Mobile apps aren’t just about convenience: Business apps also handle sensitive information, such as checks, security and control over user access, which is key. With this in mind, DadeSystems’ mobile app protects sensitive data with user access and encryption features geared toward the corporate market. DadeSystems — as one of two authentication options — offers a single sign-on that allows employees to access its app with the same credentials they use for their corporate apps.
As an alternative to single sign-on, DadeSystems also offers a user administration tool to its clients. Through that arrangement, companies can send their employees a secure link to their email accounts that allows them to sign up for the app and complete the configuration process. Employees, in turn, can access the app on a variety of devices, from iPhones and iPads to Android phones and tablets.
In addition, DadeSystems takes measures to protect sensitive information stored on an employee’s phone. When an employee takes a picture of a check, that sensitive data is not stored on an employee’s device. Instead, the data is always pulled down to an employee’s device in real-time and displayed for their use. To enable that transfer, the information is encrypted back and forth via an application programming interface (API), and employers can manage access to their data.
“They have full control over who has access,” DadeSystems’ CTO Doug Hathaway told PYMNTS.com in an interview.“They can manage their own users.”
This setup is important as it gives companies more control. They can take away a user’s access to check data by simply deactivating that employee’s account. The app also limits current employees’ access to data collected through the system so they can only see the information they have collected. On the back end of the application, DadeSystems offers varying levels of access for staff — such as those in the accounts receivable department, who might need access to more information.
To further enhance security, DadeSystem’s app is vanilla when a user downloads it from the app store: It doesn’t call back anywhere or have any endpoints. Instead, the software is only configured when a user completes the sign-up process, so the app knows where to call home or which APIs to use.