Core capabilities and role-based access model

Dashboard is a unified interface intended for use by employees of the merchant. It supports a full range of required features, and it implements a role-based access model in order to distribute rights to access different features among various specialists (with consideration of organization structure and other factors).

This section describes core capabilities, supported access roles and their specific characteristics as well as granting access rights to different roles.

Capabilities

Capabilities of Dashboard can be divided into the following categories:
  • Monitoring and analysing payment processing—users are able to view, filter, search, and visualize data on both completed payments and payments in-progress.
  • Executing financial operations—users are able to perform various types of purchases, issue payouts and refunds (both full and partial).
  • Financial accounting and reporting—users are able to prepare and view various reports with access to the balance sheets.
  • Risk and chargeback management—users are able to monitor detected fraud cases, which includes managing whitelists and blacklists, as well as to monitor chargebacks and accept specific chargebacks without going through an arbitration process.
  • Interface access administration—users (with appropriate permissions) are able to manage user accounts and distribution of access roles as well as to monitor user actions and to view settings of available projects as well as to configure URLs to return customers to the project after payment.

To access one or more of these capability categories, the following roles are used.

Access roles

The following roles with the corresponding capabilities are used in Dashboard when access rights are distributed:
  Support Operations Finance Risks Merchant admin
  • Monitoring and analysing payment processing
± + + + +
  • Executing financial operations
+ +
  • Financial accounting and reporting
+ +
  • Risk and chargeback management
+ +
  • Interface access and project administration
+
These roles can be applicable for employees with the following job titles:
 
  • Support manager
  • Monitoring manager
  • Finance manager
  • Product owner
  • Product/project manager
  • Payments specialist
  • Finance manager
  • Treasury specialist
  • Accountant
  • Fraud Prevention Manager
  • Risk Manager
  • Fraud Team
  • Chief Operation Officer
  • Product owner
  • Chief Executive Officer

This selection of roles is permanent, which means that the merchant is not able to create other roles. However, for certain user accounts the permission set determined by the role can be modified; in addition, a single user account can take on several roles simultaneously. This widens the range of permissions available to the user by combining permissions initially only available in separate sets of the default selection. For instance, if a user account with the Operations role access requires rights to view the balance sheet, then you can grant this user account the access rights of the Finance role which permits viewing balance information in Finance section.

User accounts with the assigned Merchant Admin role are granted a full set of permissions to access all merchant's projects, and such user accounts can only be created by ECommPay technical support specialists. User accounts with permissions granted by other roles (including accessing projects) can be created and configured by the merchant's employees with the assigned Merchant Admin role. It is important to keep in mind, however, that permissions granted to a user account apply to all projects which this user account is allowed to access. There is no selective applicability of permissions depending on the project that a user account has access to.

Access rights

Access rights to work with different sections of Dashboard are distributed among the roles as follows.

  Support Operations Finance Risks Merchant admin
My team
Managing user accounts +
Finance
Viewing the balance sheet + +
Reports
Viewing and managing reports + + + + +
Payments
Viewing payments list + + + + +
Configuring the list's display mode + + + + +
Viewing payment's detailed information + + + + +
Issuing refunds + +
Performing capture operations + +
Performing cancel operations + +
Payment links
Viewing the list of payment link purchases + +
Creating payment links + +
Deactivating payment links + +
Manual Payments
Viewing payouts list + +
Configuring the list's display mode + +
Viewing payment's detailed information + +
Issuing payouts + +
Issuing refunds + +
Performing capture operations + +
Performing cancel operations + +
Taking MO/TO payments + +
Risks
Viewing the list of fraudulent operations + +
Viewing whitelists and blacklists   + +
Editing whitelists and blacklists + +
Chargebacks
Viewing the list of chargebacks + +
Viewing chargeback's detailed information + +
Accepting chargeback + +
My profile
Editing user account's general information + + + + +
Managing Data API tokens + + + + +
Managing technical support bot + +
Analytics
Viewing Analytics section + + + +
Managing analytic boards + + + +
Projects
Viewing projects + + + + +
Editing project settings +

When you access Dashboard with the user account which was used to access Old Dashboard, the effective access rights of this user account are compared to the permission sets granted by Dashboard access roles. The role with the most similar set of access rights is then applied to this user account for working with the Dashboard interface. The names of user access roles which were created in Old Dashboard are not used in Dashboard. Only the names of Dashboard access roles are used.