012 by Ajaz Ahmed
  9. 9. Start iReceivables user initiates online payments request Pass Payment Information to Credit Card Oracle Yes No details valid? Payments Servlet Create a Oracle Payment Receipt in formats the Payment Oracle Payment Response from Gateway Yes Authorized? Receivables instruction and with status = passes it to Confirmed PaymentGateway = PayPAL Payment Processor communicates it to Return a Gateway Credit Card Issuer and No Message to communicates transmits response User with Payment back to Gateway, to processor = Oracle payments and Moneris to iReceivables Payment Page EndFigure 9 – Oracle EBS R12 – iReceivables Credit Card Authorization process flowOnline Credit Card Payment processing in Oracle payments is a two-step process. Oracle Paymentsmandates that authorization is invoked before a transaction can be settled in Oracle Receivables. OraclePayments enforces that the settlement amount is equal to or less than the authorized amount andexplains why one can’t make overpayments through iReceivables. This means fewer claims inReceivables or Oracle Trade Management due to overpayments. After successful payment authorization,a settlement job “Automatic Remittances Master Program” needs to run in order to transfer funds from theCredit Card issuer. This job can be scheduled as a concurrent program to run at a desired frequency.When a payment is settled, Oracle Receivables changes the status of the corresponding receipt from“confirmed” to “remitted”. The receipt will ultimately be assigned “cleared” status when it clears the bankstatement reconciliation in Oracle Cash Management. Page 9 of 14COLLABORATE 12 – OAUG Forum Copyright © 2012 by Ajaz Ahmed
  10. 10. Complying with Payments Application Best PracticesOnline Payment applications, when implemented into a complete Payment Application Best Practices(PABP)-compliant environment and according to the information in Oracle whitepaper –PaymentApplications Best Practices [ID 738344.1], facilitate and support a retailer in their Payment Card IndustryData Security Standard (PCI-DSS) initiatives. Oracle Payments conforms to all applicable PABPrequirements allowing implementers to achieve compliance with Payment Card Industry (PCI) DataSecurity Standards (DSS). It provides a secure payment instrument storage and funds capture processingfunctionality for the entire Oracle eBusiness Suite.Security ArchitectureThe Payments security architecture secures PABP-incidental data such as Credit Card numbers using achain key approach. The chain key consists of a site-wide key-encryption key (master key or system key)that encrypts one or more data-encryption keys (subkeys), each of which is used to encrypt a fixedamount of data before a new data-encryption subkey is generated. This approach ensures quickerrotation of the system key.The architecture is comprised of the following components:  Payments System Key and Payments System Subkeys  Oracle Wallet  Secure Segments StoragePayments System Key and Subkeys:When encryption is enabled in Payments, a system-level security key is generated which is a passwordcomprised of a maximum of 24-characters. The system key is the key-encryption master key for the entireinstallation. It is stored in the Oracle Wallet and is used to encrypt the Payments data-encryption subkeys.Payments subkeys are randomly system-generated symmetric-cipher keys that are encrypted using thesystem-level Payments Security Key. Rotating the master key re-encrypts only the Payments subkeys,rather than the data they are responsible for (for example, credit card numbers). A Payments subkeytypically encrypts one thousand rows of data. According to PCI DSS standard 3.6.4, key rotation mustoccur at least annually. Key rotation is performed in the Payments Security Options page. Key rotationresults in the immediate re-encryption of all data-encryption subkeys with the new system key.Oracle Wallet:Oracle Wallet is a graphic user interface (GUI) application that can be launched from$ORACLE_HOME/bin directory by typing owm. A wallet is a secured repository to store encryptionpasswords and security certificates. System Administrators must ensure that wallet files are securedusing file system security.Secure Segments Storage:Encrypted data is stored in the Payments IBY_SECURITY_SEGMENTS table. Credit card primaryaccount numbers are stored in this table as encrypted. Extra security measures should be taken to limitaccess to this table. Page 10 of 14COLLABORATE 12 – OAUG Forum Copyright © 2012 by Ajaz Ahmed
  11. 11. Minimum required setups for other EBS modules:In order to turn on Payments and Dispute features in iReceivables, a number of EBS modules need to beconfigured along with iReceivables configuration. These modules include Oracle Receivables, OraclePayments, and Oracle Workflow. Following is a brief discussion of all such modules and the requiredsetups. Details about these setups can be found in the implementation guides of each of the modules.EBS Module Name: iReceivablesEBS Responsibility Name: iReceivables SetupSystem Profile options, System Parameters, and Global and Operating unit level Rules can be setupusing iReceivables Setup responsibility. Setups are very simple and are done on separate pages.iReceivables also includes the configuration package ARI_CONFIG, written in PL/SQL. TheARI_CONFIG configuration package lets you modify attributes in iReceivables without having to makechanges to any other part of the code. The package contains functions and procedures that arereferenced elsewhere in the iReceivables code. You can modify the following components using theARI_CONFIG configuration package  :Account Summary page information section  Account Summary page discount alerts and dispute statuses section  Contact Us global button e-mail address  iReceivables transaction search and customer searchDispute pages can also be customized. iReceivables messages can also be edited using look up codes inOracle Application Object Library.Figure 10 – Oracle EBS R12 – iReceivables Setup ChecklistCredit Card Receipt Method and Bank Account Payment Method need to be setup under the SystemParameters. These values would have been defined in Receivables. These settings would default to thereceipts that would be created from customers payments in iReceivables. Please note that iReceivablessupports cross-currency payments using a credit card or bank account that has a different currency fromthat of the invoice; the receipt created in iReceivables will still have the same currency as the invoice.EBS Application Name: Oracle ReceivablesEBS Responsibility Name: Receivables ManagerOracle Receivables setups are required in order to turn on the online payment functionality iniReceivables. The most important setups are setting up a Receipt Class with creation method ofAutomatic and defining at least one Receipt Method associated with this Receipt Class. Information from Page 11 of 14COLLABORATE 12 – OAUG Forum Copyright © 2012 by Ajaz Ahmed
  12. 12. these setups is used while generating a receipt in Receivables for customers’ online payments. Thereceipt is then applied to the invoice that the customer selected at the time of making the online payment.Other important setups are Credit Memo approval limits and defining a Credit Memo batch source.Figure 11 – Oracle EBS R12 – Receipt Class setup in ReceivablesEBS Application Name : Oracle PaymentsEBS Responsibility Name: Oracle Payments AdministratorThe most important setups are setting up System Security Options and Payment Systems under SharedSetups node as well as setting up Payment Methods, Payees and Credit Card Brands under FundsCapture node. System Security setup facilitates setting up encryption keys to encrypt credit cards andother sensitive data according to recommendations and suggestions provided in Oracle White Paper -“Payment Applications Best Practices [ID 738344.1]”Figure 12 – Oracle EBS R12 – Oracle Payments Setup page Page 12 of 14COLLABORATE 12 – OAUG Forum Copyright © 2012 by Ajaz Ahmed
  13. 13. EBS Application Name: Bills Presentment Architecture (BPA)EBS Responsibility Name: Bills Presentment Super UserBPA offers a new kind of reporting architecture for various modules of EBS R12. Oracle Receivables ispredefined primary data source in BPA. A set of default templates for different transaction classes inOracle Receivables are available as out-of-the box solutions however, templates can be easily modifiedor created using BPA template editing tool. External templates can also be registered in BPA by definingexternal data sources first. Rules can be setup in BPA for example, to select different invoice templatesbased on different criteria e.g., operating unit or the invoice amount.Figure 13 – Oracle EBS R12 – Oracle Bills Presentment Architecture (BPA) configuration pageEBS Application Name: Oracle WorkflowEBS Responsibility Name: Workflow AdministratorOracle workflow acts as a communication vehicle for approvals throughout EBS. Oracle Workflow can besetup to specify which users receive approval requests. Please see “Setting Up the AME Credit MemoRequest Workflow” topic in Oracle Receivables User Guide for details.EBS Application Name: Oracle System AdministrationEBS Responsibility Name: System AdministratorThis is where a number of system administration tasks are performed for iReceivables. For example,internal and external users are created, and Function security is implemented for external users bymodifying menu attached to the iReceivables Account Management responsibility. Moreover, a job toindex customer database is also run from here. Page 13 of 14COLLABORATE 12 – OAUG Forum Copyright © 2012 by Ajaz Ahmed
  14. 14. Benefits of implementing iReceivables  Reduced DSO (Days Sales Outstanding)  Empowers customers to view, pay, print their outstanding invoice from around the world - any location where internet is available  Reduces time spent by support services in resolving log-in issues as passwords can be reset by customers through password hint functionality  Quick and easy mechanism to dispute invoices. Offers customers to register their dispute online against any invoice or any of its lines  Streamlining of back end processing of dispute resolution process. Facilitates automated generation of credit memo and its application against the original outstanding invoice, when dispute is resolved in customers favor  Customers are kept up to date with the progress of their disputed cases.  Easy to manage and customize customer facing documents templatesConclusioniReceivables is part of Oracle’s Credit to Cash family of software solutions. It helps organizations withincreased efficiencies by reducing the cost of billing and collections, improving cash flow, and improvingcustomer relationships. It puts accounts receivables’ control in the customer’ hands. Implementation isfairly straightforward, however, setting up the online payments functionality requires additional technicalexpertise to integrate iReceivables with third party payment systems securely. It is imperative that all ofthe recommendations provided in Oracle’s “Payments Application Best Practices” document are followedin their entirety to ensure compliance with applicable standards and regulations for setting up onlinepayments. iReceivables is accessed by customers using the internet and therefore, special securitymeasures are required to be taken to avoid hacking and other technology risks. iReceivables should beexposed to the outside world through a Demilitarized Zone (DMZ) configuration protected with firewalls toensure that only authorized traffic is allowed to cross firewall boundaries. This arrangement ensures thateven if intrusion attempts the DMZ are successful, it remains contained within the DMZ leaving the EBS inintranet unaffected.Useful links  https://support.oracle.com/CSP/ui/flash.html  https://www.paypal.com/cgi-bin/webscr?cmd=_payflow-gateway-overview-outside  http://www.pcisecuritystandards.org  http://www.pcicomplianceguide.orgOracle Notes:  Payment Applications Best Practices [ID 738344.1]  Oracle E-Business Suite R12 Configuration in a DMZ [ID 380490.1]  Tips and Queries for Troubleshooting Advanced Topologies [ID 364439.1]  iReceivables uptake of Oracle Payment [ID 414659.1]  How To Setup a Wallet At R12 Level In scope Of PA-DSS Implementation? [ID 1118887.1] *** Page 14 of 14COLLABORATE 12 – OAUG Forum Copyright © 2012 by Ajaz Ahmed

×