SoftPos #7: Terminal registration OTP can be bypassed - Finpay - Redmine

Actions

Copy link

SoftPos #7

open

Terminal registration OTP can be bypassed

Added by Redmine Admin 4 months ago. Updated 4 months ago.

Status:

New

Priority:

Low

Assignee:

LIQUID/hosam gemei

Category:

Re Test

Start date:

12/18/2024

Due date:

% Done:

100%

Estimated time:

Description

Description
To securely register a terminal the admin login with their credentials and then they are asked to
provide an OTP which is sent to their mobile number. It was found that the OTP step is not required
to get a valid authenticated session making the bypass of the OTP step easy to achieve.

History
Property changes

Actions

Copy link

Also available in: Atom PDF

Project

General

Profile

Finpay

SoftPos #7

Terminal registration OTP can be bypassed

Updated by Redmine Admin 4 months ago

Updated by Redmine Admin 4 months ago