Core capabilities and role-based access model

Restriction:

This section describes the new interface Dashboard Light. To learn how to access this interface if you already use Dashboard, see Getting started.

Dashboard Light is a unified interface intended for use by employees of the merchant. It supports a full range of required features, and it implements a role-based access model in order to distribute rights to access different features among various specialists (with consideration of organization structure and other factors).

This section describes core capabilities, supported access roles and their specific characteristics as well as granting access rights to different roles.

Capabilities

Capabilities of Dashboard Light can be divided into the following categories:
  • Monitoring payment processing—users are able to view, filter, and search data on both completed payments and payments in-progress.
  • Executing financial operations—users are able to issue single and mass payouts and refunds (both full and partial).
  • Financial accounting and reporting—users are able to prepare and view various reports with access to the balance sheets.
  • Risk management—users are able to monitor detected fraud cases as well as compile whitelists and blacklists
  • Interface access administration—managing user accounts and distribution of access roles as well as monitoring user actions is supported.

To access one or more of these capability categories, the following roles are used.

Access roles

The following roles with the corresponding capabilities are used in Dashboard Light when access rights are distributed:
  Support Operations Finance Risks Merchant admin
  • Monitoring payment processing
+ + + + +
  • Executing financial operations
+ +
  • Financial accounting and reporting
+ +
  • Risk management
+ +
  • Interface access administration
+
These roles can be applicable for employees with the following job titles:
 
  • Support manager
  • Monitoring manager
  • Finance manager
  • Product owner
  • Product/project manager
  • Payments specialist
  • Finance manager
  • Treasury specialist
  • Accountant
  • Fraud Prevention Manager
  • Risk Manager
  • Fraud Team
  • Chief Operation Officer
  • Product owner
  • Chief Executive Officer

This selection of roles is permanent, which means that the merchant is not able to create other roles. However, for certain user accounts the permission set determined by the role can be modified; in addition, a single user account can take on several roles simultaneously which widens the range of permissions available to the user by combining permissions initially only available in separate sets of the default selection. For instance, if a user account with the Operations role access requires rights to view the balance sheet, then you can grant this user account the access rights of the Finance role which permits viewing balance information in Finance section.

User accounts with the assigned Merchant Admin role are granted a full set of permissions to access all merchant's projects, and such user accounts can only be created by ECommPay technical support specialists. User accounts with permissions granted by other roles (including accessing projects) can be created and configured by the merchant's employees with the assigned Merchant Admin role. It is important to keep in mind, however, that permissions granted to a user account apply to all projects which this user account is allowed to access. There is no selective applicability of permissions depending on the project that a user account has access to.

Access rights

Access rights to work with different sections of Dashboard Light are distributed among the roles as follows.

  Support Operations Finance Risks Merchant admin
My team
Managing user accounts +
Finance
Viewing the balance sheet + +
Reports
Viewing reports + + + + +
Payments
Viewing payments list + + + + +
Configuring the list's display mode + + + + +
Viewing payment's detailed information + + + + +
Issuing refunds + +
Manual Payments
Viewing payouts list + + +
Configuring the list's display mode + + +
Viewing payment's detailed information + + +
Issuing payouts + +
Issuing refunds + +
Risks
Viewing the list of fraudulent operations + +
Viewing whitelists and blacklists + +
Editing whitelists and blacklists + +
My profile
Editing user account's general informatio + + + + +
Managing Data API tokens + + + + +

When you access Dashboard Light with the user account which was used to access Dashboard, the effective access rights of this user account are compared to the permission sets granted by Dashboard Light access roles. The role with the most similar set of access rights is then applied to this user account for working with the new interface. The names of user access roles which were created in Dashboard are not used in the new interface. Only the names of Dashboard Light access roles are used.