June 2020 Expense Standard Edition Admin Summary
Initial Post
Release Note Summaries
Authentication
**Ongoing** Deprecation of HMAC Initiates Migration to SSO Self-ServiceThese changes are part of the SAP Concur continued commitment to maintaining secure authentication.
SAP Concur will soon begin the deprecation process of removing Hash-Based Message Authentication Code (HMAC) as an SSO option. The replacement service for HMAC is SAML SSO, a self-service method of setup whereby client admins have access within SAP Concur to complete their SAML connections.
Clients currently using HMAC are encouraged to migrate to the SSO self-service tool as soon as it is released (targeted for Q2 2020). The new SSO self-service tool allows multiple portals (Identity Providers) to be added.
The HMAC deprecation includes two phases:
PHASE I:
Clients must have an Identity Provider (IdP) or a custom SAML 2.0 solution.
Clients begin testing the new SSO self-service tool.
Travel Management Companies (TMCs) prepare for onboarding new SAP Concur clients using the new SSO self-service tool, which is targeted for release in Q2 2020.
Once the SSO tool is available, customers will be notified via release notes about the official deprecation date of HMAC. As of the official deprecation date, no new clients can be onboarded using HMAC; new clients must be onboarded using the new SSO self-service tool.
Existing clients using HMAC need to be migrated using the new SSO self-service tool.
PHASE II:
Travel Management Companies (TMCs) continue migrating existing SAP Concur clients from the HMAC service to the new SSO self-service tool.
Shut down the HMAC service after everyone has migrated from HMAC to the new SSO self-service tool. Phase II is targeted to end mid-year 2020.
Business Purpose / Client Benefit: This change provides better security and improved support for users logging in to SAP Concur products and services.
Data Retention
Country Code Now Obfuscated When User Data Is RemovedAs of 2 June 2020, when user data is removed in accordance with a data retention policy, the country code associated with removed users is obfuscated by setting the country code to XX (Inactive).
Previously, the country code for removed users was set to US by default.
Business Purpose / Client Benefit: This improves reporting by consistently setting the country code data for removed users to a code designated for that purpose.
Expense Pay – Global
Privacy Statement Now Linked From UIThe payment-processing partners' privacy statements are now available from the Concur Expense UI. Links are available from the Bank Information page and from the direct deposit opt-in pop-up.
The hyperlinks point to payment-processing partners' Web sites. The contents of the privacy statements are not part of Concur Expense.
Business Purpose / Client Benefit: This change makes important information more readily accessible.
File Transfer Updates
**Ongoing** SAP Concur Legacy File Move MigrationThis release note is intended for the technical staff responsible for file transmissions with SAP. For our customers and suppliers participating in data exchange, SAP is maintaining our file transfer subsystem to provide greater security for those file transfers.
SAP will begin migrating entities that currently use a legacy process for moving files to a more efficient and secure file routing process that relies on APIs.
Clients whose entities are currently configured to use the legacy process will be migrated to the more efficient process sometime between now and the end of 2020. After they are migrated to the more efficient process, clients will see the following improvement:
With the legacy process, clients had to wait for the file move schedule to run at a specified time. With the more efficient and secure API-based process, extracts and other outbound files from SAP will be available within the existing overnight processing period shortly after the files are created.
This announcement pertains to the following file transfer DNS endpoints:
st.concursolutions.com
Business Purpose / Client Benefit: These changes provide greater security and efficiency for file transfers.
Financial Integration
Xero Accounting Integration now AvailableSAP and Xero are partnering to make accounting for expenses in Xero Accounting easier.
Concur Standard Edition enables participating clients to import Xero Accounting data (master data) into their SAP Concur configuration. This data enables clients to utilise their unique accounting data when entering expenses and/or invoices. The data is updated in SAP regularly. The master data export loads employee and invoice vendors/suppliers from Xero Accounting to SAP during the implementation.
The financial posting process sends expense claims and invoices that are ready to be posted from SAP to Xero Accounting, utilising APIs from the SAP Concur Platform. SAP sends the expense data as a supplier bill (for cash reimbursements) or as a credit card transaction (for credit card charges). The integration sends the invoice data as a supplier bill. The integration manages the transmission of expense and invoice data from SAP to Xero Accounting, and the transmission of status information back to SAP. The financial posting happens as soon as the claim or invoice is approved for payment, without waiting for a batch schedule. The client sees financial posting status information in the audit trail of the expense claim or invoice. The expense or invoice processor can view problems with the posting, allowing them to correct errors and re-send the information quickly.
Business Purpose / Client Benefit: This integration makes it easier for clients to manage their accounting information in both SAP and Xero Accounting.
Miscellaneous
**Ongoing** New URL for US Data Centre us1.concursolutions.comBeginning in May, users can connect to the US Data Centre through www.concursolutions.com or through a new URL, us1.concursolutions.com. In addition, targeted for Q3, users connecting to the US Data Centre through www.concursolutions.com will be redirected to us1.concursolutions.com.
Business Purpose / Client Benefit: The us1.concursolutions.com URL is consistent with the URL for other data centres. For example, users connecting to the EMEA data centre are redirected to eu1.concursolutions.com.
SAMLv2 SSO Certificate Expiring (25 June)The certificate provided by the SAP Concur SAMLv2 service, which is used to establish a Single-Sign On (SSO) connection with an IdP, will expire on 25 June 2020. Unless the certificate is renewed before the 25 June 2020 expiration date, the certificate expiration might prevent users from being able to successfully sign in to SAP Concur products.
SAP Concur solutions offer SSO to help make the user sign-in process easier and more secure. SSO requires that trust be established between the Identity Provider (IdP) and the Service Provider (SP). This trust is established in part by cryptographic use of certificates provided by the service provider, in this case, SAP Concur solutions.
Business Purpose / Client Benefit: To ensure that the SSO certificate adheres to the latest security standards and processes, the certificate is configured to expire and be renewed periodically.
Updated: Some TLSv1.2 Ciphers No Longer Supported (22 June)On 22 June 2020, SAP Concur solutions removed support for connections to *.concursolutions.com and *api.concursolutions.com that use the following TLSv1.2 ciphers:
AES256-GCM-SHA384
AES128-GCM-SHA256
In response to the needs of our clients, support for these ciphers was restored on 25 June.
NextGen UI
**Ongoing** Updated User Interface (UI) for Concur Expense End UsersThe continued evolution of the Concur Expense solution user interface experience is the result of thoughtful design and research that provides a modern, intuitive and streamlined experience for creating and submitting expense claims.
Concur Expense customers have the ability to preview and then opt in to the NextGen UI before the mandatory move.
Business Purpose / Client Benefit: The result is the next generation of the Concur Expense user interface designed to provide a modern, consistent and streamlined user experience. This technology not only provides an enhanced user interface, but also allows us to react more quickly to customer requests to meet changing needs as they happen.
Product Settings
Custom Fields Page Redesigned (27 May)The Custom Fields page in Product Settings has been redesigned. No existing features or functionality have been removed. Some functionality has moved.
The redesigned Custom Fields page includes the following significant changes:
The page has been renamed from Manage Custom Fields to Custom Fields.
The Custom Fields page now includes two tabs, Custom Fields and Fields We Track.
Some functionality that was previously accessed from the Custom Fields page has been moved to a new page, Manage Visibility.
Search functionality has been added to the Custom Fields page.
The Custom Fields tab provides a Basic View and an Advanced View.
Guided set-up functionality is included on the Manage Visibility page.
In addition to these significant changes, minor and cosmetic changes have also been made to the Custom Fields page.
Business Purpose / Client Benefit: These updates improve custom field management by providing a better end user experience.
**Ongoing** User Accounts Page RedesignedThe User Accounts page in Product Settings has been redesigned. The functionality remains fundamentally the same. The redesigned UI is being implemented for clients incrementally. The new UI was implemented for some clients on 30 April and has been implemented for additional clients over time. The new UI will be implemented for all clients as of 25 June.
Until 25 June, the legacy user interface will be the default interface and clients have the option to switch to the new interface. Beginning on 25 June, the new interface will become the default user management interface, and clients will have the option to switch between the new design and the legacy design. They can also provide feedback on the new design through a short, optional survey.
Business Purpose / Client Benefit: This redesign refreshes the look of the user management interface and provides a framework for future improvements to this administrative area.
Planned Change Summaries
The items in this section are summaries of the changes targeted for future releases. SAP Concur reserves the right to postpone implementation of – or completely remove – any enhancement/change mentioned here.
IMPORTANT: These Planned Changes may not be all of the upcoming enhancements and modifications that affect this SAP Concur product or service. The Planned Changes that apply to multiple SAP Concur products and/or services are in a consolidated document. Please review the additional Planned Changes admin summaries available in the June 2020 Shared Planned Changes Standard Edition Admin Summary.
Client Notifications
SAP Concur Non-Affiliated Subprocessors
The list of non-affiliated subprocessors is available here: SAP Concur list of Subprocessors (English Only)
Monthly Browser Certifications
Monthly browser certifications, both current and planned, are available with the other SAP Concur monthly release notes, accessible from What's New - Standard Edition
