Security Guidelines
Last Updated:
Table of Content
Introduction
The security guidelines will help you better understand the security
policies of our platform. It will also assist you in performing the
most frequent user tasks, such as authentication, file transfer, etc.,
within the Marketplace app.
Introduction
Profile Account Security
After creating your account, you will need to log in to your
Marketplace app account with your username and password. Please note
that your username cannot be modified and must match your registered
email or phone number. If you wish to update this, contact us and
explain why you want the above information changed. This is to protect
you from theft and fraud while we strive to provide better service to you.
Password Management
The marketplace password strength is configured very strongly by
default. To help safeguard your account, follow these security
password measure tips:
- We strongly recommend that you do not use passwords that you have previously used, particularly for other online channels/services.
- If possible, CHANGE passwords on a quarterly basis, at the very least.
- NEVER disclose your passwords or pin numbers to anybody, even the NETAPPS team. If you need to reset your password or pin, please utilize the app's password reset feature or navigate to the password and pin settings page.
- AVOID using your title, nickname, or birth date as a password.
Account Users
For enhanced security, here's how to maintain account user
credentials. Navigate to USER & TEAMS in the Settings menu.
- Keep the admin user as the Account Manager role and remove or add roles you wish to assign to the account manager. For other users, remove the Account Manager role and assign roles for each user. Please double-check the phone number and email address.
- You can set your 2FA (Two-factor authentication). The 2FA login options are "Always remember" or "On Each Login". Please note that the 2FA will not impede on the connectivity.
Traffic Security
We update the app on a regular basis. Please update your app to the
most recent version so we can better serve you. If you are unsure
which version, you are using or need assistance upgrading to a new
version, contact support@netappsmarketplace.com. We will gladly assist
you.
Account Abuse and Control
Sessions expire one hour after the last successful transaction or if the app is left idle after one hour to reduce the danger of password theft or misuse; only certain KYC level accounts may modify the specified time.
To proceed with a transaction, you must enter your pin again.
Risks That May Arise If Controls Are Not Enforced
- You stand a risk if your password has been compromised or you have not changed your password in a long time.
- When using MITM techniques to connect the client network to the NETAPPS platform.
Compliance
- NETAPPS is PCI DSS Level 1 Certified. All NETAPPS products have been audited by an independent PCI Qualified Security Assessor (QSA). This is the highest level of accreditation available in the global payments sector.
- NETAPPS holds a Central Bank of Nigeria Payment System Service Providers (PSSP) Commercial Licence.
General Security
- Always use longer and more complex passwords that are unique to each user. Reinforce internal credential storage and management to reduce the possible cause of future data leakage.
- Keep your PINS private, just like your passwords.
- Avoid hard-coding user credentials into a public code repository.
Verify the Authenticity of the Login Page
- Keep an eye on the URL and the site content.
- Examine the Favicon. Websites can put whatever icon they want in the tab.
- Examine the domain title. The domain title can assist you verify that you are landing on a legitimate NETAPPS technologies site.
- In your browser's address bar, look for the site's security status. A secure website will have a green padlock icon to the left of the URL in most browsers. You may check the website's information by clicking the padlock icon (e.g., the type of encryption used).As an example:
- The domain title contains many dashes or symbols.
- Domain names that mimic ours (e.g., "netAPps" or "NetAPPS").
- Sites with domain extensions tend not to be credible.
- Examine the connection type of the website. The NETAPPS web interface website uses an "https" tag, which is more secure and hence more trustworthy than the more usual "http" identification. This is because most fraudulent sites would not bother with the security certification process that a reputable https site would.
- On the webpage, look for broken English. If you see a high number of misspelled (or missing) words, poor language, or confusing wording, you should doubt the site's legitimacy.
Security guidelines for SMS fraud prevention
- With the rise of cyber-attacks on the internet, online applications are being targeted in a variety of ways. To successfully fight against these assaults, we provide online application security guidelines that may be adopted based on the most prevalent web application flaws leveraged in fraud situations.
- Please do not click on any id given to your phone or email that is not from a NETAPPS certified address.
- Please keep in mind that NETAPPS will not ask you for your password, credit card information, or pin. Please disregard such messages as they are not from us.
Thank you for choosing NETAPPS Technologies. We are committed to
protecting your privacy and security. This Privacy Policy explains how we
collect, use, and share information about you when you use our products
and services. Please read this Privacy Policy carefully. By using our
products and services, you agree to this Privacy Policy. If you do not
agree to this Privacy Policy, do not use our products and services.