Facebook
Zalo
payoo_cs
Security
Network security
With the application of modern technology, specialized infrastructure, together with strict service management policies, VietUnion and its partners pledge to secure the quality of services of which information confidentiality and security are two top priorities.
In order to ensure the security of connections and information exchange, and prevent all types of attacks from both inside and outside the system, we have proposed an intensive development of overall measures of confidentiality and integrated security equipment to be used in the informatics infrastructure:
- Standard Firewall system: The Payoo system is secured with two firewalls designed to work in parallel. Each firewall is established with two layers bringing about the highest security for customers.
- Intrusion Detection/Prevention System (IDS/IPS) for important information sectors: This is aimed at maximally detecting and preventing every possible attack and intrusion against the Payoo system.
- Secure connection with partners: The Payoo system requires its partners to use the Digital Signature technology in all transactions with Payoo. The use of digital signatures will both verify the transactions and secure the integrity (read-only) of transaction information.
- The Information Security Management System (ISMS - ISO 27001:2005): This is one of the international standards of information security, most widely applied at present all over the world in general and Vietnam in particular. ISO 27001 was issued by the International Standardization Organization and the International Electronical Commission in October, 2005. With the information security system of ISMS - ISO 27001, Payoo e-wallet pledges the highest security for your information.
- Expert consultancy on network security: The Payoo e-wallet system frequently collaborates with domestic and expatriate security experts to receive latest information on network security and to work out timely measures of detecting and preventing confidentiality holes in order to bring about your highest security when using Payoo e-wallet.
- Secure signing-in: To prevent and control all possible risks during signing in your account,
Payoo e-wallet provides these two forms of securing the sign-in confidentiality:
+ Verification through OTP (One-Time Password) sent by SMS
+ Verification through OTP (One-Time Password) by Token
This is one of the relatively popular methods in electronic transactions. Before a customer confirms the carrying out of a transaction, for example transferring money, the system will create a series of digits and send the same to the registered customer’s mobile phone number by a SMS text. Upon receiving the SMS, the customer is expected to enter the said series of digits together with the transaction to ensure the money transfer is performed by the customer himself/herself. This method helps minimize the risk that a customer’s control is taken over by a certain hacker.
Token is an electronic equipment used to identify the user in place of the normal transaction mechanism of “sign-in name/password”. Each token has a unique serial number comprising 08 or 10 characters on the lower side of the token which is linked to a sole customer. The token works in the mode of automatically creating series of code numbers at random (consisting of 06 digits appearing on the display above the token) which continually vary in a definite period of time (30 or 60 seconds). Each of token codes is valid for only one sole transaction at a definite point of time and for one particular customer. Therefore, in case any token code is out, it will become invalid in later transactions. Token succeeds in bringing about high rate of confidentiality with a probability of stealing passwords of almost zero.
At present, VeriSign® Identity Protection Authentication Service has been integrated into the Payoo e-wallet system.
