Security
UniWeb places significant emphasis on security: for this reason, the identification of authorised users is performed exclusively using digital certificates, replacing the traditional access method of entering an access code and password.
In particular, each company signatory is provided with a digital signature which he/she can use to digitally sign transactions in compliance with legal requirements.
Furthermore, in order to optimize the use of the service, it is possible to enable users to consult data and prepare transactions (but not sign them); such users are identified using an "internal" digital certificate which is saved on a file. These users are enabled directly by the Company on UniWeb.
The security system is always active and effective, in particular:
- When connected: in order to verify and guarantee the identity of the person attempting to access UniWeb, the user must use the digital certificate followed by a password; the authenticity of the certificate and the identification data of the person logging on is validated
- When using the service: by using the digital signature and password, all transactions are therefore digitally signed and each signature is checked and verified by UniWeb. The digital signature is added to all transactions, however it is only transmitted with instructions sent to UniCredit
UniWeb's security architecture, which also uses more sophisticated systems to encrypt the data exchanged (SSL 128 bits), provides:
- CONFIDENTIALITY: data exchanged with the website cannot be read by unauthorized persons
- INTEGRITY: data exchanged with the bank cannot be modified
- USER AUTHENTICITY: certainty as to the identity of the two communicating parties (the user and the bank)
- SENDER NON-REPUDIATION: certainty of receipt of information guaranteeing the origin of the document
