1. Employment Hero Help Centre (MY)
  2. Payroll Platform
  3. Pay Runs
  4. Guides

Select your platform and then browse by platform category

Who are you and what section are you in?

Secure your HSBCnet payment files with client-specific PGP keys

Paula Mercado
Updated

Available for the following plans: Plus, Unlimited HR, Engage, Elite, Unlimited HR+Payroll
Available for the following User Access levels: Admin

Maintaining secure payment processing is essential for protecting your business and ensuring your payroll operations run without disruption. By using client-specific Pretty Good Privacy (PGP) keys for HSBCnet payments, you can implement unique encryption for your organization, providing a higher level of security for your bank files. This guide will walk you through generating, rotating, and managing your own PGP key pairs to keep your bank integrations secure.

This article will show you how to manage the following:

Generate a new PGP key pair

Create unique encryption keys for your business

Unique PGP keys ensure that your payment files are signed with a private key exclusive to your organization, providing secure, per-client encryption.

  1. Log in to Employment Hero.
  2. Click the Payroll icon on the left-hand side menu.
  3. Click the Payroll Settings option.
  4. Click on the Bank Accounts option.
  5. Select your HSBCnet bank account details.
  6. Navigate to the Encrypt & Sign section and ensure it is set to Yes.
  7. Click the Generate New Key button.

Helpful Hint

When you select Generate New Key, your current key remains active until you activate the new one. This allows you time to provide the new public key to the bank before you officially switch over, preventing payment failures.

Rotate and activate security keys

Transition to your new PGP key

Key rotation is a security best practice. To avoid payment disruptions, follow a staged activation process where you provide the bank with your new public key before activating it in the system.

  1. Once you generate a new key, look for the Pending state status on the bank details screen.
  2. Click Download next to the pending public key.
  3. Provide this downloaded file to HSBC and wait for their confirmation that it has been uploaded to their system.
  4. After the bank confirms receipt, return to the bank details screen and click Activate.
  5. A confirmation box will appear. Click Yes, Activate New Key to confirm the switch.

Helpful Hint

Automated alerts will notify you one to two months before a key expires to ensure you have sufficient time to generate and provide a new key to the bank.

Warning

Do not click Activate until you are certain the bank has updated your key. If you activate the key prematurely, payment files may fail verification at the bank.

Manage pending security keys

Review timestamps and discard unused keys

Manage existing and pending keys by reviewing their generation dates or removing keys that are no longer needed.

  1. Review Timestamps: View the timestamps located next to both the Active Key and Pending Key to track when each was generated. This helps you manage your key rotation schedule.
  2. Discard a Pending Key: If you generate a key by mistake or no longer wish to use it, click Remove next to the pending key.
  3. Click Discard Key in the confirmation pop-up. This permanently deletes the pending pair while keeping your current active key in place for signing.

Explore related content

Was this article helpful?
0 out of 0 found this helpful