Data Security
BillMax Installation
Data security is greatly influenced by the end customer's business practices. An installation of BillMax assumes adherence to standard industry security practices. They include but are not limited to the following:- The BillMax server(s) hosting both the Staff Portal and the BillMax database are behind a suitably configured firewall.
- The Staff Portal is accessible only to the users that need access.
- All network traffic from the web browser of a Staff Portal user to the BillMax server is transmitted using HTTPS.
- All network traffic from the web browser of a Customer Portal user to the Customer Portal server is transmitted using HTTPS.
- All network traffic from the Customer Portal Server to the BillMax edge service is transmitted using HTTPS.
- The Customer Portal server is behind a firewall such that the only public access is to the web server through HTTPS.
- Physical access to the servers is limited to those who need physical access to the server.
- Login accounts on the servers are limited to those who need access to the server.
Encrypted Data
- Passwords for access to BillMax portals.
- Passwords for provisioning purposes.
- Credit Card numbers and Bank Account numbers.
The encryption scheme used to encrypt passwords used to access the Staff Portal or the Customer Portal is configurable trough settings in /usr/local/billmax/local/billmax.conf. The default encryption algorithm is MD5.
When a end customer uses the Customer Portal to register, the user name and password are encrypted using BLOWFISH and temporarily written to the disk on the Customer Portal server.
Credit Card number and Bank Account numbers
- If a paper application has the Number, is the application destroyed or the Number redacted?
- Are CSRs trained to not write down Numbers on pieces of paper?
- If calls are recorded, what is done to secure the recordings or to disable the recording if a Number is being provided by the end customer?
Storage of Numbers in BillMax depends on the third party processor that will use the Numbers. If supported by both the processor and BillMax, a Token may be stored in place of the Number. Currently this option is available if IPPay® is the processor. Both Numbers and Tokens are stored using AES encryption.
If PCI compliance is enabled in BillMax, the BillMax customer is prompted to change the AES encryption key every 90 days. The AES encryption key may be composed of phrases entered through the Staff Portal by two different users with Administrative privileges for additional security. See Change the AES Encryption Key.
For identification purposes, the last four digits of a Number are stored in plain text and may be displayed in either the Staff Portal or the Customer Portal. These last four digits may also be displayed on a Billing Statement or Statement to help the end customer identify the means of payment.