Lock transactions

Blockchain data certification

Banana uses a digital certification system for the accounting data, using what is now called blockchain technology. Transactions can be locked and marked with digital codes that can guarantee, even after many years, that the accounting data are authentic. They also allow the user to make sure that the accounting data have not been modified. 

Banana.ch was the first company in the world to use the blockchain technology in the accounting field. This method (US Patent No. 7,020,640) was developped and patented in 2002..

This method, based on the blockchain calculation system, is considered so reliable that it is employed to ensure the validity of the bitcoin and of all other modern crypto-currency.
This method guarantees one of the highest levels of data integrity and conformity to international law prescriptions. You can also see the evaluations on this matter of the audit company Ernst&Young, who verified the system conformity to the legislation requirements. The new versions of the Banana Accounting software don't use the MD5 method anymore (the one mentioned in the documents), but use the Hash SH256 method.

• Ernst&Young, compatibility check to Swiss legislation (pdf in German)
  See also: Verordnung über die Führung und Aufbewahrung der Geschaftsbücher, 24.04.2002 (in German)
• Ernst&Young, compatibility check to German legislation (pdf in German)
• Securing acccounting Data (2002). Introduction document to the blockchain technology used in Banana Accounting software.

 

The lock transactions command

With the Lock transactions command of the Account2 menu, the accounting transactions are locked and marked with control codes that can certify, over the years, that the transactions have not been modified.

• The validity of a possible already existing lock is being verified
• The transactions until the lock date are being numbered progressively and are being locked. For each transaction, the digital code of the row and the progressive one are being calculated.
  The calculation of the digital codes is being done according to the sequence of the columns.
• In the accounting is being indicated that transactions with an equal or earlier date than the lock date will no longer be accepted.
   

Date of new lock (inclusive)
Specify the date up until when the transactions will be locked.

Password (optional)
It is possible to insert a password to eventually unlock the transactions or to carry out a new lock in the future.
If the program finds no errors in the transactions included in the lock date, it will lock the transactions, calculate and assign individual numbers and codes to each row of transactions which can be viewed in the Lock view on the Transactions table.

Last lock
The data of the following fields are automatically filled out by the program based on the last executed lock.

Lock valid
A "Yes" is shown if the lock is valid.

Date of lock
The date of the last executed lock is shown.

Lock number
This is the value automatically entered by the program in the last row of the LockNum column.
When the lock is repeated, if the value of the last row lock number is unchanged, it means that the lock is valid and that the data have not been altered; if however the value is changed, the program shows the following codes:

• (-1) if the lock is invalid from the first row
• (-2) if there are rows that have the same LockNum.

Progressive Hash
This is the control code present in the last transaction.
 

Lock View

All digital codes are shown along with all the information that the program used to create the digital signature.

• LockNum: the progressive number that identifies the row
• LockAmt: the cumulative transactions total, similar to the total at the end of the page, as required by some national regulations
• LockLine (hidden column): the digital code calculated according to the row values.
• LockProg: the global electronic signature (SHA-256).

The digital code LockProg
This is the main element of the certification; it uses the blockchain methodology.
The digital code is calculated according to the following values:

• The contents of the current entry, including amounts, descriptions and the description of the account at the moment of the lock
• The progressive number (LockNum)
• The cumulative balance (LockAmt)
• The progressive code of the preceding entry (LockProg).

In case the accounting data undergo even the slightest modification (for example, a date or an amount is changed), the digital code will be different. If the control number remains the same, it implies that the data are original and therefore have not been changed.
 

Check Lock

With the Check lock info command of the Account2 menu, the program verifies the validity of the lock and displays the data.

• The program recalculates the digital control codes and verifies if they correspond with the ones related to the transactions.
  • If the codes correspond, the lock is considered valid, and therefore the data are original
  • If they do not correspond, it means that the data have been changed and that they are not the original ones calculated at the time of the lock. 

 

Unlock transactions

The Unlock transactions command removes the lock and the control codes. If the lock was set with a password it will be necessary to reenter the password in order to remove the lock.
If later on you want to relock the transactions, and they have not been modified, the control numbers will be the same as the ones of the earlier lock; if however some data have been changed, the control numbers will be different.

Partial lock

If the transactions have been locked, it is possible to unlock them even partially, from a specified date. If a lock password has been set, in order proceed unlocking the transactions, you need to enter it in the specific field.
 

 

Why unlock the accounting?

In principle, the locked accounting should not be unlocked. It might happen that, after the lock, you find errors in the accounting and see the need to make corrections.
To have the opportunity to make further changes, users kept a copy of the file before the lock. If they found errors, they would restore the previous situation. In the meantime other transactions had perhaps been made, so often it happened that restoring previous versions of the accounting proved wrong. To avoid this unnecessary waste of time it was decided to make the Unlock transactions command available.

The certification must not be confused with data security. The data certification is a methodology that ensures that the accounting data are original. To prevent data from being modified, the methodology is the one related to data security. Data security procedures, however, can only be implemented in an environment that limits data access.

If the file is fully available to the user, such as when it is on a PC, people have complete control of the data. They can thus replace files easily. With a certification one cannot prevent that the data are being altered, but it will allow you to know if the data are the original ones.

The person who keeps the books is responsible for the accounting and decides whether a change is permissible or not.
 

Organizing the certification and data verification

Once you locked the transactions of the period, you need to:

• Print the lock information or print the last certified transaction row with its specific certification number (LockProgr).
• Sign and store this information along with the accounting documentation or in any other safe place.

In order to check that the accounting data are the original ones, you need to proceed as follows:

1. Impart the Show lock info command.
2. Go back to the document that shows the digital control number 
3. Check whether the row identified with the LockNum still has the same digital control number

• If the number matches , the accounting data are the same as those certified
• If the number does not match , it means that the accounting data have been modified.      

Banana works on developing applications that make it possible to compare two files and obtain indications regarding data that have been altered.
 

Data security

Digital certification ensures that the data are still the original ones. It does not prevent the modification of data.
It is the responsability of the accountant to ensure that the data are not altered. Each administration must be organized according to its size and needs.
Those who want to make sure that the data are not being altered by unauthorized persons , must employ other methods and tools, such as :

• Save the data to a secure system (protected network drive), password protected.
• Keep the copies of the data.
• Encrypt archives.   

Long-term archiving

The accounting file contains the entered data. In order to open the file and obtain a report or an account card, you need to have the program at your disposition. 

Banana Accounting gives the possibility to export all the accounting data, and its printouts as well, to Pdf, Html and Xml.
The generated file can be saved on a CD and accessed on any computer even after many years, even by persons who do not have the Banana Accounting software.