Before You Start
This article summarizes conditions for working with JustOn Bank Payments and EBICS. It outlines specifics for you to understand and acknowledge beforehand, and specifies a number of conditions for using the software.
JustOn Bank Payments is a Salesforce app that directly integrates Salesforce CRM with banks. Using the secure, EBICS compliant connection, businesses can directly retrieve and upload relevant payment information.
Prior to using JustOn Bank Payments, your business must enter into a (usually chargeable) contract on the intended data access with your bank. From a technical perspective, you subscribe to an EBICS compliant service for exchanging payment information. Hence you may be referred to as the subscriber, with your bank as the other contract party.
JustOn Bank Payments supports EBICS 2.5 and EBICS 3.0. EBICS 2.5 is used with German banks only. EBICS 3.0 has introduced standardized Business Transaction Formats (BTF), which allow for working with German and other European banks – including French, Swiss and Austrian banks.
What is EBICS?
The Electronic Banking Internet Communication Standard (EBICS) is a transmission protocol for sending payment information between clients and banks as well as between banks over the Internet. It uses established standards for securely transmitting encrypted data. For details, see EBICS.
Generally, EBICS allows for different permission concepts. JustOn Bank Payments, specifically, uses the electronic distributed signature (EDS). This approach involves two access types for users: technical users prepare and transfer the data, and authorized users confirm and release orders.
JustOn Bank Payments exclusively acts as a technical user with the signature class T (= transport). So it can retrieve bank statements and prepare and upload payment orders only, according to the access rights (order types, amount limit, etc.) that you have requested for it at your bank. Should the requested rights for the technical user exceed the necessary permissions for the data transfer, JustOn Bank Payments will in no case exercise them and limit itself to operations under the signature class T.
According to the German Federal Financial Supervisory Authority (BaFin), the bank access via EBICS does not constitute an online banking access and therefore does not require specific authorizations under the provisions for payment initiation services.
In a rough outline, payment orders are processed as follows:
(1) JustOn Bank Payments prepares the payment orders and encrypts the data packages.
(2) Under the signature class T, it then uploads the data to the bank, where the orders are queued.
If you have set up an amount limit for the technical user, preparing and uploading payment orders will be subject to this limit.
(3) An authorized user (signature class E or A/B) monitors the queue and releases the orders.
These operations are not controlled using JustOn Bank Payments. The authorized representatives must use an appropriate third-party banking software or mobile application.
EBICS RSA Key Pairs
For the secure data transmission, EBICS uses three RSA key pairs:
- Bank-technical key pair for signing requests
- Identification and authentication key pair for identifying and authenticating the subscriber
- Encryption key pair for encrypting/decrypting the transferred data
The RSA key pairs of the technical user are securely stored in a cloud-based hardware security module (HSM) – without any USB drive, smartcard or other physical device involved. JustOn Bank Payments accesses the keys when preparing orders and interacting with the bank server.
Bank Access Requirements
Prior to using JustOn Bank Payments, your business must enter into a (usually chargeable) contract on the intended data access with your bank. The contract must specify, among others, the users who work with the software and the relevant bank accounts.
Depending on your business requirements, make sure to request at least
One technical user access exclusively for JustOn Bank Payments, including the following order types
Order Type EBICS 2.5 EBICS 3.0 Download CAMT.053 bank statement files C53 EOP/DE/camt.053 SEPA Direct Debit Upload (Core) CDD SDD/COR/pain.008 SEPA Direct Debit Upload (B2B) CDB SDD/B2B/pain.008
One or more authorized user accesses – depending on whether you involve one (E signature) or multiple authorizing users (A and B signatures)
The legacy MT940 protocol for bank statements will be discontinued by November 2025 and is therefore not supported.
Bank Details for JustOn Bank Payments
If your bank is not available in JustOn Bank Payments, file a ticket in the JustOn Support Portal, providing the following information:
- Bank name
- URL of your bank's EBICS endpoint
- Host ID
This information is usually given by the bank on EBICS onboarding. In case of doubt, contact your bank to provide the relevant details.