Mobiliser Platform secures Web applications, communications, and sensitive data.
To prevent the most common attacks from the Internet, Mobiliser Platform Web applications follow the security standards defined by the Open Web Application Security Project (OWASP).
Mobiliser Platform components communicate via secure protocols. Communication via HTTPS allows mutual authentication of servers via SSL certificates. Firewalls secure communication with external systems.
The Mobiliser Platform Web server hosts consumer registration and portal applications. Customer log in to these applications from their browsers via HTTPS. The Web server and the back end communicate via HTTPS Simple Object Access Protocol (SOAP) with Web services that are hosted on the application server.
Mobiliser Platform uses symmetric and asymmetric encryption, and hashing algorithms for securing data. Customer passwords are stored only as hashed values. To protect access passwords and other confidential configuration data from prohibited access, they are stored using symmetric encryption. Highly confidential data, such as credit card numbers, are stored using asymmetric encryption. Mobiliser Platform installations are PCI certified.
To control access to resources, Mobiliser Platform supports maker-checker authorization, roles, and privileges.