Master Epay

Why It's Different

The system uses advanced technology which ensures the message is sent via secured electronic post and guarantees only the recipient can access the information.

It doesn't require integration with existing software and you could be up and running in minutes. Employees can download desktop or smartphone apps to use the service.

Security

regify services are highly secure. They use patented technology owned by regify to give you a complete end-to-end (from sending to receiving) secured solution that's easy to use.

You are not forced to use this! As an employee you can choose to use this service, or use the traditional paper version you currently receive or choose to have this as well.

Next: Benefits >

The Complete Security Service

How safe really is your most private information – your pay?

Can you guarantee to your employees that the delivery of their payslip will be secure and it will not fall into the wrong hands?

Sending paper payslips is always risky especially if they’re not sent by recorded mail direct to the employees address. This can be very costly due to the latest increase in stamp prices! More companies are now using an e-pay service but many may be surprised to find out that these are not always as secure as you think....

Sending payslips electronically rather than in a paper format can increase the security element but not all e-payslip solutions meet the required standards to guarantee secure delivery.

Most payslip by email systems send the ‘secure’ email on a store & forward or gateway system. This means the message is not sent direct to the recipient therefore it is at risk of being accessed by a third party or even the service provider.

MasterEpay guarantees a secure e-payslip delivery!

Why is it so safe?

To open the encrypted message you need to have the recipients email address, the hash code and the message key. None of which are sent together.

The email is sent encrypted without the hash code & message key so if it is intercepted on its journey the message and its attachment would be unreadable.

The hash code and message key are sent to masterEpay and then relayed to the regify clearing service neither of which have the email address details of the sender and the recipient or the message content.

Only the recipient who is registered with the regify client software is able to read the message. For added security the recipient can choose to add a password on to the email which needs to be confirmed before the message will open.

Security standards and algorithms in more detail

masterEpay powered by regify is based on established standards and proven algorithms.
regify uses the following:

  • SSL encryption

For the connection between the employee and the sender, a SSL connection is used. If you are an authenticated masterEpay member and you are using your identity-file, the complete data transfer will get encrypted in addition to SSL.

  • AES encryption

The message and attachment (*.rgf file) are encrypted using AES256. A new key is generated for each message. Compared to traditional PKI technology, certificate-based hybrid encryption is not required. As a result, the security of the message does not depend on the security of an RSA key.

  • RSA encryption

RSA encryption is used for the secure transfer of the message-key to the clearing service. masterEpay does not have access to the message key. The provider communicates on the basis of an identity-file useing RSA encryption. The information secured by using RSA needs to be secure for just one moment. A secure keylength is not needed by the regify process, as the message-encryption does not rely on RSA keys.

  • SHA-2 hashcodes

The message integrity is achieved by using SHA hashcodes with a length of 256 bit.

  • Random number generators, that qualify for cryptography

The random number generator is based on the strict NIST SP 800-90 standard. This is compliant with FIPS PUB 140-2. They are used for generating the key for the regify message, for communication to masterEpay and the regify clearing service.