Profile Account Security
- We strongly recommend that you do not use passwords that you have previously used, particularly for other online channels/services.
- If possible, CHANGE passwords on a quarterly basis, at the very least.
- NEVER disclose your passwords or pin numbers to anybody, even the NETAPPS team. If you need to reset your password or pin, please utilize the app's password reset feature or navigate to the password and pin settings page.
- AVOID using your title, nickname, or birth date as a password.
- Keep the admin user as the Account Manager role and remove or add roles you wish to assign to the account manager. For other users, remove the Account Manager role and assign roles for each user. Please double-check the phone number and email address.
- You can set your 2FA (Two-factor authentication). The 2FA login options are "Always remember" or "On Each Login". Please note that the 2FA will not impede on the connectivity.
Account Abuse and Control
Sessions expire one hour after the last successful transaction or if the app is left idle after one hour to reduce the danger of password theft or misuse; only certain KYC level accounts may modify the specified time.
To proceed with a transaction, you must enter your pin again.
Risks That May Arise If Controls Are Not Enforced
- You stand a risk if your password has been compromised or you have not changed your password in a long time.
- When using MITM techniques to connect the client network to the NETAPPS platform.
- NETAPPS is PCI DSS Level 1 Certified. All NETAPPS products have been audited by an independent PCI Qualified Security Assessor (QSA). This is the highest level of accreditation available in the global payments sector.
- NETAPPS holds a Central Bank of Nigeria Payment System Service Providers (PSSP) Commercial Licence.
- Always use longer and more complex passwords that are unique to each user. Reinforce internal credential storage and management to reduce the possible cause of future data leakage.
- Keep your PINS private, just like your passwords.
- Avoid hard-coding user credentials into a public code repository.
Verify the Authenticity of the Login Page
- Keep an eye on the URL and the site content.
- Examine the Favicon. Websites can put whatever icon they want in the tab.
- Examine the domain title. The domain title can assist you verify that you are landing on a legitimate NETAPPS technologies site.
- In your browser's address bar, look for the site's security status. A secure website will have a green padlock icon to the left of the URL in most browsers. You may check the website's information by clicking the padlock icon (e.g., the type of encryption used).As an example:
- The domain title contains many dashes or symbols.
- Domain names that mimic ours (e.g., "netAPps" or "NetAPPS").
- Sites with domain extensions tend not to be credible.
Security guidelines for SMS fraud prevention
- With the rise of cyber-attacks on the internet, online applications are being targeted in a variety of ways. To successfully fight against these assaults, we provide online application security guidelines that may be adopted based on the most prevalent web application flaws leveraged in fraud situations.
- Please do not click on any id given to your phone or email that is not from a NETAPPS certified address.
- Please keep in mind that NETAPPS will not ask you for your password, credit card information, or pin. Please disregard such messages as they are not from us.