Authorization protection
- Information restriction for unauthorized MMP users
- MMP user session time limit
- OAuth authorization
- Error code system
- Two-factor authentication
- Single access point to the System
- Configurable user password validity period
- Access control policy
- Access limitation to hidden information
Information restriction for unauthorized MMP users
Information on the System version is restricted for unauthorized users of the Marketing Management Platform (MMP):
- MMP users can see the System version only after authorization;
- GET requests for downloading files from the server do not contain information about the System version;
- The GET /api/Version method, which returns information about the System version, is available only to an authorized user.
MMP user session time limit
Session is a period of time during which the MMP user is authorized in the System and can access API methods.
The session records the user's activity both in the user interface — MMP and outside it, for example, during API methods invocation via Swagger, Postman and others.
Starting from the System version 2022.2, sessions can be configured for each MMP user, as well as the time during which users can be inactive without leaving the session. To configure the session, proceed to the System Settings > Configurations and set the SessionsForUsersAreaEnabled and SessionsForUsersAreaTimeout parameters. For more details on session configuration, please refer to a special article.
OAuth authorization
To provide access of third-party applications to the data stored in Loymax system, the open authorization protocol OAuth 2.0 is used. This protocol allows to grant limited access to a third party to the user's protected resources without the need to provide the third party with login and password details. An access token is used instead. Access token is an alphanumeric sequence with the following encrypted information:
- identifier of the account to which access is granted;
- identifier of the application to which access is granted;
- a set of permissions (actions accessible for the application).
The access token both with the participation of the customer and without it. In the first case, authorization of the user in the system is additionally required, which then gives the application permission to access its data. Thus, two-factor protection of personal data is achieved.
In addition, the token has a lifetime limit, that is, after a certain period of time, access to the system ceases until the next authorization. When working with a Mobile Application, in addition to the access token, an update token is also transmitted, the lifetime of which is longer than that of the access token. Using the update token, a new access token is automatically created when the lifetime of the last one expires. Periodic updating of tokens does not affect the user's work in the system, but at the same time creates additional protection for access to his/her personal data.
In addition, the token has a lifetime limit, that is, after a certain period of time, access to the system ceases until the next authorization. When working with a Mobile Application, in addition to the access token, an update token is also transmitted, the lifetime of which is longer than that of the access token. Using the update token, a new access token is automatically created when the lifetime of the last one expires. Periodic updating of tokens does not affect the user's work in the system, but at the same time creates additional protection for access to his/her personal data.
Error code system
To improve information security, Loymax has developed a system of unified errors with codes.
In case of erroneous or suspicious actions with the data of Loyalty Program members (for example, when entering a phone number that already exists in the System), an error code is returned with a general description of a possible problem instead of an explicit error. The use of error codes helps to avoid database vulnerabilities and reduce the risk of fraudulent actions with the data of Loyalty Program Members, such as:
- selection of the card numbers of the Members of the PL;
- fraud (conducting fraudulent transactions using the cards of the Members of the Loyalty Program);
- theft of System user credentials;
- theft of the database of card numbers of LP Members.
Note: if it is necessary to display the error explicitly, you can issue OAuth application The right to receive an error explicitly (applicationgeterrorexplicitely). This right makes it possible to get an obvious error when registering in case of entering an existing phone. If this right is not selected, an error message will be returned stating that a confirmation code has been sent to the phone number (via SMS or using Flash Call). For data security purposes, Loymax does not recommend granting this right.
This permission also allows you to return an explicit error when accessing API methods, designed for:
- sending the confirmation code and setting a new password when password recovery;
- Member of the LP card merge;
- linking the card to the account of the LP Member;
- starting the procedure of card replacements;
- email address change;
- phone number linking and sending a confirmation code.
Two-factor authentication
To enhance security during authorization in the Loyalty Program (LP), two-factor authentication functionality is implemented in the System. With two-factor authentication, the LP Member, after entering the correct login and password, must enter the confirmation code sent to him in an SMS message.
Thus, fraudsters will not be able to select and enter other people's data for authorization in the Loyalty Program.
Enabling two-factor authentication is done by configuring the appropriate configuration parameters The system.
Authorization with the input of the confirmation code is implemented using public API. Thus, if necessary, this functionality can be added to the client services integrated with Loymax — Personal Account, Mobile app.
Single access point to the System
User access to the System can be limited to one active session, that is, only one user can work under one account at a time. If another user logs in with an already active account, the active session will be completed, a new session will begin for the new user.
By default, this limitation is removed and can be set by the administrator in the settings for each account. This mechanism enables to uniquely identify the user, providing one with only one access point to the System.
Configurable user password validity period
Special configurations enhance information security and prevent unauthorized access to the System:
- Configuration, which sets the lifetime of the user's password. The user will see a pop-up message about the need to update the password during the first authorization in the System, as well as if the password has expired.
- Another configuration sets the time limit within which the uniqueness of the password is checked, thus preventing the password from repeating.
Access control policy
The Loymax system implements the separation of access rights to various sections and functionality. To do this, use a collection of rights and their combinations, called roles. The administrator has the ability to assign roles and individual rights to users in the system settings.
This enables that information is protected from unauthorized access and provides users with only the data that they need and sufficient.
Access limitation to hidden information
To view hidden user information (card numbers, phone numbers, confirmation codes), the System user must have special rights. For example, Call Center operators have access to the functions of changing a phone number, blocking cards and accounts only with special rights.
This mechanism enables to restrict access to confidential information of persons for whom this data is redundant.