SemansysNext ‘Trusted Application’ for Mijn Data Mijn Business (SBRNexus)
Problem:
When sending a SBR report the intermediary can use a certificate to secure the connection. The user therefore no longer uses his own organisation-bound PKI-O certificate. This means the SBR Nexus can no longer determine which intermediary sent the message.
The solution to this problem is being a ‘Trusted Application’.
What is a ‘Trusted Application’?
In short the purpose of Trusted Applications is to verify the supplier of the software package can guarantee which intermediary has sent a particular message.
In order to be approved and labelled as ‘Trusted application’ there is a list of prerequisites the application and organisation need have, some of them are listed below:
- Supplier has been designated and registered by SBR Nexus as a ‘Trusted Application’ based on an intake;
- The supplier is ISO27001 certified;
- The supplier has a central point of contact for questions about deliveries, including sender, time, etc.;
- The element <identiteitAanleveraar> in the SOAP message must be filled with the Chamber of Commerce number of the intermediary;
- The element <softwarePakket> needs to be available;
- Datacenter needs to be secure and certified ISO/IEC 27001:20113;
- Application security done by SSL-certificate and HTTPS;
- Development of the application to be done on Development, Testing, Acceptance and Production (DTAP) environments.
- Logging needs to be in place.
The SemansysNext Delivery module (or API) is proven to cover all requirements and in collaboration with SBRNexus successfully completes the delivery process. Therefore we can proudly say it’s a ‘Trusted Application’ and is available right now for you to use.
Stay tuned next week for an article about ‘SemansysNext Automated Processes’.
For more information please contact us at info@semansys.com. We would be happy to schedule a demo or provide more detail about any of our capabilities.