Business Control

Expense management and card issuing platform enabling virtual card management.

Introduction

Business Control is a sophisticated multifunctional platform that connects card issuing, expense management, Token Management and other functionalities. The platform can be used by banks or fintechs to bring additional value to their business customers:

The platform consists of two interfaces:

Please read other sections for detailed product understanding.

Intro slides

Business control

Business Control is an advanced technologically business solution for growing needs of modern companies. This product allows employers to create and deliver instantly a temporary business Mastercard card to employees. Virtual card in mobile application can be used for: NFC and e-commerce payments.

Readiness: Live,

White label solution available: Yes,

Implementation time: 3 months from contracting,

Administration Panel for management: Yes,

Integration with: Apple Pay, Google Pay.

BC.png

image-1656856495676.53.33.png

image-1656856509754.54.00.png

Click on the screens below to experience our application on an interactive prototype.

image-1656856519887.54.25.png

Overview

The Business Control platform by Verestro enables digital card issuing and expense management for modern companies. By adapting to the changing needs of the current small, medium companies and big corporations and business customers digital, Business Controls enables companies to create and deliver instantly a temporary business Mastercard card to employee, simplify invoice collections and settlements of expenses. 

If you are a bank or fintech you can offer a new product for your business customers and increase revenues.

The platform consists of web portal and mobile application or SDK. The simplest white label solution can be delivered in 3 months from start of the project. 

Purpose and scope

This product guide provides a high-level overview of Business Control. This document covers the following topics:
•    description of possible configurations, 
•    granting access, 
•    description of main processes as: login, reset password, cards import, redemption of card,
•    additional and optional functionalities.

Terminology

This section explains a number of key terms used in this document.

Name

Description

Operator/portal user

The user working using web portal.

End-user/mobile user

A corporate employee who received a card and uses a mobile app.

Payment history

It’s possible that transaction history will be stored on Verestro wallet server for infinite time (this setting can be specified during onboarding with Mastercard). If these options are enabled, MPA can retrieve transaction history for given card and payment instrument ID. Transactions are returned in corresponding parts for better user experience. Particular transaction may appear on the list with delay – depending on integrated external components.

Session token

Access to the system by a application user is secured using a session token to uniquely associate the session with the user. It is required to perform any action.

sFPANs (Subordinate Funding Pan)

Valid card numbers supplied by the Issuer. All payment messages will be delivered to the Issuer with this card number in Data Element 02.

Funding Card Alias

A name given to the ultimate funding account to which payments will flow. This name is assigned by the Issuer and should be recognisable to the Corporate who owns the account. E.g. “JoeCorp HR USDollar”.

CSV

Comma Separated Values.

Digital Tokens

This is the surrogate card number that is inserted into the NFC chip in the Mobile phone. For tap payments, this is the number shared with the Point of sale device. On all message flows; it is mapped by Mastercard to its parent sFPAN. The Issuer will then map the sFPAN to the Funding Account.

Virtual Card

This is the optional card number for eCommerce payments - number entered at the eCommerce checkout page. On all message flows; it is mapped by Mastercard to its parent sFPAN. The Issuer will then map the sFPAN to the Funding Account.

Approval

In the context of Business Control, this is the assignment of a specific card for a certain period of time to a defined user.

Reapproval

By reapproval is meant the process of changing the data of a specific card assignment. Limits or date range can be changed.

Mobile reapproval

The process of changing a specific assignment initiated by the end user - which means through the use of a mobile application.

Group limit

This limit determines the maximum amount with which anyone in the group can assign a card to a user and the maximum amount on a card that can be accepted in a given group if an assignment confirmation request comes in from a group with a lower limit.

Key Use Cases

Below we present a list of key use cases enabled on Business Control platform. We are constantly working on new functionalities that are adding value to the product:

Security  

The systems offered by Verestro are fully secure, which is confirmed by current third-party certificates. As we store card and payment data we are obliged to comply with strict legal requirements. Card data are stored in a specially designed environment - Data Core. This environment is PCI DSS certified. The PCI-DSS standard guarantees the security of payment card data. It ensures that sensitive information is properly guarded and provides maximum security in the payment process.
We achieve high security standards by, among other things :
1.    Building and maintaining network security - the need to build and maintain a firewall configuration that protects cardholder data, not using manufacturers' default passwords and settings.
2.    Protecting cardholder data - protecting stored cardholder data, encrypting data transmissions when using public networks.
3.    Maintaining a payment management program - using regularly updated anti-virus systems, developing secure systems and applications.
4.    Implementing strong access control methods - limiting access to cardholder data to only those with a business need, assigning each user a unique ID, limiting physical access to cardholder data.
5.    Regular network monitoring and testing - testing security systems and processes, controlling access to network resources and cardholder data.
6.    Maintaining information security policies - relying on security policies for employees and vendors.

image-1651748525929.png

Architecture

Business Control uses Verestro's distributed systems to provide the highest quality of service. It is practically the best architectural solution these days. As mentioned in the previous chapter, the communication between services is completely secure, maintaining the highest security standards. This kind of system guarantees not only high efficiency, due to the division of responsibilities between the components, but also allows for easy and fast scaling of the system according to the customer's requirements.

image-1651748548159.png

Access and Configuration

Access solutions

The access to Admin Portal in available in 3 ways:

Admin Portal is available on two environments:

IMPORTANT: In the past there were domain upaidtest.pl/upaid.pl 

Configuration 

Time settings for individual functionalities

Business Control has a several default parameters related to the time of each action. Table below describes particular action and time related to the action. 

Functionality

Description

Default time on beta environment

Default  time on production environment

Operator session time

Session after successful login to the panel

60 minutes

15 minutes

Session reminder popup

Time after which a popup appears asking to extend or end the session

55 minutes

10 minutes

Mobile session time

Session after successful login to the beta mobile application

15 minutes

15 minutes

SMS lock time

Determines the time after sms count will be erased and sms resend will be available

24h

24h

Reset password OTP

Validity of OTP during password reset process

900s

900s

Automatic job configuration of Business Control

Functionality

Description

Default start time

Expiring outdated approvals

The time when cards whose assignment has expired are removed from enduser

Every full hour

Generating transaction reports

Time when mechanism of generating reports for pending reports is starting

Every 15th minute

Requirements for password

Functionality

Description

Mobile password length

8-250 chars

Portal password length

8-30 chars

Password (both mobile & portal) requirements  

upper-case letter, lower-case letter, special character and digit

Mobile apps configuration

Completion of product configuration (T&C regulations, imported cards, created limits and user structures) is required to test mobile applications.

For beta environment testing, it is necessary to provide the project manager with information about the type of device and the data for which test cards are to be assigned. This is related to separate app delivery solutions for each platform.

In the case of a production environment, the application is provided by authorized and official application stores dedicated to that environment.

Beta environment

In the initial stages of the project, the mobile application can be delivered as an APK file to be installed manually on the device. It is also possible to set up an automatic distribution center for test versions, in which case it is enough to provide Verestro with a list of email addresses to which invitations to the test system will be sent. Each user will receive an individual registration link and AppTester software (a fully secure component of the Google Firebase system) or TestFlight software (Apple's standard way to distribute test applications that meet the latest functional and security requirements). Both of the distribution ways allow to download each version of the application and deliver new versions in real time to testers.

Production environment

Once the testing phase is complete, Verestro generates applications that must be signed with the appropriate set of keys and then, using procedures appropriate to the specific distribution site (Apple AppStore or Google Play), added to the app stores. Once the application is in the store, any user can easily and quickly install the application and update it automatically.

Roles in the System

Issuer Administrator

Created in the new Issuer setup process after legal and contractual issues are completed. Associated with the flow of configuring corporations related to the Issuer. Could see the corporations associated in the system and their cards along with limits.


Corporate level

The following section provides information about the actions that vary according to the level of authority in the corporate structure and key capabilities common to the roles contained in the corporation.

Functionality

Administrator                      

Manager

User

Add new corporate operator (administrator, manager, user)

Yes

X

X

Create new group

Yes

Yes

X

View all groups

Yes

Yes

X

View own group and groups below

Yes

Yes

Yes

View group details, view groups members, reset password group members

Yes

Yes

Yes

View, lock/unlock, remove from the EndUser, assigned cards from own and group below

Yes

Yes

Yes

Assign cards

Yes

Yes

Yes

View approvals history from own group or group below

Yes

Yes

Yes

View awaiting card assignment from group below

Yes

Yes

Yes

Accept/decline approval from group below

Yes

Yes

Yes

Edit existing approval from own group

Yes

Yes

Yes

View all assigned cards and approvals

Yes

Yes

X

View assigned cards and approvals for own group and groups below

Yes

Yes

Yes

As may be seen from the table above, the main differences between admin and manager concern adding new operators to the corporation. In contrast, the context of a user is usually narrowed down to its own group or actions directly related to particular user-level operator.

The manager and user roles are fully configurable. It can contain decreasing privileges in comparison to Admin or completely different functionalities.

Corporate Administrator

This is a role that guarantees full authority in the corporate context. It has access to manage the hierarchy of groups and portal operators. Corporate Administrator has a privilege to assign cards and has access to all the details of the corporation.

Corporate Manager

The role of manager in a corporation almost exactly matches with the administrator's capabilities. The difference is the inability to add new portal users.

Corporate User

The basic role in the corporation, should be assigned to a lower level user. Capabilities are limited to viewing other operators at the same permission level in their group and groups below, assigning cards, and displaying cards. That means Corporate User cannot view groups higher in the hierarchy or other users than Corporate Users in the details of group.

Mobile user - Enduser

Flow of creating the mobile user account doesn’t depends on portal. End-user could install application and register without any invitation. Until the card is received from the system, it can use the mobile application capabilities. Only the assignment of the card binds him strongly to the system. Importantly, the code necessary to assign the card is sent to the phone number and e-mail address given by the portal operator on the assignment form, but the end user can redeem the code on any account (so on an account registered with different data than the one provided in the form). In such case it is required to provide the OTP code sent to the number from the form. As a result, the user can use one account for both private and corporate cards (but the authentication sent to the corporate data is required).

Notifications

This section contains all push messages and email messages that are sent in the system.

The following breakdown was used:

Emails from Admin Panel to operator

Process

Topic

Details

Comment

Invitation to the system

Set password to administration panel

Hello!

You are receiving this e-mail because an account was created for you, and you need to set a new password.


<button to set password>

Regards,

<corporation>

Standard email sent when portal operator added new operator.

Login process

Login code

Hello!

Your login code: <code>


Regards,

<corporation>

Standard AP email sent when portal operator entered correct email and password.

Reset password

Reset password to administration panel

Hello!

You are receiving this mail because someone initialized password reset for your account. If it was not you, you can ignore this mail.


<button to reset password>

Regards,

<corporation>

Standard Admin Panel email sent when portal operator uses "reset password" button on login page.


In Business Control also send when portal operator uses "reset password" action on staff member row.

Emails from Business Control to operator

Process

Topic

Details

Comment

Approval

Request approval

Hello!

There is a pending request for a card with a limit greater than allowed in requestor's administration panel group.

Please log in for more detailed information.


Regards,

<corporation>

Email sent to higher group operator when someone from group below wants to assign card with the limit exceeded group limit.

Approval

Approval accepted

Hello!

Your request to send card to <email>  has been approved. You can check the details in the Administration panel.


Regards,

<corporation>

Email sent to requestor when someone from group higher (who is able to accept this kind of limit) accepted the approval.

Approval

Approval cancelled

Hello!

Your request to send card to <email> has been cancelled. You can check the details in the Administration panel.


Regards,

<corporation>

Email sent to requestor when someone from group higher (who is able to accept this kind of limit) cancelled the approval.

Approval

Approval rejected

Hello!

Your request to send card to <email> has been rejected. You can check the details in the Administration panel.


Regards,

<corporation>

Email sent to requestor when someone from group higher (who is able to accept this kind of limit) rejected the approval.

Approval

Approval card changed

Hello!

Card changed on your request to send card to <email>. You can check the details in the Administration panel.”


Regards,

<corporation>

Sent in the rare case when card have to be changed to meet the requirements (original card has expiration date earlier than approval end date).

Mobile reapproval

Request to change limits from mobile

Hello!

There is a pending request to change card limits from mobile application for a card <ID>.

Please log in for more detailed information.


Regards,

<corporation>

Email sent to requestor when mobile end-user sent request for changing the limit.

Card depletion

Card Alias Pool Depletion

Hello!

Card alias <name> has reached 10% of its initial range. In order to maintain business continuity, you need to import more cards.


Regards,

<corporation>

Email sent to corporation admin when count of cards in the alias reached a certain amount.

Emails from Business Control to end-user

Process

Topic

Details

Comment

Card received

A payment card has been assigned to you

Hello!

To se the card, you must have the <corporation> Wallet application installed and an account created. Using this code in the application, you can assign the card to your account - <recemptionCode>. After this action you will be able to use all features of the application and make payments.

Regards,
<corporation>

Email sent to end-user every time when new card has been assigned.

Card adding

A new card has been added to your account

Hello!

You are receiving this mail because a card provided by <corporation> has been added to you account. Through the <corporation>Wallet application you can monitor your available balance and completed transaction on an ongoing basis.


Regards,

<corporation>

Email sent to end-user when card has been properly added to the account.

Card expiring

The temporary card issued to you by <corporation> is no longer valid

Hello!

The temporary card issued to you by <corporation> is no longer available for use.

The card <ID> has been removed from your account.

You do not need to take any action, this email is for awareness only.


Regards,

<corporation>

Email sent to end-user when assigned card is no longer valid (cancelled, locked, removed or just expired).

New T&C

New terms and conditions

Hello!

There are pending Terms and Conditions for acceptance.

To keep receiving cards from Issuer, please log in and accept pending Terms and Conditions.


Regards,

<corporation>

Email sent to end-user when Issuer updated the T&C and an end-user action is required to obtain a new card.

This email is send only when a new card is assigned. Even if Issuer changed T&C before and no card has been assigned the email shouldn't be send.

Push notifications from Business Control to end-user

Process

Topic

Details

Comment

Card redemption           

New card

A card has been assigned to your account. Check the budget details in the app.

Push notification sent to end-user when a new card has been assigned to logged account.

Mobile approval

Mobile request to change limits reviewed and accepted

Your request to change card limits has been reviewed and accepted. Details are available on alerts screen within mobile application.

Push notification sent to end-user when a mobile request to change limits has been reviewed to operator from original group and group higher. Basically send when double-check on portal has been made.


This case is only possible when the requested limit exceeded the original group limit.

Mobile approval

Mobile request to change limits rejected

Your request to change the assigned card limits has been rejected. Details are available on alerts screen within mobile application.

Push notification sent to end-user when a mobile request to change limits has been rejected.

Mobile approval

Mobile request to change limits accepted

Your request to change the assigned card limits has been accepted. Details are available on alerts screen within mobile application.

Push notification sent to end-user when a mobile request to change limits has been accepted.

Transcation

Transaction declined

Card ending <last4digits>; Purchase of <currency&amount> was attempted at <merchant> and declined per your settings.

Push notification sent to end-user when a transaction has been declined during processing.

Business Logic and Groups

This section contains all necessary information about key business processes in the system.

8.1 Groups

The group hierarchy always has a tree structure with one top group named Root Group. Other groups are below in the hierarchy and there can be unlimited of them on each level. There is no limit of levels or branches.

Group limits

To understand group limits, it is important to remember that these limits are related only to the card assignment process itself. They have no direct relationship to the corporation's limits. They are used to limit the ability to assign cards within the organization structure.

Sample group structure:

Assumptions

Case

Description

Result

1 – green path

User from PO Junior group wants to assign card with limit 200 to enduser.

It is possible without additional confirmation.

2 – yellow path (direct group above)

User from PO Junior group wants to assign card with limit 300 to enduser. It is possible with additional confirmation from higher group (group with Approval limit higher or equal to 300).

 

Approval goes to PO group after the creation to get the confirmation.

3 - yellow path (another group above)

User from PO Junior group wants to assign card with limit 600 to enduser. It is possible with additional confirmation from higher group (group with Approval limit higher or equal to 600).

Approval goes to group which could accept the limit (higher the PO group).

4 – red path (no group to handle)

User from PO Junior group wants to assign card with limit 1600 to enduser. It is possible with additional confirmation from higher group (group with Approval limit higher or equal to 1600). In the group structure there’s no group with possibility to handle this limit.

Card assignment has been declined.

Card assignment statuses (approval statuses)

The table below contains all approval statuses that can occur in the system. Each status is described by a definition of occurrence. Knowledge of the table contents is necessary to understand the next two subsections.

Status

Description

CREATED

When an Approval is created with a limit higher than the group of the person creating it but lower than the group limit above.

ACCEPTED

When an Approval is created with a lower limit than the creator's group OR accepted by a higher group. It changes to DELIVERED status after registration is complete and card is redeemed by end-user.

CANCELED

When an Approval with status CREATED or ACCEPTED is cancelled by the anyone from creator group.

REJECTED

When an Approval with status CREATED is rejected by the group above.

EXPIRED

When an Approval with the status CREATED is not accepted/rejected within the given Approval time (until the end of the ValidTo date).

PREPARED

When an Approval with the status ACCEPTED is ready to assign to enduser but enduer hasn't reedem card OR approval has been ACCEPTED and is waiting for the start of the Approval.

DELIVERED

When an Approval is accepted and CARD REDEMPTION is created, the process of issuing the card to the end user is triggered.

FINISHED

When an Approval with status DELIVERED exceeds the end date of assignment.

REAPPROVED

When a reapproval is created for a given Approval that is in Accepted/Delivered status.

Approval state machine 

The diagram below shows Approval's state machine - that is, the states it can reach and the sequence of changing states.

Assignment lifetime flow

The way approvals are organized in flow is one line of transition from the first to the last correctly created (created) or delivered to the end user (delivered). This line can be followed by "next" and "previous". There can be branches from the main line - canceled, rejected, expired, but it is not possible to get to them via "next". There's no possibility to make a reapproval from status finished.

Card status 

A card as an entity used to create a specific assignment can have different status in the system, depending on the state it is in.

Status

Description

Verified/Active

This means that the card has been correctly added to the system and can be used by assigning it to an end user.

Locked

This status indicates that the card has been manually blocked by the portal operator. There is no automated process in the system that results in the status changing to locked.

Transaction status

Status

Description

Authorized

Transaction has been authorized by the Issuer.

Declined

Transaction has been declined by the Issuer.

Cleared

Transaction has been cleared by the Issuer.

Reversed

Transaction has been reversed by the Issuer.

Web portal for companies

Login procedure

First login - activation

Users could be added only from the panel. It is not possible to register in the system without an invitation. Basic administrators accounts that can be used to create a user hierarchy are provided with the panel instance.
In order to create a new portal operator account you have to log in to the panel using e-mail address, which is user login. Then go to the "Staff members" tab and fill in the required data. After filling in the role, personal data and e-mail address there will be sent a welcome message with an activation link for new account.

Once the email send process is complete, the invited user will receive a message. It contains a welcome and an activation link - used to set a password to access the system.

Login procedure

Admin must provide correct pair – e-mail and password. If the provided login is incorrect, a message informing the employee of an error “Incorrect e-mail or password” and the possibility of another attempt will be displayed.

If the data provided is correct, an authentication code is sent. This is required to complete the next step of the two-step login.

As last step application asks for code. Sent code has set validity time described in previous chapter. If code will not be provided in this time, login procedure must be started from first step.

Reset password procedure

In order to reset password, admin has to open the login page and click option “reset password” (located under e-mail and password inputs). In next step, admin must provide correct e-mail address.

After correct completion of the form you will be redirected to the login page with a popup notification displayed on the screen. At this time the password reset mechanism is activated and a unique link is sent to the operator.

If the provided e-mail is correct, reset password link will be delivered to the operator’s e-mail address.

Change password procedure

From the portal operator profile it is possible to change the password without using the password reset procedure.

The form itself consists of 3 fields: the current password required to confirm identity, a new password that meets the security criteria, and a repeat of the new password to confirm the correctness of the data entered.

Main view

Once the authentication process is properly completed, the bank employee has access to the panel. He is shown the main screen of the system. Depending on the assigned rights group its appearance may vary. Different roles in the system have different tabs available.

The components that comprise the Business Control product operator portal are:

Sections

This section describes the functionality available to the Corporate Admin role, broken down by specific tabs on the portal.

Filters on screens:

Name of a view

Filters

Accounts

Name, Currency

Groups

-

Cards

Account, Status, Last4Digits, CardID, E-mail, Phone number

Transfers

-

Staff members

Role, E-mail, First name, Last name, Group

Cardholders

First name, Last name

Reports

-

Transaction history

Last4Digits, User e-mail, Date, Phone number, Amount, Currency, Merchant, Status

6.1 Groups section

Appears after login as first screen shown to Corporate Admin. Contains tree view of all groups related to current Corporation.

UI Elements:

List includes following information:

Parameter

Description

Group name

Custom and internal name of Corporation Unit assigned during process of adding Issuer.

Number of portal users

Number of staff members assigned to a specify group. The number of members in child groups does not add up to the number of members in the parent group.

Card quantity limit

Number of cards assigned to staff members in a specify group.

Group limit

This limit determines the maximum amount with which anyone in the group can assign a card to a user and the maximum amount on a card that can be accepted in a given group if an assignment confirmation request comes in from a group with a lower limit.

6.1.1. Add group

This page appears after the user selected "Add group" button. The page contains a form for adding a new group in the hierarchy.

UI Elements:

6.1.2. Edit group

The page contains a group edit form.

UI Elements:


6.1.3. Group details

A page containing a list of members and limits related to selected group.

UI Elements:


List includes following information:

Parameter

Description

Role

Role of administrator (Corporate Admin, Corporate Manager, Corporate User).

Email

Email address of Operator – login to the portal.

First name

First name of Operator.

Last name

Last name of Operator.

6.1.3.1. Limits tab

This tab contains the available limits applied on the selected group (i.e. the associated account with the limit of money to spend).

List includes following information:

Parameter

Description

Limit ID

Internal identificatory of limit in the system.

Limit name

Name of a limit, e.g. for delegation.

Group card limit

Limit of a cards that can be assigned in a group.

Group limit

This limit determines the maximum amount with which anyone in the group can assign a card to a user and the maximum amount on a card that can be accepted in a given group if an assignment confirmation request comes in from a group with a lower limit.

Actions:

  1. Add sub-group.
  2. Add group member.
  3. Set limit.

To set limit to the group it After user clicks “Set limits” action they see list of accounts to assign.

6.1.3.2 Setting limits

After clicking “Set limit” Operator chooses account he want to use for this group. Then they have to fill Set limit form with information:

6.2. Cards section

6.2.1. Awaiting cards tab

On this page there is a list of cards that require to take action: accept or reject. The card will be displayed on this list in consequence of one of actions:

List includes following information:

Parameter

Description

Card ID

Internal identificatory of a card in the system.

Requester

First name and last name of cardholder or operator who requested a card or a change of limit.

Cardholder e-mail

E-mail to which a message about assigning a new card arrives.

Total limit

This limit determines the maximum amount which a cardholder can spend using a card.

When the card's validity start date is reached, an exclamation point icon is displayed next to the card's visual.

6.2.2. Active cards tab

On this page there is a list of cards that is currently active. The card will be displayed on this list in consequence of one of actions:

List includes following information:

Parameter

Description

Card ID

Internal identificatory of a card in the system.

Cardholder e-mail

E-mail to which a message about assigning a new card arrives.

Limit

This limit determines the maximum amount which a cardholder can spend using a card.

Current spend

This value shows the relationship between the money spent and the limit on the card.

6.2.3 Cards history tab

On this page there is a list of all assignments of cards in the system. The list includes every card assignment, even cancelled, rejected or finished ones.


List includes following information:

Parameter

Description

Card ID

Internal identificatory of a card in the system.

Cardholder e-mail

E-mail to which a message about assigning a new card arrives.

Limit

This limit determines the maximum amount which a cardholder can spend using a card.

Current spend

This value shows the relationship between the money spent and the limit on the card.

Status

Approval status of a card.

6.2.4 Card assignment

Clicking on the “Assign card” button takes Operator to Assign card form view. The card assignment form is the most important screen in the system. It allows to enter the data for which a card will be generated and assigned. Currently, only the option to create virtual cards is available.

The form consist of sections:

When option “Use a separate e-commerce payment card” is chosen cardholder sees in their application such information as CVC and end date of a card.

If option “Set periodic limit” is chosen Operator can fill amount that cardholder can spend daily, weekly or monthly.
(WorkInProgress) Merchant Category Codes allows to define merchant codes for which the card will work or codes that will define a declined transaction.

6.2.5. Card details

After clicking on single row on Awaiting cards, Active cards or Cards history list Operator is directed to Card details screen. On this view there are sections:

6.3. Accounts section

On this view the list of accounts which have been assigned to a corporation is displayed. The example shown contains 3 available accounts for a corporation. Each account can have only 1 currency, which is the currency of the cards generated under that account.

List includes following information:

Parameter

Description

Name

Name of account.

Account number

24 digits number of account.

Balance

Current amount on the account with currency.

6.3.1 Account details

On this view detailed information of account are displayed.

UI elements:

Below there is a list of cards connected to this account and transaction made by cards related to the selected account.

6.4 Staff members section

On this view the list of Corporate Panel Operators is displayed.

UI elements:

List includes following information:.

Parameter

Description

Role

Role of a Operator (Corporate administrator, Corporate manager, Corporate user).

E-mail

E-mail that Operator use to login to Corporate Panel.

First name

First name of Operator.

Last name

Last name of Operator.

Group

Group to which Operator belongs.

6.4.1. Add staff member form

Clicking on the “Add staff member” button takes Operator to Add staff member form view. The form consist of fields:

After clicking “Save” button the invitation e-mail is sent to the invited person.

6.4.2. Import users

Operator can add a CSV file filled with information about users who should be invited. After clicking “Save” button the invitation e-mails are sent to the invited people.

6.5. Cardholders section

The data on this screen can be thought of as an address book or as a set of predefined people whose data can be used to assign a new card. This functionality was created to be able to save the data of people who often have cards assigned to them so that they do not have to enter them manually in the card assignment form each time.

UI Elements:

List includes following information:

Parameter

Description

First name

First name of Cardholder (end-user).

Last name

Last name of Cardholder (end-user).

Phone number

Phone number of Cardholder (end-user).

E-mail

E-mail that Cardholder use to login to mobile application.

6.5.1 Cardholder details

On cardholder details view information about enduser are displayed. Section “Basic data” contains information from Add new cardholder form:

Below there is a list with two tabs:

6.5.2 Add new cardholder form

Clicking on the “Add cardholder” button takes Operator to Add staff member form view. The form consist of fields:

After clicking “Save” button cardholder data is added to Corporate Panel. Cardholder does not receive any notification.

6.6 Reports section

Reports section contains files generated in the Corporate Panel and files added by Operators. File can be downloaded by clicking Download icon in every row. There are three tabs:

image-1654091244957.png

6.7. Transaction history section

This section contains list of transactions made by endusers.

UI elements:

List includes following information:

Parameter

Description

Last 4 digits

Last 4 digits of a card.

User e-mail

E-mail of cardholder (enduser).

Date

Date of transactions.

Phone number

Phone number of cardholder (enduser).

Amount

Transaction amount with currency.

Status

Status of transaction.

6.7.1 Transaction details

The transaction details section contains a set of information about a specific transaction such as:

Parameter

Description

Transaction ID

Internal identifier of the transaction (Verestro ID).

Token ID

Token identifier used during the transaction.

Card ID

Card identifier.

Created at

Date of transactions.

Phone number

Phone number of cardholder (enduser).

Amount

Transaction amount with currency.

Currency

Currency od the transaction.

Status

Status of transaction.

ExternalID

External identifier of the transaction.

Transaction channel

Defines the channel used to perform transaction.

Merchant name

Name of merchant receiving the payment.

Type

Type of the transaction.

Customer ID

Internal identifier of the cardholder (enduser).