Recording of telephone conversations for documentation purposes
Implementation of recording and documentation obligations (e.g. "Taping" in accordance with MiFID II
Storage on an SMB/CIFS network share
Upload to
SFTP serverUpload of recordings to Microsoft OneDrive for Business with enforcement of retention policies
Target directory configurable via date/time variables , File name with time stamp(chronological storage)
Separate recording of the caller, the called party or both subscribers
Recording into separate files or into a stereo
WAV file recording of configured users or group membersor certain phone numbers (patterns)
Recording only of incoming calls, recording of outgoing or all calls
Recording also of calls forwarded via iFMC (use of private devices/BYOD)
Different notification announcements for incoming and outgoing calls can be uploaded (optionally also without recording notification)
Recording of announcements or queues before call acceptance
Recording of encrypted calls
Storage of metadata (call ID, caller with name (if available) and call numbers, date/time, module instance, STARFACE version and server license, reference to previous recording, etc .))
Signed checksums (SHA256/RSA) for traceability of subsequent changes
Includes check script
Database-based recording protocol
Blockchain-based linking of successive recordings (proof of completeness)Email notification of
upload errors (data is retained; new upload attempt every hour)
Data protection and function maintenance: Fluxpunkt modules "do not phone home" and are not dependent on the function/accessibility of external license servers.
STARFACE module for recording and archiving incoming and outgoing calls of a configurable user group, single user or certain phone numbers without prior notification to Windows network shares, SFTP servers or Microsoft OneDrive. The module allows the recording of conversations before they are finally connected (accepted). For example, it is possible to document announcements prior to call switching (even the ringing phase).
In particular, when providing services relating to securities transactions or the sale of financial products and insurance policies, the legislator places high demands on the documentation of all business transactions in dealing with customers. To meet these requirements, electronic records of telephone conversations must be made and archived. At the same time, it must be ensured that private conversations are not recorded.
The Fluxpunkt Call Recording module for STARFACE allows you to specifically implement these requirements. Conversations addressed to or initiated by specific groups or users are captured, recorded, and archived. The directory structure of the archive is highly configurable and allows the automatic creation of chronological folder structures.
For each call, metadata is exported in text form, making it easy to browse on any workstation PC.
Fulfilment of documentation obligations according to the Securities Trading Act (WpHG) in the version of the government draft of the Second Financial Market Amendment Act (FiMaNoG) as well as the Delegated Ordinance (EU) DV MiFID II:
Demand | Realization | |
---|---|---|
Completeness of the recording (cf. offences of the WpHG). | The Call Recording module records incoming and outgoing calls from the time when the call is set up (exception: configured notification announcements before the call starts; in this case immediately after the announcement has been played back). Recording stops automatically when the call ends . No user interactionis required. Accidental nonrecording is prevented. Without explicit user intervention (to stop a recording), the completeness of the recording is automatically guaranteed. | |
Compliance with retention obligations (5 years; or 7 years at the request of BaFin) pursuant to section 83 (8) sentence 1 WpHG. | When using Microsoft OneDrive for Business as your storage destination, you can provide proof of your retention policies that can be established and verified for the enforcement of legal retention obligations. | |
Measure to ensure recording via all terminal devices made available and also private terminal devices of employees pursuant to Section 83 (4) WpHG (provided that their use has been approved and the consent of the employees has been obtained). | Automatic recording of all calls from users in a recording group (incoming and outgoing). Also of, on mobile phones or in home offices, forwarded iFMC calls. | |
Preliminary information on the recording of telephone conversations pursuant to section 83 (5) sentence 1 WpHG. | Configurable announcement for incoming and outgoing calls prior to commencement of the recording. | |
Deletion obligation after expiry of the required retention period in accordance with section 83 (8) sentence 2 of the WpHG. | When using Microsoft OneDrive for Business as a storage target, you can use retention policies for automatic deletion once the configured storage period has expired. | |
Use of technical equipment to prevent subsequent falsification in accordance with § 83 (9) WpHG. | By activating Checksum signatures within the module configuration, the proof of unalterability is possible at any time and the integrity of records is guaranteed. If you are using Microsoft OneDrive for Business, you can use retention policies to ensure that the original copy of a file is preserved during the retention period. | |
Technology-neutral compliance with the recording requirements and retention of the original recording in accordance with the delegated MiFID II regulation. | Recordings are stored in the original telephony codec and can be played back with any standard audio player . Checksums, certificates and signatures comply with common standards (SHA256 checksums, X.509 certificates and RSA-based signatures) and can be verified with common tools such as OpenSSL platform independent. Metadata is stored and exportedas text files (UTF-8 encoded). | |
Chronologically ordered storage of records | Each recording contains a time stampas part of the first digit of the file name. This means that the chronology is retained even when sorted alphabetically. |
Office 365 and OneDrive for Business
Microsoft OneDrive for Business is available either as stand-alone license or within the framework of Office 365 -packages. Storage takes place in European data centres. Two new German data centers are currently under construction. For information about compliance assessments, privacy practices, transparency policies, and security standards, visit the Microsoft Trust Center. The OneDrive for Business Plan 2 or Office 365 Enterprise E3 Plan gives you unlimited storage when licensed for 5 or more users. We are happy to offer you a suitable Office 365 or OneDrive for Business package.
Reasons for Fluxpunkt call recording for STARFACE
Easy to use
Once set up, no interaction is required to start recording for configured groups or users. This effectively prevents accidental nonrecording. Recording stops automatically when the call is ended.
In accordance with the clarification requirements, your employees will be notified visually within the UCC-Client Callmanagers that a concrete conversation is being recorded (currently only UCC-Client for Mac). Alternatively, you can activate a separately configurable announcement for outgoing calls that informs your own employees.
Using controls, it is possible to end a recording if, for example, private topics or topics not covered by the recording obligation are to be discussed (functional scope of the UCC client; depending on the version used). On all other terminal devices, such as iFMC mobile phones, DECT handsets or table phones, it is possible to stop recording by selecting the DTMF digits *1 .
All administrative issues remain hidden from employees.
Only active membership in a recording group triggers a recording of conversations. Employees can therefore easily control whether future calls are to be recorded or not using the login/logout function key.
Authenticity
The module ensures that the original conversation is recorded without transcoding the audio data. Optionally, only the caller, only the called party or both parties can be recorded. When storing both participants in an audio file, the audio channels are managed separately (as two channels of a stereo recording) and not mixed together, so that the voice channels can be separated again at any time without loss of information.
The use of the original audio codec ensures that the original recording remains unchanged and technology-neutral. There is no lossy compression, which could eliminate conversation components, especially at volume jumps. The speech information actually transmitted is recorded.
Space saving
Common telephony codecs are also very space-saving. The recording of two voice channels in ISDN quality (G.711) requires only 1 MB per minute. This is particularly important for long-term archiving of many conversations. Thus, 72 recording hours can easily be archived on a single layer DVD.
Searchability / Metadata
For each call, all relevant information is stored in the form of a metadata file. The file name corresponds to that of the recording, extended by the extension _info.txt.
In addition to the time stamp (date time) of the start of recording, the STARFACE internal and unique call ID (CallId) is recorded within the file. The call ID is used to assign the call to call list entries within the STARFACE database. This way, call flows can be reconstructed retrospectively.
Of course, the caller and the called party are also logged - if name resolution was possible, the log contains not only the phone number, but also the caller name.
If the checksum signature is activated, a reference to the previous call including its electronic signature is added. Since the metadata is also signed, this results in a continuous linking of all records.
And since the metadata is stored as a text file (easily readable by humans and machines), not only simple post-processing is possible, but also a quick search with on-board means of common operating systems.
Legally secure storage & archiving
Various recording destinations are available for storing the recordings. Depending on the application, recordings can be saved to any Windows network share (SMB/CIFS), SFTP server or Microsoft OneDrive. In combination with Microsoft OneDrive from the Office 365 Enterprise E3 Plan, this makes it possible to enforce retention and deletion policies.
By correctly applying retention/deletion policies, using Preservation Locks (to prevent subsequent loosening of the retention/deletion policy), and using information about security, privacy, compliance, and transparency (including certifications)available from the Microsoft Trust Center, internal and external audits can be performed quickly and easily to demonstrate compliance with regulatory requirements.
On the module side, simultaneous storage on more than one storage target is also possible. Thus, recordings could also be stored in parallel on an SMB Windows share. The module configuration allows you to create new subfolders on a daily basis, which in turn can be written to a DVD on a daily basis. The DVDs can be individually destroyed at the end of the retention period and at the same time represent a non-modifiable medium that can be handed out on request.
Immediately - even before exporting the data - checksums (SHA256) of the meta and audio data are generated and, if desired, signed cryptographically (RSA). The calculated checksums and the signature are stored in the recording log. Each installation of the module has its own cryptographic key pair, from which the public key in the module can be retrieved and used for external auditing of the data.
Within the recording metadata, a reference to the last completed recording and its signature is added. This creates a blockchain-based concatenation of all records. The completeness of the records can thus be proven.
The proof that a recording is unchanged can be done at any time with the help of common tools (e.g. shasum and OpenSSL). A sample implementation can be found in our test script, which you can use to verify the integrity of a recording on the command line.
To use checksum signatures, only the activation within the module is required. The generation of cryptographic key pairs, the secure and encrypted storage of the keys and the provision of a test certificate are performed automatically by the module. This way, you simply meet the requirements for an audit-proof filing system.
Conclusion: The completeness of the recording is ensured by the module-internal database protocol and the blockchain-based linking of successive recordings. The unalteredness of the recorded data can be verified externally at any time by means of signed checksums.
Advantages
- Complete: Recording of the entire audio transmission, even before the call is accepted
- Searchable: File name and metadata file contain the date and phone numbers of the call participants
- Can be archived: Recording as WAV with the audio codec used in the original conversation (approx. 1 MB/min full duplex)
- Cloud support: Can also be used with STARFACE cloud systems
- No hardware required: No additional hardware required for archiving
- Investment protection: no dependence on external services/license servers
- Economical: Purchase once per server. No software maintenance or running costs!
Getting Started: Installation
Download the module for your STARFACE version:
für STARFACE 6.5 (v562)
Prüfskript herunterladen (OS X/Linux)
Please note that the call recording requires a STARFACE Appliance or VM with sufficient free space and an SSD with high write rates!
Parallel recordings place increased demands on the resources of your system, so that the values specified by STARFACE for appliances regarding the maximum number of calls/users will most likely not be reached.
We recommend using Enterprise/Platinum appliances or VM editions with SSD storage and at least 8 GB of RAM. If the recording data cannot be written to the storage system fast enough, this can lead to call interruptions!
Enter the module license key in the module configuration.
(How do I get a module license key?)
Please note our general information about our modules.
Content
General information
The call recording module is basically designed in such a way that it can be operated several times on one system, i.e. several module configurations can be created.
All module configurations share the integrated protocol database as well as the plant-specific certificate and key pair for cryptographic signatures.
However, individual memory targets can be specified for each module configuration.
When executing the module configurations, please note that a call that has already been recorded by one configuration will not be recorded again by another configuration.
When configuring the module for the first time, please make sure that you set the module level to at least "INFO". In this log level, the module outputs information about the test certificate and the OneDrive connection.
Recording settings
The Recording Settings section deals with the configuration of which conversations and which audio channels are to be recorded and the optional playback of recording instructions.
Audio recording
Incoming calls: Calls that are directed directly to the group to be recorded (destination is a group phone number) or to the user to be recorded (destination is the personal phone number of a user) are recorded. If several groups are to be recorded, they can be redirected to the group to be recorded using always redirection.
Outgoing calls: Calls of a user who is an active group member of the group to be recorded or who was explicitly selected as the user to be recorded are recorded. In the case of group membership, a user can log out of the recording group - e.g. by pressing a key - in order to conduct a call that is not to be recorded.
Record direct calls to active group members: Incoming calls are normally only recorded if they directly target the group or user to be recorded. If the setting "Record direct calls to active group members" is activated, additional calls are recorded that are not directed to the group or user to be recorded, but directly to the personal extension of a user who is also an active member of the group to be recorded.
The module checks separately for each incoming and outgoing call whether the recording requirements are met. If yes, an optional message is played and the recording is then started automatically.
The following options are available for the audio channels to be recorded:
- Caller
- Called party
- Both (in one file)
- Both (in separate files)
When recording both parties to a file, both parties are saved as one channel each of a stereo WAV file. The channels are merged immediately after the end of the call, but before the audio data is signed.
Special case for calls between two STARFACE users
For calls between two STARFACE users , STARFACE Version 6.4.3 does not signal an outgoing call (from the caller) to the module system, but only the incoming call (from the called party).
A recording therefore only takes place if the called party is in a recording group. In other words: It is not sufficient for the calling STARFACE user to be a member of a recording group.
Information for callers
Depending on how and where this module is used, it is possible that you are required to inform the participants of the recording of their conversation. Different audio instructions can be configured for incoming and outgoing calls. For example, your own employees, who are generally aware of the recording, can be notified of a recording being made with a simple beep, while external callers are informed in more detail.
Reference
Announcements are only played back to the respective caller (not to the called party). This means that the called party does not hear an announcement for outgoing calls.
It is assumed that in the case of outgoing calls to be recorded, the called party was informed of the recording in advance.
Testability and archiving
In the area of verifiability and archiving, checksum signatures can be activated in order to allow subsequent verification of the integrity of the recorded metadata and audio recordings.
The module creates an individual 2048-bit RSA key pair (private and public keys) on initial installation. The private key is encrypted with a secret, customer-specific password and stored in a password-protected and 3DES-encrypted KeyStore. The private key is only available within the module.
After a recording, a checksum file containing the SHA256 checksums of the meta and all audio files is created within the module. The checksum file is format compatible to shasum(Digest-SHA).
If all meta and audio data as well as the checksum file are located in one directory, the integrity can be verified using shasum -a 256 < checksum file>
.
Then a base64-encoded and SHA256-based RSA signature (based on the individual private key) of the checksum file is generated and stored in a file named <Sum
file >.SHA256withRSA.sig.
This signature ensures that the specified checksums are calculated within the module and have not been changed subsequently.
The public key of the RSA key pair is required for signature verification. This is encoded within the test certificate, which is displayed in the module configuration and output in the module log at each start.
The test certificate is <Modul-ID>issued</Modul-ID> by and for the owner "Fluxpunkt Gesprächaufzeichnung<Modul-ID>" and is valid for 100 years from the date of generation.</Modul-ID>
The authenticity of the certificate can be verified via the module log. All certificate details will be displayed there at each start.
The complete check of a recording now consists of
- the comparison of the checksums stored in the checksum file with the checksums of the audio and metadata files
- checking the signature of the checksum file with the public key of the check certificate.
Our test script is available to you as an example implementation verify.sh
are at your disposal.
Please save the test certificate displayed in the module. It does not contain any secret information, but is indispensable for a later integrity check! Without the certificate, it cannot be guaranteed that the checksums of the meta and audio data were generated by the module itself. It is recommended to have the generated certificate digitally signed by a trustworthy CA in a timely manner.
External Validation
On request we offer to check your installation of call recording and to digitally sign the authenticity of the generated certificate so that a certificate chain up to a trustworthy Root-CA results.
Storage targets
In the Storage Targets area, you can enable uploads to SMB shares, SFTP servers, and Microsoft OneDrive. It is possible to activate several different storage destinations so that the recording data is stored in several locations.
Windows share
Specify the destination network share server as the hostname or IP address only. No protocol information or similar is required (and not supported).
The user name does not require a domain specification (there is a separate field for this). The registered user needs read/write permissions for the specified share and the right to create new directories/files.
The share name must not contain any subdirectory information.
The SMB subdirectory field can contain static and dynamic directory information (separated by "/"). An example of a static specification would be the directory structure "Recording/Starface". Dynamic directory specifications consist of a composition of variables with optional static name parts, e.g. "Record-$Y_$M_$D_$h_$m_$s". Non-existent directories are created.
The following placeholders can be used in the variable name components:
- $Y = Year
- $M = Month
- $D = Day
- $h = Hour
- $m = Minute
- $s = Second
The variable components are replaced by the time stamp from the beginning of the recording.
Dynamic subdirectories can not only archive chronologically, but also prevent too many audio files from accumulating in one directory, which can lead to server-side performance problems.
The "SMB Security" field is currently a placeholder and is not yet actively considered.
SFTP
Enter the SFTP server as host name or IP address here. No further protocol information or similar is required (and not supported).
The SFTP directory should be specified relative to the home directory of the SFTP user. Please use ASCII characters only without any special characters for the directory specification.
The SFTP library used by STARFACE sometimes has problems with nested directories. If there are problems with the upload, please try specifying only one directory or a dot (".") to select the home directory of the SSH user.
On the module side, the same variable name components are supported within the directory specification as for Windwows shares.
Microsoft OneDrive
GermanCloud vs. InternationalCloud
Customers of Microsoft GermanCloud (Office 365 Deutschland or OneDrive Plan Deutschland; special and somewhat more expensive tariff for increased data protection requirements) must activate the GermanCloud option in the module configuration and use the newly generated authorisation link (identifiable by the target host login.microsoftonline.de
). For customers of the international cloud the option must be deactivated (the generated link will contain login.microsoftonline.com
).
It is neither possible to log on to the GermanCloud with access data from the international cloud, nor vice versa.
If there are problems granting access rights, please try logging in with an administrative Office 365 account.
If you want to use Microsoft OneDrive as your storage destination, click the "Authorize Call Recording for OneDrive Use" button in the Module Configuration tab "Storage Destinations". Copy the displayed link and open it with a web browser of your choice. You will be redirected to a Microsoft login page and prompted to enter your Office 365/OneDrive credentials.
You then have the option of giving the Call Recording module access to your OneDrive directory. If you confirm the access, you will be redirected to a page without content. In the browser address line you will find a parameter code=
<OneDrive Authorisierungscode>. Copy the authorization code (only the code without any other parameters) into the "OneDrive for Business Authorization Code" field within the module configuration.
The "OneDrive for Business Subdirectory" field supports the same syntax as subdirectories for Windows shares. Nested data and variable name components can be used here.
If the upload to OneDrive fails, please check the entered authorization code. If the upload still fails, repeat the OneDrive logon procedure described above.
Create retention policies in Microsoft Office 365
Configuration of retention policies |
---|
An diese Seite sind keine Bilder angefügt. |
Reference
We recommend that you use a separate Office 365 user for the Call Recording module. In this way, the configured retention policy can be selectively applied only to this user's files, without all other content being subject to the retention policy.
Notification in case of memory errors
If you would like to be notified of problems with uploading your call records, please provide an email address for notifications. The successful sending of e-mails requires that the STARFACE e-mail configuration has been carried out correctly.
For each upload attempt where at least one file could not be uploaded correctly, an email is sent. Since the files in this case remain on the STARFACE and are recorded again with the next upload attempt, it can come in short intervals to a lot of emails.
Known restrictions
Maximum size of a recording
The length of a telephone call in WAV format must not exceed 2GB (corresponds to a call of about 33h), otherwise the recording for this call will fail.
STARFACE Backups / STARFACE Redundancy Module
No STARFACE backup process may be carried out during a call recording, otherwise the target drive for the recording will be included in the backup (affects STARFACE 6.4.2.x) or ongoing recording processes will be disturbed or interrupted, whereby recorded subscribers can no longer be called (also affects other STARFACE versions). Please schedule the backup time so that no call recording takes place during this time.
Since the STARFACE redundancy module also technically triggers backup processes, the aforementioned restriction also applies to the STARFACE redundancy module. It is not compatible with the Call Recording module!
If it cannot be excluded that calls to be recorded during a backup will take place, STARFACE backups must be deactivated and a STARFACE VM edition must be used that allows external backups of the VM to be performed (snapshot-based backups) that are transparent to the application to be executed (the STARFACE system).
The STARFACE default backup can currently only be deactivated by executing the following SQL statement within the STARFACE database (please contact your STARFACE partner):
UPDATE backup_schedules SET type = 'MANUAL' WHERE id = 0;
Information on recording according to WpHG (Status 03.01.2018)
Investment service providers must inform new and existing customers as well as their own employees and authorised persons in advance in an appropriate manner about the recording of telephone conversations. Where an investment firm has not informed its clients in advance of the recording of telephone or electronic communications, or where the client has objected to the recording, the investment firm may not provide investment services to the client initiated by telephone or electronic communications, if those services relate to the acceptance, transmission and execution of client orders.
It is therefore advisable to inform customers in advance, preferably in writing, of the obligation to keep records in accordance with the German Securities Trading Act by means of a separate notification.
At the end of the required retention period, the records shall be deleted.
Information on the legally compliant implementation of applicable laws
Please understand that we are not allowed to offer any legal advice. If you have any questions regarding the legally compliant implementation of legal requirements in a specific case, please contact a person you trust who is entitled to legal advice.
Sources
- Securities Trading Act (WpHG)
- Regulation (EU) No 600/2014
- Regulation (EU) No 596/2014
- Delegated Regulation (EU) 2017/565
- MiFID II - Directive (EU) 2014/65
Directive 2014/65/EU recast - MiFID II
Delegated Ordinance (EU) of 25.04.2016
2. FiMaNoG (Second Financial Market Amendment Act)
FAQ
Frequently Asked Questions about Call Recording
General information
Häufig gestellte Fragen zu unseren STARFACE Modulen
Im Falle eines Problems, stellen Sie bitte sicher, dass Sie die aktuellste und für Ihre STARFACE-Version freigegeben Modulversion einsetzen.
Neue Modulversionen sind nicht immer kompatibel mit älteren STARFACE-Versionen und umgekehrt.
Begriffsdefinitionen finden Sie in unserem Glossar.
Installation
Lizenzierung
Preis und Bestellvorgang
Kauf / Miete
Updates und Kompatibilität
Support
Compatibility / Updates
Module version | Compatible with STARFACE version | alterations |
---|---|---|
74 | 6.4.2.10 | |
402 | 6.4.3.2x | |
403 | 6.4.3.2x | Improvement: If no storage destination is selected, no recording is created. Previously, a recording was created, which was then deleted again. |
414 | 6.4.3.2x | Improvement: Blockchain-based linking of successive recordings, recording of direct calls to group members, default configuration optimized for faster commissioning |
416 | 6.4.3.2x | Troubleshooting: With deactivated module instances and simultaneous update of the call recording module to a newer version, the internal KeyStore could be lost, whereby no test certificate was displayed anymore. The certificate was also lost when the module was deleted. |
459 | 6.5.0.30 | Compatibility update for STARFACE 6.5. with minor optimizations. Troubleshooting: Calls to numbers that contain a star are no longer recorded (e.g. execution of STARFACE functions), as this can lead to problems with file names. |
528 | 6.5 | Troubleshooting: However, if OneDrive upload was disabled, OneDrive authentication was performed with invalid credentials. |
552 | 6.5.1 | Improvements:
Bug fixes:
|
562 | 6.5.1.9 | Bug fixes:
|
Important note
Incompatibility with STARFACE security updates 6.4.2.x with x>10
For the Call Recording module we are not able to offer a compatibility update for STARFACE versions 6.4.2.x (x > 10)!
An adaptation of the module to restore compatibility with STARFACE versions 6.4.3.x has been released with module version 403.
Known problems
Schlüssel
Zusammenfassung
S
Erstellt
Status
Lösung
Betroffene Version(en)
Lösungsversion(en)
Aktualisieren
JIRA key,summary,type,created,status,resolution,versions,fixversions 20 project=FM4SF AND component = "Fluxpunkt Gesprächsaufzeichnung" 457b8a3d-7987-33b2-94cc-ee34edfec19c server=JIRA|columns=key,summary,type,created,status,resolution,versions,fixversions|maximumIssues=20|jqlQuery=project=FM4SF AND component = "Fluxpunkt Gesprächsaufzeichnung" |serverId=457b8a3d-7987-33b2-94cc-ee34edfec19c BLOCK " data-pageid="60719186"/>
Schlüssel | Zusammenfassung | S | Erstellt | Status | Lösung | Betroffene Version(en) | Lösungsversion(en) |
---|
Net RRP: 2.400,00 Euro
Purchase once per server. No software maintenance or running costs!
Are you a STARFACE Partner?
Please read our FAQ entry on the ordering process and purchasing conditions .