Security in payment transactions: making processes and technology secure

Further development of attack patterns as a challenge

Dates & Place

16.05.2024 ONLINE
18.06.2024 in Zurich
02.10.2024 ONLINE


Special knowledge


1 day


EUR 1.650,- plus VAT.

Thomas Dirnbauer

Thomas Dirnbauer


Security in payment transactions

Thomas Hackner

Thomas Hackner

Managing Director

HACKNER Security Intelligence GmbH

Hannes Lorenz

Hannes Lorenz

Security Consultant

HACKNER Security Intelligence GmbH


Payment security is a topic that is constantly evolving and has thus become one of the biggest challenges in corporate treasury. Companies are challenged to protect themselves against increasingly sophisticated attacks - media reports on spectacular attacks confirm that it pays for fraudsters to invest criminal energy in further developing the attacks.

Since we are constantly confronted with new fraud cases in our consulting projects, we always have an up-to-date overview of the latest attack patterns. Together with our long-standing IT security partner, Hackner Security Intelligence, we present these and present the best practices on processes and technology in payment transactions.

Main topics


  • What are the tasks of the cash manager in the company?
  • What are the minimum standards to be taken into account in the organizational structure & process organization?
  • What are the differences in the accounting or treasury perspective? Which business management approaches do you need to understand?
  • What are the requirements vis-à-vis banks?
  • What are the current trends in cash management for large and small companies?

"Recognizing "social engineering

  • "Phishing attacks" as the starting point of most attacks
  • "Vishing" and "SMSishing" easier than ever before
  • "Deepfakes" can eyes and ears be trusted?
  • "Business Email Compromise" Becomes More Sophisticated

Understanding attack patterns

  • "CEO Fraud" and its innumerable further developments
  • "Payment diversion" when payment channels change
  • "Fake invoice" when the wrong supplier comes forward

Consider technical aspects

  • Mapping of separation of functions and dual control principle
  • Dealing with administrator rights
  • Securing the communication paths between systems
  • Tamper-proof transmission of payment files

Close security gaps

  • Avoidance of critical overlaps in tasks and rights
  • Valid master data as the basis for secure processing
  • Manual payments as a "necessary evil
  • Special features of personnel payments
  • Four-eyes principle and two-way validation - a must or additional effort?

Group of participants

Managers and employees from the finance and treasury departments who are involved in or responsible for the processing of payment transactions and are interested in increasing security.


After a presentation of the most important attack patterns, the payment transaction process is analyzed in terms of content and technology with regard to critical points and best practices are defined. Finally, participants take part in a demonstration of a practical attack and gain insight into the darknet.

Feedback from our customers

I thought it was good that the view of the attacker was also presented in detail. The practical examples from a process and technical perspective were also very good.

Do you have any questions?

Marc Baumgärtner

Marc Baumgärtner

Seminar organization

Treasury Training

Other seminars

The new world of payment transactions

Organization and trends around payment transactions

SAP: Cash management and payment transactions

Increased efficiency and automation in S/4HANA

Cash pooling from a legal perspective

Tax and legal aspects of the use of cash pooling

Point-of-sale payments and e-commerce as success factors

Establish customer-oriented payment methods efficiently and with a secure future

Digitalization in Treasury

New technologies and system functionalities

Treasury Audit

Establish and review treasury management policies, guidelines and limit systems

Treasury Training