Our PCI compliance person just asked me "What is the worst case scenario if someone gets hold of the credentials in the triPOS.config file?" (triPOS Direct on localhost). What is teh worst case scenario? Thanks.
Our PCI compliance person just asked me "What is the worst case scenario if someone gets hold of the credentials in the triPOS.config file?" (triPOS Direct on localhost). What is teh worst case scenario? Thanks.
Hi Steven,
If the merchants account credentials are compromised, it may allow a clever hacker to initiate transactions against that merchants account. Worst-case would be that they are able to process returns to a card, which would pull funds from the merchants bank account.
The credentials are the primary piece of security preventing unwanted processing on a merchants account - we do everything that we can to ensure that the credentials are secured in their generation and they can only be retrieved through our portal.
Similarly these credentials should never be e-mailed in the clear and the merchants local system should be secured as to prevent malware of similar malicious software from accessing the credentials.
In the event that the credentials are compromised we can work with the merchant to generate new credentials and to put some better security in place to avoid problems moving forward.
Hope that helps - let us know if you have any further questions or concerns.
Regards,
Thank you for the detailed reply Paul. This is exactly what I wanted to know.
Just a thought though...as this is .NET, and you can encrypt sections of web.config and app.config, I wonder if you can do the same with any .config file, including triPOS.config. I am going to test later today.
I tested this and posted a question on SO about it (below). It is not possible to encrypt the values. In theory, it would be if triPOS.config had a configuration node, like this...
<?xml version="1.0" encoding="utf-8"?>
<configuration>
<tripos xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema">
<configVersion>1</configVersion>
...instead of...
<?xml version="1.0" encoding="utf-8"?>
<tripos xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema">
<configVersion>1</configVersion>
Then you could encrypt the <host> section like any other .config file. Not asking anyone to do that work, but it is an interesting thing to look into.
Steve
Hi Steven,
If the merchants account credentials are compromised, it may allow a clever hacker to initiate transactions against that merchants account. Worst-case would be that they are able to process returns to a card, which would pull funds from the merchants bank account.
The credentials are the primary piece of security preventing unwanted processing on a merchants account - we do everything that we can to ensure that the credentials are secured in their generation and they can only be retrieved through our portal.
Similarly these credentials should never be e-mailed in the clear and the merchants local system should be secured as to prevent malware of similar malicious software from accessing the credentials.
In the event that the credentials are compromised we can work with the merchant to generate new credentials and to put some better security in place to avoid problems moving forward.
Hope that helps - let us know if you have any further questions or concerns.
Regards,
- paulblick