Versions Compared

Version Old Version 2 New Version 3
Changes made by

Smruti Bhawalkar

Smruti Bhawalkar

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

The following points were asked by HDFC Team for Inbound IVR Audit Points as Evidence.

1.Dormancy parameters configuration for New and Existing Users. (Provide screenshot of Admin console else backend coding screenshot)

  1. Provide screenshot for Application password policy

  • Password expiry: Not Set 

  • Password history:  05 - Not Ok 

  • Failed login attempts:  Not Set 

  • Passwords should be changed at first logon - Not set 

  • Presence of two factor authentication for internet facing applications. - Not set

     

3.Evidence for interfacing applications.(Provide screenshot of backend where the APIs are present)

  1. Token Generation and Get Data API 

  2. Salesforce

  3. iSAC

  4. Patch management details for the application (Kamalio).

Phonon Replies:

  1. Dormancy parameters configuration for New and Existing Users. (Provide screenshot of Admin console else backend coding screenshot)

    1. Active Agents:

      Screenshot 2025-01-23 122916.png

b. Pending Agents

Screenshot 2025-01-23 123008.png

  1. Provide screenshot for Application password policy

  • Password expiry: Set.

    Screenshot 2025-01-23 160228.png

  • Password history:  05, Cannot use last 5 passwords

    image-20250124-114513.png

  • Failed login attempts:  Not Set (Video link has been shared)

  • Passwords should be changed at first logon - Not set (As passwords are set up by agents while signing up their phonon account)

  • Presence of two factor authentication for internet facing applications. - Presence of two factor authentication for internet facing applications. - Not set - Already in process and also discussed with Neeraj Sir and Keyur Vasani.

  1. .Evidence for interfacing applications.(Provide screenshot of backend where the APIs are present)

    1. Token Generation: https://capi.hdfc.com/Mowbly_api_live_dmz/api/Mowbly/GetData

    2. Get Data API : https://capi.hdfc.com/Mowbly_api_live_dmz/api/Mowbly/GetData

    3. Salesforce

    4. API (SF TOKEN GENERATION) https://login.salesforce.com/services/oauth2/token?grant_type=password&client_id=3MVG9fe4g9fhX0E4OpnKNh.peDwRBcWlqO4X0NmF_.A21k7V1vpmuYmiyTKEUkGfJNe1CXP03pKu9Q4K9Tf_q&client_secret=012E1027827AE9C1DBFBC4456B9B343C4809CDC30617FCF910E0FA0F01B4615A&username=phonon.integration@hdfc.com&password=Phonon@12345xw4eXhuyOsQZ6sM510Aql041j#123jG6UGNvh0xAyNF3avF0Nd881r

    5.  SF-GetAccountIDByFileNo : https://hdfclimited.my.salesforce.com/services/data/v57.0/query/?q=select id from opportunity where HDFC_DASH_File_Number__c='$flow.key.i_filenumber'

    6.  New Lead: https://central.phonon.io/socket/api/publish

    7. Open Page: https://central.phonon.io/socket/api/publish

    8. Query_SF Push : https://hdfclimited.my.salesforce.com/services/data/v57.0/sobjects/Case

    9. Request_SF Push : https://hdfclimited.my.salesforce.com/services/data/v57.0/sobjects/Case

    10. Loan_Complain_SF_Push : https://hdfclimited.my.salesforce.com/services/data/v57.0/sobjects/Case

    11. Deposit_Complian_SF Push: https://hdfclimited.my.salesforce.com/services/data/v57.0/sobjects/Case

  1.   iSAC ( Not having access to this)

  1. Patch management details for the application (Kamalio):- Already discussed with Sachin Srivastav.