Skip to content

Before You Start

This article summarizes conditions for working with JustOn Bank Payments and EBICS. It outlines specifics for you to understand and acknowledge beforehand, and specifies a number of conditions for using the software.

General Concept

JustOn Bank Payments is a Salesforce app that directly integrates Salesforce CRM with banks. Using the secure, EBICS compliant connection, businesses can directly retrieve and upload relevant payment information.

Prior to using JustOn Bank Payments, your business must enter into a (usually chargeable) contract on the intended data access with your bank. From a technical perspective, you subscribe to an EBICS compliant service for exchanging payment information. Hence you may be referred to as the subscriber, with your bank as the other contract party.

JustOn Bank Payments supports EBICS 2.5 and EBICS 3.0. EBICS 2.5 is used with German banks only. EBICS 3.0 has introduced standardized Business Transaction Formats (BTF), which allow for working with German and other European banks – including French, Swiss and Austrian banks.

What is EBICS?

The Electronic Banking Internet Communication Standard (EBICS) is a transmission protocol for sending payment information between clients and banks as well as between banks over the Internet. It uses established standards for securely transmitting encrypted data. For details, see EBICS.

Access Permissions

Generally, EBICS allows for different permission concepts. JustOn Bank Payments, specifically, uses the electronic distributed signature (EDS). This approach involves two access types for users: technical users prepare and transfer the data, and authorized users confirm and release orders.

JustOn Bank Payments exclusively acts as a technical user with the signature class T (= transport). So it can retrieve bank statements and prepare and upload payment orders only, according to the access rights (order types, amount limit, etc.) that you have requested for it at your bank. Should the requested rights for the technical user exceed the necessary permissions for the data transfer, JustOn Bank Payments will in no case exercise them and limit itself to operations under the signature class T.

Info

According to the German Federal Financial Supervisory Authority (BaFin), the bank access via EBICS does not constitute an online banking access and therefore does not require specific authorizations under the provisions for payment initiation services.

Order Processing

In a rough outline, payment orders are processed as follows:

(1) JustOn Bank Payments prepares the payment orders and encrypts the data packages.

(2) Under the signature class T, it then uploads the data to the bank, where the orders are queued.

If you have set up an amount limit for the technical user, preparing and uploading payment orders will be subject to this limit.

(3) An authorized user (signature class E or A/B) monitors the queue and releases the orders.

These operations are not controlled using JustOn Bank Payments. The authorized representatives must use an appropriate third-party banking software or mobile application.

EBICS RSA Key Pairs

For the secure data transmission, EBICS uses three RSA key pairs:

  • Bank-technical key pair for signing requests
  • Identification and authentication key pair for identifying and authenticating the subscriber
  • Encryption key pair for encrypting/decrypting the transferred data

The RSA key pairs of the technical user are securely stored in a cloud-based hardware security module (HSM) – without any USB drive, smartcard or other physical device involved. JustOn Bank Payments accesses the keys when preparing orders and interacting with the bank server.

Configuration Details

Bank Access Requirements

Prior to using JustOn Bank Payments, your business must enter into a (usually chargeable) contract on the intended data access with your bank. The contract must specify, among others, the users who work with the software and the relevant bank accounts.

Depending on your business requirements, make sure to request at least

  • One technical user access exclusively for JustOn Bank Payments, including the following order types

    Order Type EBICS 2.5 EBICS 3.0
    Download CAMT.053 bank statement files C53 EOP/DE/camt.053
    SEPA Direct Debit Upload (Core) CDD SDD/COR/pain.008
    SEPA Direct Debit Upload (B2B) CDB SDD/B2B/pain.008
  • One or more authorized user accesses – depending on whether you involve one (E signature) or multiple authorizing users (A and B signatures)

Note

The legacy MT940 protocol for bank statements will be discontinued by November 2025 and is therefore not supported.

Bank Details for JustOn Bank Payments

If your bank is not available in JustOn Bank Payments, file a ticket in the JustOn Support Portal, providing the following information:

  • Bank name
  • BIC
  • URL of your bank's EBICS endpoint
  • Host ID

Info

This information is usually given by the bank on EBICS onboarding. In case of doubt, contact your bank to provide the relevant details.