Using an encrypted data transmission channel

To exchange data between the Loymax system and the user's device, the HTTPS data transfer protocol is used, which provides security and confidential information exchange.

Information security is achieved through the use of SSL/TLS - a standard protocol that provides a secure connection when accessing web resources and making it impossible for outsiders to view the transmitted data.

During the establishment of a connection based on the HTTPS protocol, a random secret key is created that will be known only known to the server and the user's device. Using this key, which is generated anew at each communications session, all transmitted information is encrypted. It is impossible to access the transmitted data from the outside by selecting the secret key since it consists of more than one hundred characters.

To increase the security of the connection based on the HTTPS protocol, a digital certificate is used, which is applied for server identification of the system. It confirms the fact of server management by the person to whom it was granted. It contains all the necessary information about the owner and there is digital signature that is used to confirm authenticity. Only if the digital certificate is authenticated passes the exchange of data between the server and the user's device starts.

Using a digital signature

To ensure additional security of data transmission, each command coming from the cash register, as well as the processing response, can be equipped with an electronic digital signature (EDS).

The mechanism for using EDS involves the formation of pairs of private and public keys for processing and for each cash register device interacting with it. Requests received from the cash register and processing responses are provided with an electronic signature obtained as a result of encryption of the transmitted data using a private key. The recipient of the request decrypts the signature using the public key. The hash (a string of characters) resulting from this conversion must match the hash of the received data, which ensures that the received data has not been changed during the transmission. Thus, the digital signature provides the protection and integrity of the transmitted data.

Masking card numbers

Processing in response to cash register requests sends customer card numbers in a musked form (usually only the last 4 digits are transmitted). This is done so as not to compromise the customer's confidential information, which can be published, for example, on a cheque.

Обезличенные формулировки ошибок

Система в ответ на переданные некорректные данные в запросах, связанных с личными данными клиентов, возвращает ошибки с обезличенными формулировками. Такой подход позволяет снизить вероятность получения конфиденциальных данных путем перебора номеров карт, телефонов и прочих личных данных клиента.

На данный момент при передаче некорректных данных возвращаются следующие ошибки: