topic Security Question Regarding CIM/Payment Profiles in Integration and Testing

Security Question Regarding CIM/Payment Profiles

jbh1977 — Fri, 20 Jul 2012 22:41:04 GMT

Hey,

I was just wondering - I am not ready to launch a new site but when I developed this membership site, I developed it to store profile id's (for CIM) and nothing else - no credit cards or CVV's. My question is, what are the best security measures YOU recommend as either a developer or as Authorize.net, that I may not have considered?

For instance, if a script kiddy hacks an account or our db, should these values be encrypted? Should I encode the CIM functcion pages? I just wouldn't want somebody to, heaven forbid, log in as somebody else and buy a ton of merchandise - although if they change it to their address I guess it would be pointlesss as it would decline?

what should I be 'worried' about and what should I (or any of us developers) be mindful of when it comes to CIM and being careful/keeping the site secure?

Thanks.

Re: Security Question Regarding CIM/Payment Profiles

Michelle — Wed, 25 Jul 2012 17:18:38 GMT

Hey jbh1977,

For Authorize.Net's perspective, I would suggest checking out the Developer Security Best Practices White Paper as well as this blog post on PCI. Both have many resources for you to check out concerning PCI and security.

Then, I would recommend subscribing to this post so that if any fellow developers have any recommendations, you'll be alerted via email if they respond with any comments. To subscribe, click Topic Options at the top of this thread and then select Subscribe. You'll then receive an email once anyone replies to your post.

Hope that helps.

Thanks,

Michelle
Developer Community Manager

Re: Security Question Regarding CIM/Payment Profiles

dyske — Wed, 15 Aug 2012 13:28:30 GMT

I have the same question. To provide a list of credit cards on file to the shopper, the most obvious thing to do is to create a dropdown list or radio buttons with the payment profile ID as the return value, but this means that the payment profile IDs would be revealed to the shopper. Shopper could then use something like Firebug to modify the ID. I assume that the ID must belong to the merchant ID but it would be theoretically be possible to find an ID that belongs to another shopper on the same site, and get the payment approved. Since the approval process does not require the shopper to enter correct billing address nor the shipping address, all he needs to hack it is to find the payment profile ID that works. And, if any hacker succeeds in hacking into our database, he would have a whole bunch of payment profile IDs.

So, how careful do we have to be to protect payment profile IDs? It seems like payment profile IDs are more dangerous than the credit card numbers (a single number that replaces the entire payment info.).

Re: Security Question Regarding CIM/Payment Profiles

Trevor — Mon, 20 Aug 2012 20:02:40 GMT

Payment profile IDs are not generally considered secure information. These IDs are only usable in conjunction with a customer profile ID and your specific Authorize.Net account credentials. Even in the scenario that you presented, only the payment profile ID would be changed and not the customer profile ID. This would cause an error due to the two IDs not matching.

It is assumed that your customer's are logging into your site in order for you to match them to their customer profile ID. As long as you force customers to only use their own customer profile ID, it won't be possible for another customer to be charged.