Hash code (in banking files to prevent fraude)

  • 22 July 2021
  • 7 replies

Userlevel 5
Badge +8


Hashcode is a fixed length code that can be used to verify integrity. An algorithm known as hash function can be used to create hash codes on messages/files. Ideally, these algorithms have several unique properties.


Not reversible

It is impossible to generate a message o a hash code. Hash functions are known as trap doors because they only go one way from message->hashcode


Avalanche effect

Small changes in a message lead to a big change in the hash code.


Hash collision

It is extremely unlikely that two messages will generate the same hash code. Should this happen it is known as hash collision.


Now my questions:

  • Customers/Partners: Has anyone implemented this hash coding (e.g. for exporting bank statements)?
  • IFS R&D: Is there or will there be functionality in IFS to support hash coding?

7 replies

Userlevel 7
Badge +18


Is there no solution for this?

What would be the process if this is not included in IFS?


Badge +1

Hi all, looking into same challenge - we have a modification (APPS10 UPD14) planned and estimated, but effort is substantial, if not huge. Customer is rightfully asking if this is not standard IFS - as it seems a legal / audit requirement in NL. Further comments appreciated

Userlevel 5
Badge +8

There are plans to implement this is a modification, but it seems a litle difficult to get the algoritm. There is information on the internet, but no "official” source. So the risk is, that the file is secured and the bank can not process it. So long story short: still work in progress.

Userlevel 5
Badge +9

Hi @Drausenhaus,

Did you match your requirement for implementing a hash code so that the whole file insecured?

We are also looking for a solution secure the payment file from IFS.


Userlevel 5
Badge +8

Additional info: there is a standard protocol (SHA-256) to create a hash code. Would be good if this protocol would be available in core functionality. Any comments from R&D?

Userlevel 5
Badge +8

Thanks Eranda, I was aware of the hash values. What I am looking for is a hash code that secures the whole file. With the hash value you can secure the amounts, but I would still be able to change other data in the file, like the bank account.

Userlevel 6
Badge +11

Hi @Drausenhaus

Hash values are currently embedded in some payment standards. For an example, if we take ISO20022 based CT file (SEPA or non-SEPA), ControlSum value is used as a Hash value to validate the accuracy of the file amounts. When the bank validates the file, if has total is not matched with the amounts in the file structure the payment will be rejected. So, from IFS side, when payment file is created the control sum amount has been coded as a hash amount. 

Hope you are aware that in IFS we use Checksum algorithm in several places to validate the uniqueness of the number. For an example, we use Modula10/11 algorithm to calculate payment reference in live invoices, the same validation available when validating the incoming reference in supplier invoice entry level. Further, we have used similar validation for IBAN according to the ISO13616 standard. But, you might know checksum and hash algorithms are not identical although there are some similarities.

Do you have a specific requirement to implement a specific hash value?