recruitmentgltc@hsbc.com.

cn

HDFC BANK INFORMATION TECHNOLOGY CREDIT CARDS OPERATIONS MANUAL April 2003 (Release 1.1)

This Manual has been prepared by the Credit Cards Team of HDFC Bank, Information Technology to define the minimum procedures required to manage the various syst ems controlled by the Team. The manual is dynamic and will undergo changes as pe r the new systems / new procedures are evolved from time to time.

INTRODUCTION

OVERVIEW The Bank has taken a decision to launch the credit cards business. The software chosen is VisionPLUS from PaySys International, Inc., headquartered in Maitland, Florida. It is a wholly owned subsidiary of Denver based First Data Corporation . PaySys International is a global leader in payment systems, electronic commerc e and information management products and services. The VisionPLUS software proc esses the information that facilitates millions of consumers to pay for goods an d services by credit. In our Bank the VisionPLUS is installed on IBM AS/400. We have two numbers of 53 0 series AS/400 systems. The production (HDFCPROD) system is a dual processor, 3 GB Memory and 68 GB of Hard Disk. The backup system (HDFCBACK) has a single CPU , 512 MB of Ram and 26 GB of Hard Disk. This document provides information about the site specifications, IBM AS/400 Har dware and Software specifications, planning, setting up, and managing basic secu rity on our AS/400 systems. It also includes information about customizing the s ystem, creating and managing group/user profiles, managing print/output queues,

Backup & Recovery, etc. Apart from the AS/400 related information, other details include documentation of Application software (VisionPLUS), support application s viz. BASE24, CMS, Finware, Visa Edit Package etc. The primary audience for this guide is any AS/400, Vision Plus or any other inte rface application users or anyone who has some or all of these responsibilities. AS/400 Planning security Setting up system users Setting up security for system resources Managing security VisionPLUS Installation of Vision Applying Compliance upgrade Managing Libraries and Source Code Performing End-of-Day Operations Backup & Recovery Interfaces Link400 - Installation & Functionality Base24 - Functionality & VisionPLUS integration This manual has been designed to guide through the steps necessary to plan and s et up basic security on our system. This book does not explain every detail of s ecurity on AS/400 system. It presents a simple approach to security that is appr opriate for us to start with. It does not address programming techniques, nor do es it address the security exposures a malicious user with technical knowledge m ight pose to our system. You may need to refer IBM Manuals and handbooks for mor e specific information about a particular topic related to AS/400 system. As far as VisionPLUS and other interfaces are concerned you need to refer the appropri ate documentation provided by the respective vendors. It is the responsibility of Information Technology Group to provide the branches with a secure, reliable and controlled data processing service. This manual out lines the procedures that must be followed by IT department in running the vario us applications for the end users. Compliance to the various procedures is requi red and is audited. AUDIENCE AND SCOPE This manual is for use by the IT and Audit groups. The IT audit will be conducte d by the Audit team based on the various procedures outlined in this manual. Sin ce this manual covers the entire range of systems supported by IT, it is necessa ry that the individuals performing the various activities are fully aware of the procedures outlined. Systems / procedures keep on changing and all efforts will be made by the IT group to make this manual always current. UPDATE RESPONSIBILITY Review and update of this manual is the responsibility of IT group. Individuals will be assigned to incorporate necessary changes / updates within the group. Wh erever changes / updates are performed, the relevant sheets from this manual wil l be replaced by the concerned personnel of IT group. The manual will also be av ailable as soft copy. DPC Manager, Librarian, Network in-charge and respective a pplication support team leaders will be allowed to make required changes in this

manual. MANAGEMENT, ORGANISATION AND PERSONNEL

OVERVIEW The smooth running of the Credit Cards Data Processing function of the IT group can be easily impacted by any interruption in the management, organisation or pe rsonnel practices followed.. This chapter describes the procedures to be followe d by Data Processing Centre to minimise the risk of non-availability of the serv ices to the business. POLICY The organisation for the Data Processing operations in a centralized environment should be clearly defined. At a minimum, there should be one DPC manager, shift supervisors for all the three shifts, DPC officers, Database administrator and Librarian. The DPC operations staff should have knowledge on trouble shooting in AS/400. Each individual should have an up-to-date job description clearly layin g down responsibilities / accountability. To maintain an efficient operating DPC, sufficient staff should exist (with back ups for holidays, sickness, resignations etc.) to cover day to day operating requirements. At least two people should be available to run the end of day wor k. At least two people should be available to diagnose and resolve any operating / program abends / problems. The DPC operations staff should have sufficient training to perform their duties . This can be formal or on the job or both. Overtime worked in the DPC should be minimal; the only periods required are duri ng month ends, patch loading, software or hardware abends, etc,. The staff who w ork overtime / during holidays must be given suitable compensatory offs. The DPC should agree with users the level of support and services provided and d ocumented in a Service level Agreement that is reviewed on an annual basis. The management should have an annual overall plan detailing the projects, etc. t hat it will be undertaking. This should cover the acquisition / upgrade of hardw are, software, staff etc. This will be a part of the annual budgeting exercise b ased on the Business initiatives.

Job Descriptions DPC Manager- Mumbai Position Objectives Administer, coordinate and maintain effective daily utilisation and operations o f all Data processing services for the whole bank. Principal responsibilities Supervise all the Data processing activities of the credit card applicat ion software used by different groups / users of the bank.

Produce and maintain accurate and well defined operational procedures in terms of check lists in accordance with the Bank s requirements / guidelines set up by the IT Group. Provide necessary training to the DPC staff in gaining knowledge on the various Data processing activities. Ensure system availability to end users as per agreed Service Level Comm itments. Provide MIS data bases / reports to Chennai / Management. Ensure adequate staffing for the DPC operations / Hardware resources so as to meet service deadlines. First level support to end users on various systems by coordinating with users / support team . Maintain adequate control on various system access to ensure that the se curity of the systems are always ensured. Review of DPC checklists etc. Handling contingency scenario / situation as per procedures to minimize service disruptions. Data Centre Supervisor Reports to Data Centre Manager Position Objectives To effectively coordinate and maintain respective system s daily utilisation and o perations of the associated Data processing activities for the whole bank. To ef fectively manage the Database Administration activities of specified systems in consultation with Application Support personnel. Principal responsibilities Checking check lists on a daily basis to ensure activities are carried o ut as per procedure. Verification of each activity performed during the Batch ru n. To ensure that the regular DPC activities carried out as per check list and take full ownership of the shift activities. Database Maintenance and Disk Space management. System / Database monitoring and remove bottlenecks. Tuning of Database to improve response. Coordinating with IBM or application development team for loading of pat ches / LIC Testing the application of patches as per laid down procedures. Creating new Users and Login IDs on OS as per approvals.

Checking and taking action on Night Shift batch joblogs and pending prob lems at end of day. Ensure regular back ups as per procedure and checking logs / registers o n a daily basis. Ensure that the backups are handed over to the librarian. Maintenance of Database on the back up server. Planning and executing regular deletions to keep Database size manageabl e and carry out Database reorganisation by running RECLAIM STORAGE on a regular basis and ensure satisfactory system performance. System Maintenance by doing IPL every forthright. Month end printing co-ordination and ensuring back up of the same. Solving users queries on a regular basis in co-ordination with Applicatio n Support / Facilities Management / HW vendor / SW vendor as per requirements. Ensuring that all scheduled / specific DPC activities are carried out i n time. UAT co-ordination. Back up of systems before and after any changes following the Change Con trol procedures.

Data Centre Operator Reports to Data Centre Shift In Charge Principal responsibilities To carry out daily activities as per check lists and procedures To carry out daily printing as per schedule. To ensure that the DPC check lists are followed and DPC activities are c arried out. To provide first level user support as and when required. Resolution of queries as per the Turn Around Time. To escalate / follow up on escalation on the unresolved queries with app ropriate team. To ensure that batch runs are completed for the timely release of system next day. Batch reports are to be printed / Electronically sent as per procedures laid out. Daily update on system status for the previous EOD. Maintenance of all records / registers / logs of DPC.

To ensure Audit deliverables are met on a daily basis. To carry out any unscheduled activities as assigned by the DPC Manager. To carry out daily back up on various systems as per schedule. User query resolution on a daily basis. To escalate any discrepancy / error to Supervisor / DPC Manager. Providing the reports / extracts to Chennai as and when scheduled. Carry out refreshes / updates as per schedule. Data Centre Librarian Reports to Vice President (Support Services) Principal responsibilities Maintain Daily tape movement forms across the various DPCs. To ensure that all the Inventory of all tapes are completed and verified . Destruction of old tapes received from branches as per the procedures. Ordering of consumables (Tapes/Ribbons) for the DPCs at Mumbai. Maintaining Software Library. Carrying out Software Physical Inventory once a year. Data Processing Functions The individual functions which a Data Centre may perform are listed and describe d briefly below. Some may be performed outside the DPC. Each function represents a separate and distinct area of responsibility. DPC Management Plans, coordinates, and directs all Administrative and technical DPC activities. Operations Supervision Plans and directs the Computer operations and communicat ion activities. Provides technical assistance to operations, systems, and user d ivisions departments on a daily basis. Production Scheduling Prepares and ensures compliance with daily, weekly, and monthly production schedules; adjusts them in the event of unplanned or urgent r equests. Input Production Control Prepares batchwork in accordance with the daily production schedule and user input and instructions. Output Production Control Checks that all production work has been process ed in accordance with daily production schedules; checks that all Input has been generated correctly and distributed as stated in the user instructions. Shift Supervision Checks that schedule production work and all input / out put requirements are available; supervises the daily operations of computer and

auxiliary equipment, diagnoses errors and takes corrective action as needed. Computer Operations Operates all computer and auxiliary equipment to process work in accordance with specified schedule and requirements. Library Control Monitor control of tapes, software, and all documentation assoc iated with the systems. Hardware Control Evaluates and monitors installation, support, and mainte nance of all computer and auxiliary equipment which supports services provided t o users of various Groups / Divisions. Environmental Control Administers and oversees technical control and maintenan ce of the procedure and equipment which support environmental conditions in the Information Processing Area Admin Dept. Acceptance Control Accepts on behalf of the Computer operations unit, any n ew hardware or application programs or both, or changes to the existing services . Maintenance Control Evaluates and monitors implementation, support, and main tenance of software; ensure that the operating system software and utilities are functioning reliably and with maximum efficiency. These individual functions should be assigned to specific personnel so as to ens ure that they are all carried out. The IT department will also have back up pers onnel for carrying out these activities in case the Primary personnel is not ava ilable. Separation of Duties DPC will not carry out any Data Entry / Authorisation related to user profiles. Holiday table maintenance / Date change will be carried out by DPC staff. No DPC staff will be able to enter or authorise transactions of Financial nature . No DPC staff will reconcile a Financial report. No DPC staff may review his own work. In the Main DPC (Chandivali), the Librarian function is different from DPC funct ion and a separate Librarian will manage the Library. No DPC staff will be allowed to modify or develop any system or application prog rams in the LIVE system. However DPC staff may provide guidance to end users on using productivity improvement tools. Critical passwords of the systems are to be held ONLY by designated staff. Systems Development As a policy Information Technology Group of the bank does not carry out any In-H ouse development. The Application support functional area will facilitate any ne w software development after Business justifications / approvals are provided. D ifferent application support personnel will be involved from IT side for ensurin g that the software is developed by the vendor as per needs / in time and the VP -Application support will be overall responsible for all the new Software Projec ts.

All the major software that will be used will undergo Initial testing by Applica tion support functional area before handing over to User Acceptance tests. DPC w ill facilitate any batch run activities during such UATs. For all the major soft ware used by the Bank, AMC contract will be signed and the Vice President (Appli cation Support) will ensure that all the AMCs are current and up to date. The ve ndor has the source codes for all the major software that are being used by the bank. For small time vendors, either the source code will be provided by the ven dor or there will be escrow arrangements. All the patches / enhancements of the existing systems will undergo the usual Ch ange Control procedures and to be signed off by the respective application suppo rt personnel and approved by the Vice President-Application Support. The applica tion support team to ensure that necessary timely support is provided to the DPC staff in running the existing applications. The vendor suggested / supplied ope rating system / Application software patches will undergo testing as per Change Management procedure before installing to LIVE environment. During batch runs, i f any of the program(s) has to be fixed (to make sure that we do not delay syste m release, the same will be applied as fix to carryout the batch jobs. These wil l be retrofitted into the actual software during the next release. Contact List The emergency contact list of key personnel is maintained at DPC in the form of a diary. Since people change from one location to another, the updated contact l ist is maintained at the DPC for contacting during emergency situation. The Bank publishes the latest telephone directory every year and the same is made availa ble to DPC. The contact telephone numbers of key vendors / application support p ersonnel are also available in DPC. Escalation schedule has been drawn out to pr ovide communication at appropriate levels. In case DPC cannot contact the concer ned user, we have the procedure of contacting the RBM of the respective region. Environment and Housekeeping Overview The smooth running of the Data Processing Centre can be easily impacted by the c ondition of the area. This chapter describes the procedures to be followed to en sure that the Data processing Area minimizes the risk of non-availability of the services from this cause. Policy 1.The temperature within the machine room should be between 18C and 24C and the humidity between 30% and 80%. 2.The servers should be housed in an area where the entry is restricted. 3.The Servers (including the File servers) should be housed in an air-conditione d environment. False flooring to be provided for the machine room. 4.Smoke / Fire detection system should be provided for the DPC machine room / DP C operations area. The vendor checks these units and the reports are available w ith General Admin. It is the responsibility of Admin to make sure that these uni ts are checked periodically by the vendor for proper functioning. 5.All the switches, hubs, routers are to be properly secured so as to prevent fr om any tampering. Wherever possible, cables are be dressed neatly and put under the false floor to prevent from tripping. 6.Access to the server room should be restricted and list of authorized personne

l who can have entry inside the room should be posted outside the room. It is th e responsibility of General Admin to provide Access Control cards to authorised personnel wherever the Swipe Card system is installed. 7.The room housing servers / Telecommunication equipment should remain closed al ways and proper vigilance is to be ensured and in circumstances should it become a tourist attraction. 8.The DPC area should have fire extinguishers that are easily accessible for eme rgency use and the staff should be trained on the usage of such devices Responsi bility Admin. 9.Access log is to be maintained for the entry of the personnel inside the machi ne room other than the authorized staff. 10.The DPC area should be maintained neat, clean and tidy. Only required manuals / registers / documents should be housed inside the DPC operations area. The re ports that are not collected should be destroyed after a specified period. 11.Air Conditioning should be adequate for all the hardware housed in the DPC machine room. Constant high temperature could have damaging effect on the operat ion of the hardware. 12. All critical Hardware housed in DPC area should be powered by UPS which shou ld withstand at least for 15 minutes when the main power supply fails. This is required to bring down all the servers systematically when there is a prolonged power interruption. 13. No hazardous material should be stored in the vicinity of the DPC area. 14. In case of emergency situation occurring (flood, fire, Air conditioning fail ure etc.), the first priority must be to bring down the critical servers in a co ntrolled and orderly manner (if possible without risking the life). Management should be informed as soon as possible on the situation. 15. Outside personnel are not be entertained in the DPC area / Machine room. Housekeeping 1.The DPC area must be kept tidy and clean at all times. 2.All stationery must be stored in proper storage cabinets (if provided) or in a rack, when not required for immediate usage. 3.No hazardous wiring is to be allowed inside the DPC area. 4.No eating , drinking or smoking allowed in the DPC area. Fire Protection It is the responsibility of the DPC staff to ensure that procedures are adhered to, that will hopefully preclude a fire ever breaking out within the DPC area. Combustible material should be kept to the minimum and where possible kept in st eel racks at the storeroom when not required for immediate use. Smoking must not be permitted inside the DPC area. Portable fire extinguishers must be mounted on the walls of the DPC area and mus t be inspected periodically Responsibility Admin department. Alarm tests are to be carried out at least every quarter to test the emergency e vacuation procedures Responsibility Admin department.

In the event of a fire, it is responsibility of the senior DPC staff on duty to ensure that the other staffs evacuate the area as quickly as possible. In the event of a small fire the following procedures must be followed:

DPC staff should inform the management as soon as possible DPC staff should attempt to fight the fire using the fire extinguishers . DPC staff should attempt to bring down all the critical application down as per orderly shut down procedures in a controlled manner After the fire is extinguished, the material remaining in the affected area shou ld removed if permission is given This will avoid further damage during the coo ling off period. As soon as possible, the material salvaged ( before or after the fire ) should b e removed to a secure location under the control of the bank and physically chec ked by experts for damage. If necessary, and possible, new back up media should be made. II. Security Policy Why is security important? The information stored in our system is one of our most important business asset s. We should keep three important objectives in mind when we think about how to protect our information asset: Confidentiality Good security measures can prevent people from seeing and disclosing confidentia l information. Integrity To some extent, a well-designed security system can ensure the accuracy of the i nformation on our AS/400. We can prevent unauthorized changes or deletions of da ta. Availability If data or other resources on our system are accidentally or deliberately damage d those resources become unavailable for the running of our business until they can be recovered. A good security system can prevent that kind of damage. When we think about system security, we usually think about people outside the c ompany, such as business rivals. Actually, protection against curiosity or syste m accidents by proper users is often the greatest benefit of a well-designed sec urity system. In a system without good security features, a user might unintenti onally delete an important file. A well-designed security system helps prevent t his type of accident. Who should be responsible? As we all know, the information in our system is an important asset. That inform ation should be respected and protected, just as we would any other company asse t. Setting up security should be the responsibility of a security officer. The s ecurity officer defines system users and what those users are allowed to do. The security officer is often responsible for other things on the system, such as b

ackup and recovery of information. The IT Team of Credit Cards Project is respon sible for the security of our AS/400 System. Security Policy for the AS/400 (Vision Plus) users The information on our AS/400 system is vital to our organization. We rely on it s completeness and accuracy. Some of the information is also confidential. As a user of the system, you share the responsibility to protect the information on t he system. You do this by following the security policy that is given below. Thi s policy has been designed to not only to protect information that is critical t o our business but also to make our jobs easier and to improve our business perf ormance. IT - Team has the responsibility for security on the AS/400 system. All AS/400 u sers can contact them if they have any questions or suspect any security problem s. Everyone who needs to use the system will receive a user ID and a password. You will be required to change your password the first time you sign on the system a nd every 30 days after that. Choose a password that you can remember, but one th at is not obvious. The IT team can be contacted for suggestions for creating pas swords. Do not share your password with anyone. We intend for you to be able to do anyth ing on the system that is necessary for your job. If you need access to informat ion, contact the IT Team. If you forget the password, they (IT Team) can set up a new one for you immediately. There should be no reason for anyone to sign on w ith someone else s user ID and password. You may have learned how to use a record and playback function in your workstati on to save typing. Do not use this to store your password. Do not leave your workstation signed on when you are away from your desk. In you r training you learned how to sign off your workstation temporarily. Use this fu nction if you need to leave your desk for a short time. If you will be away for a long period, finish your work and use the regular sign-off. Signing off when you leave your workstation is particularly important in locatio ns that are accessible to the general public, such as the customer service area, etc. Three successive failures to enter a legitimate password for a User ID will lead to the User ID being disabled. They can only be re-enabled by the Security Admi nistrator. A user will not have more than one User ID/Password on AS/400 as well as VisionP LUS. A User ID of a former employee or an employee who no longer has rights to use AS /400 or VisionPLUS will be immediately disabled by the Security Administrator.

Security Policy for the I.T. Team A Good security plan can protect our system, but it cannot guarantee the safety of our equipment or the information. We should divide responsibilities to ensure that no one person has exclusive control over our system. We should also have a good plan for backup and recovery of all the information on our system and a pl an for replacing the equipment in the event of a disaster. More details about de signing a good backup plan is provided in the later part of this manual. As we had already mentioned, the security officer will be responsible for settin g up security. Apart from the responsibilities like defining system users and wh at those users are allowed to do, backup and restore, etc. he should also custom ize the system, since many security elements play an important role in system cu stomizing. Given below are some of the measures he has to take as part of securi

ty policy. Physical Access to the System Physical security includes protection the system unit, all system devices (such as display stations and printers), and backup media (such as tapes and diskette s), from accidental or deliberate loss or damage. Most measures we take to ensure the physical security of our system are external to the system. However, the system is equipped with a key-lock that prevents un authorized use of functions at the system unit. Storing important system documentation The security officer password is critical to the operation of the AS/400 system. We should write this password down and store them in a safe, confidential place . We should also keep a copy this password stored away from our business locatio n. We should also consider storing other important documentation, such as a list ing of the configuration and the main application libraries, away from our busin ess location to help us recover from a disaster. Storing the Tapes: Later in this manual we ll be looking into the Procedure for Ba ckup & Restoring of data in the tapes. In this regard we should keep in mind tha t the tapes on which we have saved information should be kept secure from both d amage and theft. Damage to backup media: If our system and the backup tapes are destroyed by a di saster or by vandalism, you will not be able to recover the information that was on our system except from printed reports. Theft of Backup Media: We may have confidential business information saved on th e backup tapes. A knowledgeable person might be able to restore this information to another computer and print or process it. Recommendations are i) Storing the backup media in a locked, fireproof cabinet, ii) Regularly we should take a cop y of our backup media to a secure offsite location.

How Users Sign On Sign-on security prevents a person who is not identified on the system from sign ing on. In order to sign on, an individual must enter a valid combination of use r ID and password. Sign-on security is active when the system security level is 20 or higher. The available security levels are; Level Level Level Level Level 10 20 30 40 50 Physical Security only Password Security Password and Resource Security Integrity Protection Enhanced Integrity Protection

What users are allowed to do: An important role of security, and of system custo mizing, is to define what users can do. From a security perspective, this is oft en a limiting function, such as preventing people from seeing certain informatio n. From a system customizing perspective, this is an empowering function. A prop erly customized system makes it possible for people to do their jobs well, by el iminating unnecessary tasks and information. Some methods for defining what user s can do are appropriate for the security officer, while others are the responsi bility of functional owners of the application software (VisionPLUS).

Here, we focus primarily on those things that a security officer usually does. F ollowing is a brief discussion of the techniques available: Limiting users to a few functions: With the user profile, the security officer c an limit a user to a specific program, a specific menu or set of menus, and a fe w system commands. Restrict System functions: System functions are activities such as saving and re storing information, managing printer output, and setting up new system users. E ach user profile specifies which of the most common system functions the user ca n perform. On the AS/400, system functions are performed using control language (CL) commands and application programming interfaces (APIs). Because every comma nd and API is an object, you can use object authorities to control further who c an use them and do system functions. Determining who can use files and programs: Resource security provides the capab ility to control the use of every object on the system. For any object, you can specify who can use it and how they can use it. For example, you can specify tha t one user can only look at the information in a file; another user can change d ata in the file; a third user can change the file or delete the entire file. Preventing abuse of system resources: The processing power on your system can be come just as important to your business as the data that is stored on it. The se curity officer helps to ensure that users do not misuse system resources by runn ing their jobs at a high priority, printing their reports first, or using too mu ch disk storage. Parameters are available in individual user profiles, job descr iptions, and classes to control the use of system resources. Saving the Security Information: Regularly backing up the information on our sys tem is important. In addition to backing up the data from the system, we need to save security information also. If a disaster occurs, we need to be able to rec over information about system users, authorization information, and the informat ion itself. Physical Security of Workstations In most cases we want all users to be able to sign on at any available workstati on and perform all authorized functions. However, if we have workstations that a re either very public of very private we may want to take special precautions. What could be the risks? Unauthorized use of workstations in a public location: Some locations, such as s ales office, customer service department, etc. are easily accessible to people o utside our organization. If a system user leaves a workstation signed on, someon e from outside the company might be able to walk up and access confidential info rmation. Using a workstation in a private location to perform unauthorized activities: A workstation located in a very private location gives an intruder, whether inside or outside our company, the opportunity to spend long hours trying to circumven t our security without being observed. An unauthorized user signing on the system by using the playback functions on a display station or by running a PC sign-on program: Many display stations have a record and playback function, allowing users to store frequently used keystroke s and repeat them by pressing a single key. When a personal computer is used as a workstation on the AS/400, a program can be written to automate the sign-on pr ocess. Because the sign-on process is a frequently used function, users might de cide to store their user Ids and passwords, rather than typing them every time t

hey sign on. Recommendations If possible avoid putting workstations in very public or very private places. Emphasize to system users the importance of signing off before leaving a worksta tion. Emphasize that recording a password in a display station or in a PC program viol ates system security. Take measures, using the inactive timer system value, to prevent signed-on works tations in public locations from being left unattended. Limit which functions can be performed at public workstations by authorizing onl y users with limited authority to those workstations. Prevent users with security or service authority from signing on at private work stations. Do not allow users to be signed on at more than one workstation at the same time . This can be controlled by the system value, which limits device sessions. Protecting Printers and Printer Output Once information starts printing, system security cannot control who sees it. What are the risks? A printer located in a public place might give unauthorized people access to con fidential information. Printer output left lying on a desk might reveal information. We may need to print some highly confidential report, which we do not want the n ormal users to see. Recommendations Emphasize to system users the importance of protecting confidential printer outp ut. Avoid locating printers in public places. Schedule the printing of highly confidential output and have an authorized perso n stay at the printer while it prints. When we run a program that prints a report, the report usually does not go direc tly to a printer. The program creates a copy of the report, called a spooled fil e. Spooling makes it easier to schedule printing jobs and to share printers. It also helps us to protect confidential output. We can create one or more special output queues to hold confidential output and restrict who can view and manage t hose output queues. We can also control when confidential output is sent from th e queue to a printer. Monitoring Security Few basic suggestions are provided here for monitoring the effectiveness of the security of our system. Monitoring security regularly has two basic goals: Making sure that our resources are adequately protected. Detecting unauthorized attempts to access our system and the information Checklists for Monitoring Security Following are checklists for reviewing different aspects of security in our syst em.

Monitoring Physical Security Backup media is protected from damage and theft. Access to workstations in public areas is restricted. Monitoring System Values Use the Print System Security Attributes (PRTSYSSECA) command to verify that the settings match the initial System Values. This has to reviewed when we install new applications and also on a regular basis. Monitoring Group Profiles Group profiles have a password of *NONE. Using the DSPAUTUSR command it can be verified which profiles have no passwords. The correct people are members of the group. Using the DSPUSRPRF Command with th e *GRPMBR option to list the members of a group. If we are running at security lever 30, 40, or 50, group profiles should not hav e *ALLOBJ authority. Use the DSPUSRPRF command to check the special authorities for each group profile. Monitoring User Profiles User profiles on the system should belong to one of these categories: User profiles for current employees Group profiles Application owner profiles IBM-supplied profiles (start with Q) When users leave the organization or are transferred, their user profiles should be removed from the system. Using the Change Expiration Schedule Entry (CHGEXPS CDE) command we can automatically delete or disable the profile as soon as the u ser leaves. Look for inactive profiles and remove them. Use the Analyze Profile Activity (AN ZPRFACT) command to automatically disable profiles after they have been inactive for a certain time. Using the Analyze Default Passwords (ANZDFTPWD) command we can determine which u sers have a password that is the same as their user profile name. Using the opti on of this command we can force the users to change their password the next time they sign-on the system. Attention: It should be noted that IBM supplied profiles should not be removed f rom the system. We should be aware of who has a user class other than *USER and why. Using the P rint User Profile (PRTUSRPRF) command we can get a list of all users, their user class and special authorities. We can also control which user profiles have the Limit capabilities field set to *NO. Monitoring Unauthorized Access We have to instruct the system operators to be alert for security messages in QS YSOPR message queue. In particular, they should notify the security officer of r epeated unsuccessful attempts to sign on. Security messages are in the range of 2200 to 22FF. They have prefixes CPF, CPI, CPC and CPD We need to set up security auditing to log unauthorized attempts to access objec ts. For more details one has to refer the IBM supplied manuals. The above security a spects cover OS level and system level. As far as application security i.e. Visi onPLUS, is concerned it is driven through the application itself. One has to go through the VisionPLUS documentation for the same.

Setting up of Ownership and Public Authority In this chapter, you establish ownership and public authority for the VisionPLUS and Link400 application libraries and personal libraries if any. Use the proced ures given in this chapter whenever you install a new application on your system or when you want to set up security for an existing application. Changing Library Ownership This step changes the ownership of a library, not the objects in the library. Attention: Be sure to check with your application provider before you change own ership of any application objects, because some applications use functions that rely on specific object ownership. Type CHGOBJOWN (Change Object Owner) and press F4 (Prompt) Fill in the library name, object type (*LIB), and the new owner Check confirmation messages. Possible error: The most common message is that either the library is not found or the new owner profile is not found. Verify the same and try again. Using the Change Object Owner Command Use this method to change the owner of objects in a library if the objects are o wned by QPGMR or QSECOFR. Type CHGOBJOWN (Change Object Owner) and press F4 (Prompt) Fill in the information on the display for the first object on your list and pre ss the Enter key. You receive a confirmation message that the object ownership is changed. Check o ff the item on your list. Press F9 to retrieve the command you typed earlier. Press F4. On the Change Object Owner Display, enter information for the next obj ect in the library and press the Enter key. Repeat the above two steps for each object in the library. Setting Public Access to a Library Use the Edit Object Authority (EDTOBJAUT) command to change public authority to the library: Type EDTOBJAUT library-name *LIB. Move the cursor down to the line showing *PUBLIC. Type the authority you want the public to have to the library and press the Ente r key. Setting Public Authority for All Objects in a Library Using the Revoke Object Authority (RVKOBJAUT) command you can remove the current public authority for objects in a library and using the Grant Object Authority (GRTOBJAUT) command you can set public authority for all the objects in a libra ry. Type RVKOBJAUT and press F4 Fill in the display as shown, substituting the name of your application library, and press the Enter key. If the library has a large number of objects, the syst em may take a few minutes to process your request. Type GRTOBJAUT and press F4. Fill in the display as shown, substituting the name of your application library and the authority you want, and press the Enter key.

If the library has a large number of objects, the system may take a few minutes to process your request. Note: When you use the GRTOBJAUT command to make multiple changes to authority, view your job log to verify that the changes were made. Setting Public Authority for New Objects The library description has a parameter called create authority (CRTAUT), which determines the public authority for new objects that are created in the library. The commands that create objects use the CRTAUT authority of the object library as the default. You should make the CRTAUT for a library the same as the public authority for the majority of existing objects in the library. Type CHGLIB library-name and press F4 (Prompt). Press F10 (Additional Parameters). Type your choice in the Create Authority field. If you set the CRTAUT to *SYSVAL, the current setting for the QCRTAUT system val ue is used when a new object is created in the library. Setting a specific CRTAU T authority for each library protects against future changes to the QCRTAUT syst em value. Creating Authorization List Use the CRTAUTL command to create any authorization list necessary to secure the library. Type CRTAUTL and press F4 Fill in the information from your Authorization List. Press F10 (Additional Parameters). Use the authority for objects secured by the list. Check the confirmation Messages. VisionPLUS BACKUP PROCEDURE The Process of Back-Up is to be Done Through Vision Plus A } Source : In Vision Plus an option Comes Which Ask us Before Starting Back. O n Confirmation of Backup The Before E.O.D starts. B } Following is the Back-up procedure to be followed : 1.One Set of backup will be taken for each E.O.D ie : Before Batch After Batch 2.The backup have to be properly labeled containing the following Details : a. Tape No. b. Date of Batch. c. Pre or Post Batch. 3.The Backup tapes should be properly labeled and corresponding entries should b e entered in a database. 4.A check should be kept on which tapes are to be reinitialized and when. 5.Once a Back-up is done the set of tape will be sent to Kamala Mills (Off site)

on a daily basis while another set will be kept with us at Chandivali. 6.Every 7 days the tapes with us will be recycled. 7.Month end backup will be stored for one Year and will be recycled every year. 8. Program Library backup of the backup system is required to be taken on a dail y basis. 9. The Tapes should be stored in a safe place to be accessed by the Authorized P eople. 10.Monthly System Backup will be stored with Librarian and it will be recycled a fter the end of each Month. C } Verification Steps : The Verification of the Tapes can be done to ensure whether the Backup i s Complete. In the case we can issue a command DSPTAP to display the contents of the tap. D } Failure Modes : Back-up can Fail in 2 conditions a } The Tapes are not initialized b } The media is corrupt. Under each Circumstances Following are the steps to be Followed a} If in Case the message Occurs that the Tapes are not Initialized we have to first initialized the tapes. ie : - Type INZ to initialise, g to go ahead, c for cancel. b} In case the message is media corrupt we have no alternative but to replace th e media. Change Control Change control is a very important activity of the IT management. By having prop er change control procedure, many issues that may be arising later can be easily identified and rectified with minimum down time. Any changes to Hardware, Opera ting system and software are to be properly logged in, authorised and reviewed t o have proper control of the changes that have been effected into the system. A format of Change control form is given at the end of this chapter. Change Request Any change in the existing software (including necessary patches) are to be requ ested by the user department personnel in the prescribed form. This request is t o be authorised by the user department head ascertaining the exact need, impact if the changes are not carried out, The nature of the change required has to be briefly mentioned in the Change request form. Additional sheet may be attached t o the form, if more details are to be added. Change Request Approval The change requested is authorised by IT department either by the VP (Support Se rvices) or by VP (Application Support). Suitable delegations are made by respect ive VPs for approving the requests in their absence.. Based on the request made by the user, which is duly approved, Support / vendor personnel give the details of the changes that are to be carried out in the program or scripts or database tables. As far as possible complete details are to be provided, which will be u seful at a later stage of debugging.

Development / Procurement process In certain cases the changes requested by users call for code development. The S oftware vendor provides cost estimates based on the man days required. This has to be approved by Head-IT before any code activities can be started. When the co de development involves a considerable amount, which is not budgeted, then a for mal approval process is to be carried out. The users will be intimated about the delivery of such changes for acceptance tests taking into account the approval, development time. If the software is available off the shelf , then procurement is done based on the approvals obtained and made available for acceptance testi ng before porting to Live system application. Acceptance Tests Once the software is delivered / procured, it follows the acceptance testing. F irst the functional level testing by the IT support personnel. Once the IT perso nnel completes the testing, then the software is released to the user in the UAT machine. The test plan to be prepared by the user in consultation with IT suppo rt personnel (if required) and should be available before commencing the tests. Additional test cases, check points may be added (which would have got missed ou t earlier) while carrying out the tests by the users.. Once the tests are comple ted , test results summary is to be prepared by the user and sign off is given f or porting to Live system. If there is a major change that has been tested, then audit sign off is taken after necessary reports are provided to the audit team. IT Team support personnel gives sign off for implementing the changes in the li ve system. Implementation of changes After the necessary sign off, a copy of the exiting software is taken by the Dat a Centre personnel to serve as an emergency measure. The changes are made in the LIVE environment at a designated date / time as per the instructions from the A pplication support team. Approval from the DPC Manager is taken prior to making the LIVE implementation. User Training There are some major changes which have been implemented require rigorous user t raining. It is normally carried out by the Product Development Group. The user m anual is also prepared and given to the users by either IT or by the Product Dev elopment Group. It is very important that the actual users clearly understand th e changes that have been effected in the system so that mistakes can be avoided while using the changed system. Back out Plans Since the changed software cannot be tested for all the boundary and exceptional conditions, there may be a need to revert back to the earlier version. This wil l be decided by the IT Team in consultation with the product development group a nd Audit division (if applicable) depending on the criticality. The pre image t hat has been taken prior to making changes will be used to restore back to the o riginal version. In cases, where changes made are very critical, onsite support from vendor personnel is resorted for a few days after the implementation. This is coordinated by the application support team with the software vendor. Application (VisionPLUS) Information At this point, you need the following general information about the business app lication, which is going to run on the AS/400. Later, you use this information t

o plan user groups and application security: Application name Name of the application, which is running on the AS/400, is VisionPLUS. Descriptive information of VisionPLUS VisionPLUS A family of integrated software products that provides a total manage ment system for our Credit Card operations. Some of the software products, which are integrated with each other, are as follows: CMS CMS is the core system of the VisionPLUS family. It is an online, accounts recei vable system that provides you with the means to process accounts quickly and ef ficiently. The system is designed to track and process account activity accordin g to specific parameters and options you define. Because maintenance to the syst em is online, real-time, you have the flexibility and control you need to proces s accounts effectively. FAS FAS is an online financial authorization system that provides you with the means to authorize transactions online in a real-time file update environment. FAS in terfaces directly with VisionPLUS and is in contact with Visa and MasterCard net works virtually 24 hours a day, seven days a week. This contact provides: Immediate response to authorization inquiries Support for both issuer and acquirer processing. CDM CDM is an online system that provides you with the means to make credit decisions quickly and efficiently. The system is designed to track and process credit appl ications according to specific parameters and options you define. In CDM, credit applications have three possible outcomes. Applications can be: Automatically approved Automatically declined Automatically queued for operator decision. CTA The Collection, Tracking, and Analysis (CTA) System is a multi-organization, mul ti-product application. As a parameter and classification-controlled system, CTA allows flexible priority queuing of accounts for follow-up and reporting. CTA i s designed to interface with the VisionPLUS Credit Management System (CMS). ASM ASM is an online, real-time software product that enhances customer service func tioning and provides performance level reporting for management. ASM processing and security is controlled by organizational levels that you establish within th e system. Four security levels (1 4) are available within ASM. Customer service re presentatives assigned a security level of 1 have the highest security; represen tatives assigned a level of 4 have the lowest. ASM requires minimal batch proces sing and yet allows you to display, online, the information needed to work throu gh a customer call.

TRAMS TRAMS acts as a front-end collection, processing, and routing mechanism for tran sactions, both monetary and non-monetary. The system allows users to receive tra nsactions from multiple sources using a single system that interfaces with multi ple application end points. This capability provides integration between applica tions, promoting more timely transfer of information between these applications. TRAMS provides numerous storage and reporting functions to facilitate and suppo rt its processes. ITS The Interchange Tracking System (ITS) is a part of the VisionPLUS family of syst ems developed by PAYSYS International, Inc. ITS is designed to interface with th e VisionPLUS Transaction Management System (TRAMS) and Credit Management System (CMS). Together these systems provide the functions necessary for processing Vis a and MasterCard issuer interchange transactions to accomplish the following act ivities: Copy Requests Chargebacks Fee Collections Funds Disbursements Fraud Reporting Issuer's Clearinghouse Transactions. LTS The Letter System (LTS) is an online software product designed to generate lette rs through the use of online screens and batch processing. Through the screens y ou establish LTS control records and access the letter generation functions. SS SS is a comprehensive online security system that interfaces between all PaySys products. It also is the central location for PaySys common routines. Online sec urity system SS is organized to allow a single operator designated as the Securi ty Supervisor, to access all PaySys products and associated online functions. Th e Security Supervisor oversees and controls access to all of the applications an d establish the sign-on parameters for any number of Alternate Supervisors. Primary Menu and Libraries of VisionPLUS Initial Program Library Initial Menu Library Application Libraries VPSSYSCUST VPSPRDCTLD VPSPRDDATA VPSPRDPRTF VPSPRDCUST VisionPLUS VPSPRDLOAD VPSPRDQRYD KIKSRUN3.0 KIKSPRD3.0 Systems and Operations Guide - VPSLIBUSER - VPSPRDLOAD - VPSMAIN - VPSPRDLOAD

The VisionPLUS AS/400 Systems and Operations Guide provides the information that you need to set up and run VisionPLUS products on the AS/400 platform. The desi

gn of this guide provides an AS/400 perspective to the application's technical g uide. Purpose of Guide The VisionPLUS AS/400 Systems and Operations Guide provides the basic informatio n that you need to set up and run the VisionPLUS products to which you are licen sed. This guide is a reference tool for the following VisionPLUS products: Application Description ASM Account Services Management System CMS Credit Management System CTA Collections, Tracking, and Analysis System FAS Financial Authorization System ITS Interchange Tracking System LTS Letter System SS Security Subsystem TRAMS Transaction Management System TRAMS/BC Transaction Management System/Bank Card Module TRAMS/DE Transaction Management System/Data Entry Module TRAMS/AG Transaction Management System/Application Generator Use this guide along with the respective application s technical guide. For exampl e, if you are working with VisionPLUS CMS, you will need access to the CMS Techn ical Guide. Setting up VisionPLUS on AS/400 This chapter provides basic information about the VisionPLUS setup on the AS/400 operating platform and includes the following topics: Technical Environment VisionPLUS Libraries and User Profiles Installation and Post installation Procedures Release Tape Installation and Conversion Procedures Remote Communications. This chapter also includes screens and procedures for the following activities: Installing VisionPLUS AS/400 (RSTLIB and VPSINSTALL screens) Setting up KIKS Terminal Ids. Technical Environment PaySys International delivers your VisionPLUS AS/400 system with both source and executable code. VisionPLUS AS/400 Characteristics Listed below are the characteristics of the Vision PLUS AS/400 system: Characteristic VisionPLUS AS/400 uses Programming language and source 0COBOL. code IBM COBOL as its source code and programming language. This code is converted to native AS/40

Online Simulation File Structure AS/400 Requirements

KIKS400, an external product, as the online CICS-simulation system. Keyed and flat sequential file structures.

Using the VisionPLUS product line requires that your AS/400 system has or suppor ts the following: IBM OS/400 V5R1 or later (RISC) Program Development Tools (PDM) OS/400 ILE COBOL Compiler KIKS400 Run-time libraries. Operational Scheduling To facilitate daily batch processing activities, the Vision PLUS AS/400 applicat ions provide: Online, menu-driven update facilities for batch program parameters CL job streams for daily processing. KIKS400 Security Block PaySys delivers and installs the VisionPLUS AS/400 online software, which includ es KIKS400 run-time libraries, with a 30-day, limited-use security block. You mu st request a permanent security block for your specific AS/400 through a PaySys VisionPLUS implementation manager. If you move or copy the VisionPLUS AS/400 onl ine software to another AS/400 with a different serial number, you must request a replacement security block. Contact your PaySys Global Solution Center to requ est a replacement security block. VisionPLUS Libraries and User Profiles The installation process sets up the libraries and user profiles that BOSS requi res to run the VisionPLUS AS/400 system. The following tables identify the libra ries and user profiles that Vision PLUS establishes on the system when you load the VisionPLUS installation tape. Libraries The installation process loads the libraries listed in this table to your system . Library KIKSRUN3.0 KIKSPRD3.0 VPBPRDSRCA VPSCONTROL VPSINSTALL VPSPRDCOPY VPSPRDCUST VPSPRDCTLD VPSPRDDATA VPSPRDINIT VPSPRDLOAD VPSPRDPRTF VPSPRDQRYD Description KIKS400 Runtime Library KIKS400 Production Library VisionPLUS BOSS Source Code VisionPLUS Installation Control Library (temporary) VisionPLUS Installation Library VisionPLUS Copybook Source Members Library VisionPLUS Production Client Code Library VisionPLUS System Control Library VisionPLUS Data File Library VisionPLUS Initialized Data Files VisionPLUS Program Objects Library VisionPLUS Print File Library VisionPLUS Production Query Library

VPSRMTSUPP VPSSYSCUST VPSTSTCTLD VPSTSTCUST VPSTSTDATA VPSTSTLOAD Library VPSTSTQRYD VPSTSTPRTF VPSWRKLIB Application library ASMPRDSRCA CDMPRDSRCA CMSPRDSRCA CTAPRDSRCA FASPRDSRCA ITSPRDSRCA LTSPRDSRCA SSCPRDSRCA TAGPRDSRCA TBCPRDSRCA TDEPRDSRCA TRMPRDSRCA VPSPRDSRCA VPSPRDCOPY User Profiles

PaySys Remote Support Library VisionPLUS System Custom Library VisionPLUS Test System Control Library VisionPLUS Test Production Custom Client Code Library VisionPLUS Test Data File Library VisionPLUS Test Project Object Library Description VisionPLUS Test Production Query Library VisionPLUS Test Print File Library PaySys Remote Support Work Library Source code library description ASM Source Code Library CDM Source Code Library CMS Source Code Library CTA Source Code Library FAS Source Code Library ITS Source Code Library LTS Source Code Library SSC Source Code Library TRAMS/AG Source Code Library TRAMS/BC Source Code Library TRAMS/DE Source Code Library TRAMS Source Code Library VisionPLUS BOSS AS/400 Source Library VisionPLUS Copybook Library (for all VisionPLUS systems)

The installation process also installs the following user profiles. Use these sa mple profiles to build other user profiles on your AS/400. Profile name Security Classification VPLUS *SECOFR VPSBASEUSR *USER VPSOPER *SYSOPR VPSPGMR *PGMR VPSUSER *USER Support Systems LINK/400 What is LINK/400? In order to link BASE24 software products which resides on a Tandem machine runn ing on Guardian operating system and those AS/400 host applications running on O User profile used by PaySys personnel for remote dial-in support Sample VisionPLUS base user automatic sign-off profile Sample VisionPLUS operator profile Sample VisionPLUS programmer profile Sample VisionPLUS user profile Description

Link/400, BASE 24

S/400 operating system, a communication middle-ware that is friendly for both si des is needed. Link/400 was created to cater for this communication. Link400 family includes Li nk400-LU0 that supports LU0 protocol, Lin400-LU62 that supports LU6.2 protocol a nd Link400-TCP/IP that supports TCP/IP protocol at the application level for com munication. Link400-LU0 is developed using the IBM's Finance Communication. Link400-LU62 is developed using CPI Communications program calls in SAA RPG III. Link400-TCP/IP is developed using socket API in ILE C/400. Link400-TCP/IP is much easy to opera te, to administer and to upgrade. Functional Description Link400-TCP/IP is a middle ware designed to run on the IBM AS/400 product line b y employing the reliable TCP stream sockets in full duplex mode. It links those applications running on AS/400 to the ISO/ANSI Host Interface of BASE24. Link400 can take care of the message formatting, reformatting and routing. Link400-TCP/IP consists of the following main modules. These are: The TCP/IP Receiver Server, which receives transaction messages from BASE24 dire ctly. The TCP/IP Sender Server, which transmits transaction messages to BASE24 directl y. The Link400-TCP/IP Data Queue and SAF file Monitor, which monitors the AS/400 Da ta Queue objects and Link400-TCP/IP sender and receiver server SAF (Store-And-Fo rward) files to ensure guaranteed delivery of messages between BASE24 products a nd AS/400 applications. The Link400-TCP/IP Host Application Simulator (optional) which acts as an AS/400 financial authorization system (the issuer) for the system integrated testing o f Link400-TCP/IP with BASE24 products. The Formatter (Optional) which has two responsibilities: Parsing ISO-8583 Messag es into the AS/400 host application internal format; Routing transactions to dif ferent applications based on transaction code & Product ID (ATM or POS). The Re-Formatter (Optional), which formats the Internal message into ISO-8583 a nd routes the message to two different data queues (if so configured) based on p roduct ID. Link400-TCP/IP programs run in a separate subsystem called TANDEMTCP. This subsy stem has its own memory pool allocated to it, and jobs run at a slightly higher priority than interactive jobs for the purpose of immediate response to financia l transaction requests. Product Features The following summaries the functionality and capabilities of Link400-TCP/IP: Resides on the AS/400 host and is compatible with OS/400(V5R1 or higher). It is designed for use with all AS/400 configurations. Supports local communications media like LAN as well as remote communications me dia over WAN. Supports both acquirer and issuer transaction processing for BASE24-ATM, BASE24POS, BASE24-Teller, BASE24-TeleBanking, BASE24-FHM, BASE24-Mail applications and so forth. Supports BASE24 Host Interface (ISO and ANSI), BASE24 Interchange Interface (ISO and ANSI). Supports concurrent multi-sessions and multi-threaded communications, without bl ocking and waiting. Supports SAF (Store-And-Forward) function. Link400-TCP/IP can store messages int o AS/400 database files at any sending points when the link between Link400-TCP/

IP and BASE24 is down or when the data queues are not available. There is also Qu eue Overload Management function within the Link400-TCP/IP Data Queue and SAF fil e Monitor modules. The Link400-TCP/IP Data Queue and SAF file Monitor processes are looking after pairs of SAF file and data queue. It is useful in the case of night-sleep host or limited system resources to ensure the working data queues t o be available even for high traffic volume. Supports the character set translation between ASCII and EBCDIC. Supports message auditing. It can log all the incoming and outgoing messages int o AS/400 database files. Can provide OS/400 data queue access API in ILE CL/400 for the interface with ex isting AS/400 host applications. Link400 TCP/IP is scalable. Link400-TCP/IP could be replicated within a machine or provide more routers to help improve traffic throughput. Link400-TCP/IP servers can support high-volume transaction environment. Under th e stress test with Generic Simulator of BASE24 to fire 100 request transactions within 1 second (set "REPEAT 100": send 100 transactions; "SET DEVICEDELAY 1" : a timeout interval in 100'ths of a second), all the 100 request transactions sent by BASE24 Generic Simulator within 1 second have been received by the Link 400-TCP/IP Host Application Simulator correctly and responded to BASE24 via Link 400-TCP/IP servers. Not a single transaction was lost. Can be modified to support ISO message formatting and reformatting between BASE2 4 and AS/400 hosts. To support our customer s investments in its current applicati ons, Link400-TCP/IP can reformat messages to cater for the existing AS/400 host applications formats. Can be deployed as a router and/or a gateway. Link400-TCP/IP can route request/r esponse messages to/from different applications within the same AS/400 host or d ifferent AS/400 hosts. The Link400-TCP/IP Host Application Simulator provides the ability for system in tegrate test in a wide scope including BASE24-ATM, BASE24-POS via BASE24-HISO, e tc. Can be modified to handle network management (logon, logoff, echo test) between BASE24 and AS/400 hosts. Can be developed to pass selected fields instead of all fields in the message to the AS/400 host applications and buffer the rest. When response message comes f rom host, Link400-TCP/IP could plug in buffered fields and send them back to BAS E24. Upon request, Link400-TCP/IP can be modified to interface with IBM MQ Series on AS/400. Upon request, file transfer functionality between Tandem and AS/400 can be devel oped over TCP/IP protocol. Upon request, Link400-TCP/IP can support MACing and key exchange. Installation of Link400 in the AS/400 & Setup Procedure Uploading the PC file to AS/400. 1.In AS/400, create a save file named LINK400. 2.Unzip LINK400 (from the CD) and put to the local hard disk. 3.Run Windows MSDOS Prompt program. 4.Go to the PC directory containing the LINK400 file. 5. Initiate FTP to AS/400. Type ftp [nnn.nn.nn.nn] where [nnn.nn.nn.nn] is the AS/400 IP address. Enter the AS/400 user-id and password Upload the PC file to AS/400. Ensure that the PC file has already been unzipped before proceeding with the upload. Type bin to make a binary ftp. Type cd [library name] where [library name] is the AS/400 library containing the p reviously-created save file. Type put link400 to upload the pc file to the AS/400 save file.

6.Display the AS/400 save file to view the objects including the save file detai ls. Installation and Setup Restore Link400 Application Restore Link400 to the AS/400 machine. Use the RSTLIB or RSTOBJ command to resto re the LINK400 save file. If RSTOBJ command is used, create the ACIDEMO library first then restore the objects to this library. Set up the library and object authority. Set up License, Subsystem Description, Job Description and Parameters. License Update the B24PWD data area with the license code (given by ACI) using the CHGDT AARA command. Subsystem Description TANDEMTCP Display the subsystem description to verify the library used on the Auto-start J ob Entries, Job Queue Entries, Routing Entries Programs, objects and class. The library must be ACIDEMO. If Link400 is restored to a different library name, the n the subsystem description must be changed accordingly. L4FRMT (Optional in TANDEMTCP. Job Description Set the appropriate parameters for the following job descriptions: 1) TCPRCVCL; 2) TCPSNDCL; 3) QRCVMONCL; 4) QSNDMONCL; 5) FORMATCL and 6) REFORMATCL User-id: Enter the AS/400 user-id that will be used to run the job. The user-id must have all authority to the Link400 objects. Initial library list: The library list must contain the libraries below. If Link 400 is restored to a different library, replace ACIDEMO with the new library nam e. ACIDEMO QGPL QTEMP Link400 Run Parameters Receiver/Sender (i.e. communications) module Add ACIDEMO to the library list. Go to the Receiver/Sender Main Menu. Type GO L4TCPIP. Select Option #1 to set the Link400 Receiver/Sender Run Parameters. Formatter/Reformatter module (Optional) Add ACIDEMO to the library list. Go to the Formatter/Reformatter Main Menu. Type GO L4FRMT. Select Option #1 to set the Link400 Formatter/Reformatter Run Parameters. Link400 is finally installed and ready to run. used by Formatter/Reformatter module) Do the same check as done

Link400 Functional Specifications 1. Subsystem -TANDEMTCP All jobs related to LINK400-TCP/IP will run in batch under this subsystem. A sep arate memory pool is assigned to this subsystem and jobs run at a slightly highe r priority (or lower in AS/400 term) than interactive jobs for the purpose of im mediate response to financial transactions. If the location of object programs is changed, you may need to change the entrie s in this subsystem. Subsystem TANDEMTCP should automatically start after every IPL, and must be acti ve at all times. Four Auto start jobs are assigned to this subsystem: the Link400TCP/IP Receiver Server, Link400-TCP/IP Sender Server, the Link400-TCP/IP Data Qu eue and SAF file Monitors for both receiving data queue, sending data queue as w ell its corresponding SAF files. Checking Entries in the TANDEM Subsystem Check these three entries in the TANDEMTCP Subsystem using the DSPSBSD command: 1.Autostart, 2. Job Queues, 3. Routing. A further discussion of each entry foll ows. Autostart Job Entries When this subsystem is first started, the following autostart job is initiated: JOB TITLE Job Description RCVQMONSRV Monitoring the receiving data queue and its corresponding SAF file(SAFI) SNDQMONSRV Monitoring the sending data queue and its corresponding SAF file(SAFO) TCPRCVSRV TCP/IP Receiver Server TCPSNDSRV TCP/IP Sender Server Make sure the library lists in the job descriptions are correct. Job Queues Entries Four job queues are associated with the subsystem: Job Queue Max Active Description TCPRCV 1 Receiver Server TCPSND 1 Sender Server

RCVQMON 1 Receiving Data Queue/SAF monitor SNDQMON 1 Sender Data/SAF monitor Routing Entries The routing entries used are specified below. TCPRCVCL, TCPSNDCL, QRCVMONCL, QS NDMONCL are used together with Autostart Job Entries. QCMD is the default progra m used for batch job execution. Seq Nbr Program Library Compare Value 50 TCPRCVCL ACIDEMO 'TCPRCVCL' 70 TCPSNDCL ACIDEMO 'TCPSNDCL' 75 QRCVMONCL ACIDEMO 'QRCVMONCL' 80 QSNDMONCL ACIDEMO 'QSNDMONCL' 90 QCMD QSYS *ANY Setting Up A New Environment Use the following check list when you move the subsystem into a new environment (eg. production). Use the command DSPSBSD TANDEMTCP to confirm. Are the library names for Autostart Job Entries correct? Use command CHGAJE to correct. Are the library names for Job Queue Entries correct? Use command CHGJOBQE to co rrect. Are the library names for Routing Entries program, program object and class corr ect? Use command CHGRTGE to correct. 2. Link400 TCP/IP Menu

To see the LINK400 TCP/IP menu, type GO L4TCPIP at the command prompt. The follo wing menu will appear: L4TCPIP Link/400 TCP/IP Communications Menu System: ACIAS400 Select one of the following: 1. Setup TCP/IP Server Options .--------------------------. Tandem/BASE24

2. Start TCP/IP Server Subsystm 3. Stop TCP/IP Servers 4. Work With TCP/IP Server Subsystem 5. Work with TCP/IP Connection Status 6. Work with TCP/IP Interface Status 7. Send Logon 8. Send Logoff 9. Display Request Message 10. Display Response Message Selection or command ===>

'--------------------------' ^ .......................... : V : :.--------. .--------.: : sender receiver: :'--------' '--------': : AS/400 : : : : ^ v : : Data Q2 Data Q1 : :..........................: (c) ACI Worldwide (Asia) Pte. Ltd.

F3=Exit F4=Prompt F9=Retrieve F12=Cancel F13=Information Assistant F16=AS/400 main menu 2.1 MENU OPTION 1: Setup TCP/IP Server Options

This option is to setup Link400-TCP/IP Communication Parameters. The following s creen will display: Link/400 TCP/IP Interface Parameters System: ACIAS400 Profile Name: L400TCPIP Job User ID: HUJUN Server Port Number. . . . . Data Queue Name . . . . . . Data Queue Library. . . . . ASCII-EBCDIC Translation? . Clear DataQ at Startup? .. Log Messages? . . . . . . . Clear Log File at Startup? Display Trace Information? Requests 9998 B24RQST ACIDEMO Y Y Y Y Y Responses 9999 B24RESP ACIDEMO Y Y Y Y Y Message Queue: QSYSOPR Job Library List ACIDEMO QGPL QTEMP

Log File Retention Days . . 30

F3-Exit

Enter-Save

2.2

MENU OPTION 2: Start TCP/IP Server Subsystem

This option is to start Link400 -TCP/IP server subsystem: TANDEMTCP. 2.3 MENU OPTION 3: Stop TCP/IP Servers

This option is to stop Link400 -TCP/IP server subsystem: TANDEMTCP. 2.4 MENU OPTION 4: Work With TCP/IP Server Subsystem

This option is to work with Link400 -TCP/IP server subsystem: TANDEMTCP. If Link 400 - TCP/IP subsystem is running, the following similar screen will display: Work with Active Jobs 0 CPU %: 12.9 Elapsed time: 00:04:33 Active jobs: 03/02/00 11:12:13 62 ACIAS40

Type options, press Enter. 2=Change 3=Hold 4=End 8=Work with spooled files Opt Subsystem/Job TANDEMTCP RCVQMONSRV SNDQMONSRV TCPRCVSRV TCPSNDSRV User QSYS HUJUN HUJUN HUJUN HUJUN

5=Work with 6=Release 13=Disconnect ... Type CPU % Function SBS .3 ASJ 1.0 ASJ .8 ASJ 1.6 ASJ 1.8

7=Display message Status DEQW TIMW LCKW TIMW TIMW

Bottom

2.5

MENU OPTION 5: Work With TCP/IP Connection Status

This option is to work with TCP/IP connection status. The following similar scre en will display: Work with TCP/IP Connection Status System: Local internet address . . . . . . . . . . . : Type options, press Enter. 4=End 5=Display details Remote Opt Address * * * * * 172.21.16.21 172.21.16.21 172.21.16.170 172.21.16.170 172.21.16.170 172.21.16.170 Remote Port * * * * * 4751 4752 1032 1033 1034 1035 Local Port Idle Time State ftp-con > 047:26:13 Listen telnet 003:20:48 Listen as-file 075:35:14 Listen 9998 000:00:25 Listen 9999 000:00:26 Listen 9999 000:00:26 Established 9998 000:00:25 Established telnet 000:08:02 Established telnet 000:10:06 Established telnet 000:08:03 Established telnet 000:00:04 Established *ALL ACIAS400

F5=Refresh F11=Display byte counts F13=Sort by column F14=Display port numbers F22=Display entire field F24=More keys 2.6 MENU OPTION 6: Work With TCP/IP Interface Status

This option is to work with TCP/IP interface status. The following similar scree

n will display: Work with TCP/IP Interface Status System: Type options, press Enter. 5=Display details 8=Display associated routes 12=Work with configuration status Internet Opt Address 127.0.0.1 172.21.16.26 Network Address 127.0.0.0 172.21.16.0 Line Description *LOOPBACK ETHLINE 9=Start Interface Status Active Active 10=End ACIAS400

2.7 MENU OPTION 7: Send Logon This option is to send a 0800 ISO logon message to BASE24 side. The following me ssage will be displayed at the bottom of the screen: LOGON Message Sent to Data Q : B24RESP . 2.8 MENU OPTION 8: Send Logoff This option is to send a 0800 ISO logoff message to BASE24 side. The following m essage will be displayed at the bottom of the screen: LOGOFF Message Sent to Data Q: B24RESP . 2.9 MENU OPTION 9: Display Request Message This option is to display all the request message received from BASE24 side. The following similar screen will display: Display Report ACIDEMO/TCPLOGIN Report width . . . . . : 1073 Position to line . . . . . Shift to column . . . . . . Line ....+....1....+....2....+....3....+....4....+....5....+....6....+....7.. ..+....8....+....9....+...10....+...11....+...12.... Time & Date Remote Message Received Received Location Query . . . :

000001 14:22:00 03/02/00 RECEIVERPROC ISO0050000540810822000000200000004000000 00000000010821452600000300001 14:22:12 03/02/00 RECEIVERPROC ISO005000054081082200000020000000400000 000000000010821452600000300001 2.10 MENU OPTION 10: Display Response Message

This option is to display all the response message sent to BASE24 side. The foll owing similar screen will display: Display Report Query . . . : ACIDEMO/TCPLOGOT Report width . . . . . : Position to line . . . . . Shift to column . . . . . . 1073

Line ....+....1....+....2....+....3....+....4....+....5....+....6....+....7.. ..+....8....+....9....+...10....+...11....+...12.... Time & Date Remote Message Sent Sent Location

000001 14:19:32 03/02/00 SENDER--PROC ISO005000050080082200000000100000400000 00000000001082145260000030160100002011N00156001 000002 14:21:41 03/02/00 SENDER--PROC ISO005000050080082200000000000000400000 0000000000414014800888888002 000003 14:22:11 03/02/00 SENDER--PROC ISO005000050080082200000000100000400000 00000000001082145260000030160100002011N00156001 ****** ******** End of report ********

BASE24 BASE24 will drive all the ATMs, POS and Payment gateway network. BASE24 will be the single point entry for the interchanges (includes VISA / Master and AMEX), w hich will route the transactions to the Credit Card host or to the Retail host d epending on the card being used for the transaction. Vision Plus system will be the central host and responsible for maintaining the credit card information. Communication between BASE24 and Vision Plus will be in ISO 8583:1987 message formats. Link400 will be installed on the AS/400 system, which will take care of the message delivery, and TCP/IP connection. Vision Plus has got an Authorization system called FAS. Vision Plus will develop a custom code outside the FAS system, which will convert the BASE24 ISO message into the format required by Vision Plus and writes it to the appropriate messag e queue. It is recommended by FSS that BASE24 will have another DPC station and one more IDF record to give more flexibility in the transaction setup support. BASE24 will stand in and authorize for transactions when the host does not respo nd with in the time out period or the host system is not available. The online transaction would be considered as an authorization transaction insid e the Vision Plus system and subsequently be settled with the log files (TLF and PTLF) at the end of the day.

OPERATIONS OF BASE24 CAF Refresh Process: The process of generation of the CAF handoff file from the VisionPLUS through th e upload of this file to the Base24. Source: Generated from VisionPLUS after Batch Run.(Daily). Check List Reference Number : Procedure 1.From OPRTEST ID Select option 31 FTP. 2.Select option 1 Base24 FTP & Embossaa Chennai. 3.Select option 3 - Caf Pbf & Hmcfout 4.Press enter. 5.This will ftp the AMCFOUT & HMCFOUT in C:\CAFREFR & AMPFOUT IN C:\PBFREFR of 132.180.188.159 Pc from which the BASE24 will pick the file. Now log on to the BASE24 session by the following procedure. 1.Click on OUTSIDE VIEW. 2.You will get the TACL prompt. 3.Type logon nprd.credit and press enter. 4.It will ask for Password give the password and press enter. 5.On entering correct password the following prompt will be displayed $data3.crd tcntl 1 > 6.Like this open three sessions. 7.Fr toggling of sessions command is "CTRL + TAB"

Type "ccshowmenu" in one of the session of base24 you will get main menu . *********************************** * MAIN MENU * *********************************** * 1. TLF Extract * * 2. TLF Transfer To Vision PLUS * * 3. Refresh Menu * * 4. Deposit Txn Credit Card Rpt * * 5. Base24 Reject ATM Txn Rpt * * 6. Base24 Reject POS Txn Rpt * * 7. Base24 Hotlisting RPT (FRLF)* * 8. EXIT * *********************************** Enter Option : Select 3 to go to the Refresh Menu ************************** * REFRESH MENU

* ************************** * *

* 1. Get CAF File * 2. Load CAF File

* 3. Refresh CAF File * 4. Get PBF File * 5. Load PBF File * 6. Refresh PBF File * 7. Return to Main Menu * * *

* *

************************** Select option 1. This will get the AMCFOUT file from the designated PC. Verify that the file has been taken from C:\CAFREFR Then select option 2 and load the AMCFOUT to BASE24. Then go to the second session on the BASE24 and press F2 for checking the total no. of records uploaded . Then press F3 for checking the record length of the particular file uploaded. (L en 676) After confirmation of record length Go to first session, in the Refresh Menu gi ve option 3 for CAF Refresh and go to the third session where EMSPERUS is runnin g and check the status of refresh. When the CAF Refresh is over. Press F1 on the second session where the record length of file is displayed. It will give the following Screen. P L E A S E USER NAME: NET: L O G O N PASSWORD: LOGICAL

Enter the user name & password and logical net value : then press F1 to log in You will get the following Screen *********************************** BASE24 *********************************** FILE DESTINATION: F1-ENTER DATA F10-PRINT F16-EXIT SF16-LOGOFF In file destination type CMF and press F1. You will get the following Screen BASE24-CMF FIID: CARD MANAGEMENT HDFB NPR1 01/10/30 17:12 01 OF 01

In the FIID type

and Press F5 so it will start the ISSUE MAINTENANCE.

Check in the third session (EMSPERUS) that the Issue Maintenance is complete. Then press F3.

You will get the cursor to the following line. OUTPUT DEVICE FOR FORCE/MASS ISSUE (T=TAPE D=DISK E=EMBOSS MACHINE)

ENSURE THAT THE PRINTER IS ONLINE WITH PIN MAILER STATIONERY PROPERLY ALIGNED. Type D and press F3 Go to the third session (EMSPERUS) and check that the pins are getting printed. There is a message flashed on the EMSPERUS screen "Plastic Generation Completed" . Then go to second session and press ESC twice then press SHIFT+ESC. Right Click on the screen you will get option "Receive File" click on it.

Type "$data2.nprdcntl" in machine.$volume.Subvolume and "embosscc" in file on ho st. Type file name as "embossccddmm' in local where ddmm is date and month. Give the path C:\CAFREFR where the file will be downloaded. Tick on Add Cr Lf Give Record length as "1000" and click on OK.

PBF Refresh Process The process of generation of the PBF handoff file from the VisionPLUS through th e upload of this file to the Base24. Source: Generated from VisionPLUS after Batch Run.(Daily). Check List Reference Number : Procedure 6.From OPRTEST ID Select option 31 FTP. 7.Select option 1 Base24 FTP & Embossaa Chennai. 8.Select option 3 - Caf Pbf & Hmcfout 9.Press enter. 10.This will ftp the AMCFOUT & HMCFOUT in C:\CAFREFR & AMPFOUT IN C:\PBFREFR of 132.180.188.159 Pc from which the BASE24 will pick the file. Now log on to the BASE24 session by the following procedure. 1.Click on OUTSIDE VIEW. 2.You will get the TACL prompt. 3.Type logon nprd.credit and press enter. 4.It will ask for Password give the password and press enter. 5.On entering correct password the following prompt will be displayed $data2.npr dcntl 1 > 6.Like this open three sessions. 7.For toggling of sessions command is "CTRL + TAB"

Type "ccshowmenu" in one of the session of base24 you will get main menu .

*********************************** * MAIN MENU * *********************************** * 1. TLF Extract * * 2. TLF Transfer To Vision PLUS * * 3. Refresh Menu * * 4. Deposit Txn Credit Card Rpt * * 5. Base24 Reject ATM Txn Rpt * * 6. Base24 Reject POS Txn Rpt * * 7. Base24 Hotlisting RPT (FRLF)* * 8. EXIT * *********************************** Enter Option : Select 3 to go to the Refresh Menu ************************** * REFRESH MENU * ************************** * * * * * * * ************************** Select option 4 from the Refresh Menu and get the AMPFOUT File from the PC and verify that the file has been taken from C:\PBFREFR. Then select option 5 and load the AMPFOUT File to BASE 24 . Then select option 6 and go to third session (EMSPERUS) screen and check that PB F Refresh is complete.

* 1. Get CAF File * 2. Load CAF File * 3. Refresh CAF File * 4. Get PBF File * 5. Load PBF File * 6. Refresh PBF File * 7. Return to Main Menu

HMCFOUT Refresh Process The HMCFOUT refresh is same as CAF refresh.We have to rename HMCFOUT file taken from Vision Plus as AMCFOUT and follow the process as of CAF refresh.

TLF Extract Type "ccshowmenu" in one of the session of base24 you will get main menu .

*********************************** * MAIN MENU * *********************************** * 1. TLF Extract * * 2. TLF Transfer To Vision PLUS * * 3. Refresh Menu * * 4. Deposit Txn Credit Card Rpt * * 5. Base24 Reject ATM Txn Rpt * * 6. Base24 Reject POS Txn Rpt * * 7. Base24 Hotlisting RPT (FRLF)* * 8. EXIT * *********************************** Enter Option : Select option 1 and press enter. The Following Screen will appear: TLF EXTRACT OF ONUS CREDIT CARD TRANSACTIONS Please enter Date for TLF Extract in YYMMDD format: Enter the date and press enter. Then press option 2 for transfering the file to the designated PC. Procudure for FILE TRANSFER PROTOCOL (FTP) FTP thru 132.180.8.95 address Type the User Login Name and Password Extract all the 10 files from AS/400 to PC folder with the Get command ATH1, AT H2, ATH3, PTH1, PTH2, HTSM, HNCK, HTET, HACH & VISAOUT. Open AS/400 Operations Navigator, click the Printer Output arrange the file in s orted date order, copy all the files to PC Folder then delete all the QPJOBLOG f iles Now FTP all files to FTP server 132.180.79.233

After all the Files are FTP'ed give a mail to Chennai Helpdesk for Confirmation .

INDEXING OF REPORTS AND SMART STATEMENTS

Process Document: 1. For indexing the CC reports in COLD. 2. For indexing the Customer Statement in Smart Statements. Since the batch run is a daily activity, the reports to the chennai users will b e available next morning. Statements will be indexed as and when generated (will be 20 days in th e month, as communicated) The time slot taken to do the activity in consultation with DPC is 2am to 3am. All of the following activities have to be carried out ON IP address : 132.180.1 88.159 and machine name (CHA-1684)

1. For indexing the CC reports in COLD. Exe's Involved: 1. Segregate.exe 2. Crmadmin32.exe MS 1. 2. 3. DOS Batch files Involved: Pre-Index Ready to Index After Ready to Index

Initialization Files: 1. Segregate.ini Steps to prepare Indexing of Credit Cards Report: 1.FTP all the batch run Reports in one folder on Roysten's machine name of the folder = C:\COLD 2.Click the Pre-index.Bat (batch file from C:\nor\cold\cc\segregator) this will copy the reports from the folder mentioned in point1 to the respectiv e sub systems Input folder (c:\live). Reason of doing this: we are preparing files so that we get relevent reports for COLD NOTE: Every sub sub system has 3 folders (input, output and junk) in C:\live (into the ir respective subsys folders) Before running the segregate.exe, make sure that y our output and junk folders are empty. 3.Double Click on the segregate.exe (c:\nor\cold\cc\segregator) Reason: A) It will read the relevent files(to be put in COLD) from the segregate.ini (c:

\nor\cold\cc\segregator) and place the files in the output folder of the respect ive subsystems (c:\live). B) Insert page breaks in the files. NOTE: The segregate.exe and the segregate.ini should be in one location (c:\nor\ cold\cc\segregator). 4.After the segregate is over, run the batch file (Ready-to-index.Bat) (c:\nor\c old\cc\segregator). Reason: It will copy the files from the output folder of all sub systems to one directory i.e c:\Nor\Cold\cc

5.Run the batch file After-ready-to-index.Bat (c:\nor\cold\cc\segregator) to cl ear the reports present in junk and output folder. 6.After receiveng the relevent files, which needs to be indexed in COLD go to th e crmadmin exe(shortcut on desktop CRMADMIN32) and click on indexing. 7.You will see all the files which you have put in the c:\nor\cold\cc ready to g et indexed and will be visible in the pre-indexing area. 8.Select all files and click create index. 9.The indexing will update the database of the cold, and the files will be delet ed from the location where u have put them earlier, c:\nor\cold\cc 10.The files which are not indexed will remain in the same location c:\nor\cold\ cc If any reports have not got indexed then, Create a folder of the date for which reports have not got indexes in the batch (C:\NOR\COLD\CC\ddmmyy)

Steps to prepare Indexing of Statements: All of the following activities have to be carried out on Roysten's PC , IP addr ess : 132.180.188.159 and machine name (CHA-1648) Exe's Involved: 1. CreditCard.exe (C:\NOR\COLD\CARD) 11.For Customer statements, the file (HTSM) is required to be copled to C:\NOR\C OLD\CARD Please make sure that there is no file woth the name of CUST.TXT in the folder m entioned below. If there then rename to CUSTDDMMYY.TXT 12.Execute the exe by issuing the following command on the 'DOS PROMPT' eg.CREDITCARD.EXE HTSMXXXXXX.XXX CUST.TXT

where CUST.TXT is the output file generated. 13.Copy the file CUST.TXT to the live server IP (132.180.8.47 C:\NOR\COLD\CARD) 14.After receiveng the relevent files, which needs to be indexed in COLD go to t he SSTADMIN.exe(shortcut on desktop SSTADMIN32) and click on indexing.

Procedure for ATM, POS & HotListing Reports.

1.Step for ATM Reports Type "ccshowmenu" in one of the session of base24 you will get main menu . *********************************** * MAIN MENU * *********************************** * 1. TLF Extract * * 2. TLF Transfer To Vision PLUS * * 3. Refresh Menu * * 4. Deposit Txn Credit Card Rpt * * 5. Base24 Reject ATM Txn Rpt * * 6. Base24 Reject POS Txn Rpt * * 7. Base24 Hotlisting RPT (FRLF)* * 8. EXIT * *********************************** Enter Option : Select option 5 and press enter. The Following Screen will appear ENTER THE DATE FOR ATM TXN. REPORTS. ***************************************** Please enter the Date in yymmdd(e.g 011208) :

Enter the DATE in yymmdd format as of yesterdays EOD.

The file get generated in $DATA2.CRDTRJCT > with the following name ARyymmdd Receive this file in Local PC, then FTP the same in FTP Server in 132.180.79.233 .

2.

Step for POS Reports

Type "ccshowmenu" in one of the session of base24 you will get main menu . *********************************** * MAIN MENU * *********************************** * 1. TLF Extract * * 2. TLF Transfer To Vision PLUS * * 3. Refresh Menu * * 4. Deposit Txn Credit Card Rpt * * 5. Base24 Reject ATM Txn Rpt * * 6. Base24 Reject POS Txn Rpt * * 7. Base24 Hotlisting RPT (FRLF)* * 8. EXIT * *********************************** Enter Option : Select option 6 and press enter. The Following Screen will appear ENTER THE DATE FOR POS TXN. REPORTS. ***************************************** Please enter the Date in yymmdd(e.g 011208) :

Enter the DATE in yymmdd format as of yesterdays EOD. The file get generated in $DATA2.CRDTRJCT > with the following name PRyymmdd Receive this file in Local PC, then FTP the same in FTP Server in 132.180.79.233 .

3.

Step for Hot Listing

Reports

Type "ccshowmenu" in one of the session of base24 you will get main menu . *********************************** * MAIN MENU * *********************************** * 1. TLF Extract * * 2. TLF Transfer To Vision PLUS * * 3. Refresh Menu * * 4. Deposit Txn Credit Card Rpt * * 5. Base24 Reject ATM Txn Rpt * * 6. Base24 Reject POS Txn Rpt * * 7. Base24 Hotlisting RPT (FRLF)* * 8. EXIT * *********************************** Enter Option : Select option 7 and press enter. The Following Screen will appear ENTER THE DATE FOR POS TXN. REPORTS. ***************************************** Please enter the Date in yymmdd(e.g 011208) :

Enter the DATE in yymmdd format as of yesterdays EOD. The file get generated in $DATA2.CRDTFRLF > with the following name HLyymmdd Receive this file in Local PC, then FTP the same in FTP Server in 132.180.79.233 .

Procedure for Receving the RP01CVI & RP09CVI files from BASE24. This reports get generated at 01:30 pm in next day. Login into Base24 with Super.Operator ID Give the Following Command from the Command Propmt.

$SYSTEM.STARTUP 1> spoolcom job (loc #rp01cvi) $SYSTEM.STARTUP 1> spoolcom job (loc #rp09cvi) Note down the Job no of the job then break the reports in temporary Area. $SYSTEM.STARTUP 1> p;j<job no>;le/out $data3.temp.rp01ddmm (in EOD Date) $SYSTEM.STARTUP 1> p;j<job no>;le/out $data3.temp.rp09ddmm (in EOD Date) The file get spooled in $DATA3.TEMP > fi rp0?ddmm. (EOD Date) to check whether the file gets generated. FTP this file in Local PC, then FTP the same in FTP Server in 132.180.79.233.