Jump to content

Is there security flaw in this design?


imgrooot

Recommended Posts

I apologize if it's the wrong section, I don't  know which other section  this question would belong in and it is the most popular section on the forum. 

 

Say I have a site where users are can purchase "packages" and to do so, they are sending payments directly to the company using a payment processor. The company tracks all the payments in the back-end. The users are also able to see their earnings, balance and withdrawals. 

 

Normally a user can make a withdrawal request and the company will send that user his earning balance.  After the user receives his earnings in his bank account, he can go back to the site and purchase a new package.  

 

That's all great. But what if I want to give an option to the users where they can use the earnings in their account on the site to purchase a new package, instead of going through a payment processor?  

For e.g. I have $100 as my earning balance in my site's account. And the package I want to purchase is $50. I can simply purchase that package using the $100 I have in my account, instead of making a withdrawal request and wait for the $100 to show up in my bank account and then I go back to the site and purchase that package using a payment processor, as I did originally.

 

I am wondering, if I give users that option, do I need to worry about anything security wise? Is that a wise option to give or should I just stick to payment processor for all user payments?

 

*note I am not asking how to code it. 

Link to comment
Share on other sites

There are so much generalization in your question that it is almost impossible to answer with any certainty. But, I will respond:

 

As I understand it:

1. Users have a 'balance' that you somehow manage.

2. Users can request a 'withdrawal" that will allow funds from their balance to be transferred to their bank

3. User can purchase items through a 3rd party processor which is paid from their bank account

 

The goal is for users to pay for items directly through their 'balance'

 

I have no idea how secure #1 and #2 currently are or if there are any checks and balances. For example, does a person review and approve payments to a bank account to ensure users aren't using malicious means to inflate their account? You could already have holes in the security that you are not aware of.

 

The bottom line (from my perspective) is that a payment processor is in the business of processing payments. That is their #1 point of being in business. And, assuming they have many sites that they support, the probability that any exploits have been found (and fixed) is very high. If you want to build your own custom process for accepting "payments" from the user's balance you will not (I assume) be starting from the same deep knowledge of processing transactions that a 3rd party dedicated to that process will have. It is also more likely that potential exploits could go much longer without being found and fixed.

 

Can it be done. Yes. There is no inherent "security flaw" in doing that - it is the implementation that will dictate what flaws, if any, will exist.

 

To be honest, your whole process seems kind of clunky, but I don't have a clue on your business model.

 

Good luck with whatever path you take.

Link to comment
Share on other sites

There are so much generalization in your question that it is almost impossible to answer with any certainty. But, I will respond:

 

As I understand it:

1. Users have a 'balance' that you somehow manage.

2. Users can request a 'withdrawal" that will allow funds from their balance to be transferred to their bank

3. User can purchase items through a 3rd party processor which is paid from their bank account

 

The goal is for users to pay for items directly through their 'balance'

 

I have no idea how secure #1 and #2 currently are or if there are any checks and balances. For example, does a person review and approve payments to a bank account to ensure users aren't using malicious means to inflate their account? You could already have holes in the security that you are not aware of.

 

The bottom line (from my perspective) is that a payment processor is in the business of processing payments. That is their #1 point of being in business. And, assuming they have many sites that they support, the probability that any exploits have been found (and fixed) is very high. If you want to build your own custom process for accepting "payments" from the user's balance you will not (I assume) be starting from the same deep knowledge of processing transactions that a 3rd party dedicated to that process will have. It is also more likely that potential exploits could go much longer without being found and fixed.

 

Can it be done. Yes. There is no inherent "security flaw" in doing that - it is the implementation that will dictate what flaws, if any, will exist.

 

To be honest, your whole process seems kind of clunky, but I don't have a clue on your business model.

 

Good luck with whatever path you take.

 

Yes I am worried about a user finding a way to inflate their account earnings on the site. But how likely will that be if I am using an SSL certificate and PDO with parameters for code?

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.