At AssureBuy, providing fast, reliable and secure transaction and payment processing services is our number one priority. The protection and privacy of data residing on our systems is of utmost importance in meeting this commitment. To assist in understanding how AssureBuy safeguards its systems and data, we have outlined our security practices in the sections that follow. These security practices are based, in part, on the ANSI Information Security for Financial Organizations Guidelines, X9/TG-5 (1992) and the ISO/TR 13569 Banking and Financial Services Information Security Guidelines, Second Edition. Security practices are segmented into three primary disciplines, each of which provides a critical component in the overall security of AssureBuy networks, systems and services.
Systems security protects software and processing applications by allowing access only to authenticated users. Network security guards against unauthorized access to network components and provides secure transmissions across the network. Physical security restricts physical access to network and systems hardware, processing applications and transaction data.
Browser and Communication Security
AssureBuy uses enterprise web server software that is among the very best and most secure Internet software available. Using any browser or communications technology with Secure Socket Layer (SSL) encryption, all information (including credit card numbers, names, addresses and telephone numbers) sent to the AssureBuy servers is encrypted so that private information cannot be read by anyone except AssureBuy. The SSL protocol ensures user confidentiality, provides client and server authentication mechanisms and protects against the possibility of data being modified in-transit by a third-party.
All communication between the seller and the AssureBuy servers is done via secure connections using high grade SSL security. This security verifies that if the transaction data is intercepted, it cannot be read by anyone other than the seller and AssureBuy. The identity of each seller is automatically authenticated so that unauthorized third-parties cannot assume the seller’s identity and process transactions. Each transaction request is logged and the source of each transaction is verified before the request is processed.
AssureBuy utilizes industry standard encryption technologies to protect data traveling across AssureBuy’s networks and stores all sensitive transaction data in an encrypted format.
All service requests sent to AssureBuy systems must use the Secure Socket Layer (SSL) encryption format. SSL is the universally accepted protocol for authenticated and encrypted communication between World Wide Web (WWW) client and servers, and for back end server-to-server communications. Any buyer or seller using a web browser that supports SSL encryption (Netscape V1.2 or later, Internet Explorer v1.0 or later, or AOL v3.0 or later) can be assured that any information sent to AssureBuy will remain securely encrypted and confidential while in transit to AssureBuy.
All sensitive transaction data, such as credit card numbers and bank account numbers, are securely encrypted on AssureBuy’s systems using multiple stage, 128-bit private key encryption. Passwords and access control data are encrypted using 128-bit private key encryption. Any log files containing sensitive data and all data sent between applications is encrypted using proprietary cryptography techniques.
All of these encryption techniques, when used together, assist in securing the confidential transaction information as it travels through and resides on AssureBuy systems.
Firewalls and Access Control Lists (ACLs)
The secure firewall environment is provided by redundant Cisco 7200 series routers and state-of-the art firewalls located within the AssureBuy data centers.
The ACLs also ensure that only AssureBuy sellers have access to the AssureBuy services by blocking data packets sent from other unknown sources. Seller transactions must originate from a pre-specified, authorized IP address in order to gain access to the system. This packet level protection of services also protects AssureBuy systems from Denial of Service (DoS) attacks and is the first line of defense against unauthorized system users.
Digital Product Delivery Security
AssureBuy offers a service for real-time delivery of digital content once a payment transaction has been approved for a buyer. Use of this service requires that proprietary seller property be stored on AssureBuy systems. All seller products are transferred onto AssureBuy systems using a password restricted Secure Hypertext Transfer Protocol (HTTPS) upload utility with Secure Socket Layer (SSL) encryption. Seller products normally reside on securely protected systems without remote accessibility to Internet users with web browsers or File Transfer Protocol (FTP) applications.
Upon transaction approval, buyers are provided with access to the product download application. The download application verifies the identity of the buyer, verifies that the purchase has been approved, and verifies that the product has not already been delivered. Once the request for delivery has been made, the delivery application transfers the seller’s product from the secure location to the buyer’s web browser. If an error occurs during delivery, the same buyer may download the product a second time, but under no circumstances is a third-party allowed to download any of the sellers digital products without first completing an approved payment transaction.
User Access Control
Sellers are required to access the AssureBuy administration system only through a secure SSL browser connection. A secure digital certificate, registered with Verisgn, is in place to verify the identity of the AssureBuy server.
Sellers have the responsibility of determining which seller employees or other outside parties have access to the AssureBuy systems. All system users are assigned a unique User ID and password that must be updated on a regular basis. The system automatically guards against errors by authenticating the user each time a specific action is performed within the system and by expiring sessions which remain inactive for a specified period of time. Each user is also assigned a security access level, which prevents unauthorized access to sensitive or restricted information.
Access by AssureBuy customer support employees is restricted to a “need to know” basis only. Administrative security measures are used to control accessibility, monitor systems and detect suspicious activities.
The AssureBuy system automatically tracks and logs changes made by system users through a uniquely assigned User ID and through the IP address of the connection made by the user. The following system logging procedures are employed by AssureBuy:
Every request to the AssureBuy system is logged and in the event an error occurs, the entire request is securely archived for operator review.
Every transaction sent to a third-party payment processor is uniquely identified and logged.
Communication with the third-party payment processor is logged by the payment application.
All transaction information is archived and can only be retrieved by authorized AssureBuy personnel or by sellers through a secure administration system that logs every action taken by a system user.
The time, date, and IP address of every request is archived along with the transaction information.
All access to transaction data is logged by user ID, date, time, and the type of information viewed.
System generated errors are logged and reviewed by AssureBuy personnel. Severe errors may trigger an alert to on-call AssureBuy technicians and system operators.
AssureBuy system logs are stored on a secure network inside the AssureBuy system.
AssureBuy strives to protect data at every step in the transaction process, ensuring that errors do not result in corrupted or lost data. Database applications are mirrored and checked for accuracy and integrity on a regular basis. Any database problems generate exceptions that are monitored and checked by AssureBuy system operators.
AssureBuy networks and systems are designed specifically to protect against unauthorized changes in configuration or data. For all applications, revision control is used to ensure a change history that can be logged and reviewed. All system development is performed on off-site servers only, and is transferred to a production environment only after passing quality assurance testing procedures.
All traffic passing through the AssureBuy systems is logged and recorded in GMT time. Data center management applications have the capability of seeing down to the network transaction level to review the source/destination and IP/port pairs and report for non-repudiation and possible intrusion. Non-repudiation protects against a person denying later that a communication or transaction took place as recorded.
The data centers network security systems ensure accurate and reliable transactions by guarding against unauthorized access to networks and network related components. AssureBuy network engineers implement only best practices approaches to network authentication, authorization, administration and control.
Access control lists (ACLs) are used to permit or deny the passage of data packets through the routers by examining the source Internet Protocol (IP) address, the source transport layer port, the destination IP address, the destination transport layer port, or any combination of these items. Both routers and front-end servers are configured to accept data packets using only the Hypertext Transport Protocol with Secure Socket Layer (SSL) security (HTTPS). Any ACL violations are logged to a centrally administered server and may trigger an alert for operations personnel to investigate and resolve. The ACL logging helps identify security issues and assists in the analysis of a security event.
Additionally, AssureBuy controls administrative access to systems and software for only authenticated users with proper identification. Remote access authentication is accomplished through a select group of trusted authentication applications, including Secure Shell (SSH), pcAnywhere with RSA encryption, and Kerbertized telnet. SSH authenticates users with public key authentication, pcAnywhere uses symmetric key encryption, and Kerberos is a private key authentication system. Programs using cleartext logging and passwords do not provide strong authentication and are disabled on all systems as a standard practice.
A variety of network features and watchdog programs also protect the network and system servers against intrusive attacks and denial of service (DoS) attacks. A DoS attack is an attempt by an outside party connecting to a system in rapid succession with the intent of exhausting system resources until it can no longer provide service.
AssureBuy strives to keep all systems up-to-date by installing the latest security patches and updates. Anti-virus software is used to scan applications on all production servers. AssureBuy routinely conducts a series of remote attacks and intrusive maneuvers designed to evaluate the security of systems within the networking environment. These attacks focus on improperly configured applications, networks and operating system weaknesses.
Physical security refers to the control of physical access to facilities, networks and systems and is an essential part of AssureBuy’s overall security infrastructure. Security in place at AssureBuy’s leased data center includes the monitoring of all physical access to the facility, including the use of video surveillance, motion detectors, controlled access via a card-key entry system and on-site security personnel present 24 hours a day, 7 days a week.
All visitors to the data center are required to pre-register and must present appropriate credentials and a photo ID to gain access into the facility. Once inside the facility, access to actual systems is controlled by locked network cabinets and caged areas, locked patch panels, restricted access with card-key entry, and secure console port access.
Physical access records are kept to account for access to all systems by both data center personnel and visitors. These records can account for the movement of personnel during the event of a security incident. Additionally, maintenance records are kept on all data center systems, including power supplies, backup generators, cooling systems and fire suppression systems.