• Home
  • /
  • Security Guidelines

Security Guidelines

Table of Contents

Introduction
Profile Account Security
Password Management
Account Users
Traffic Security
Account Abuse and Control
Risks That May Arise If Controls Are Not Enforced
Compliance
General Security Recommendations
Verify the Authenticity of the Login Page to Prevent Phishing Attacks
Security guidelines for SMS fraud prevention

Introduction

The security guidelines will help you better understand the security policies of our platform. It will also assist you in performing the most frequent user tasks, such as authentication, file transfer, etc., within the Marketplace app.

Profile Account Security

After creating your account, you will need to log in to your Marketplace app account with your username and password. Please note that your username cannot be modified and must match your registered email or phone number. If you wish to update this, contact us and explain why you want the above information changed. This is to protect you from theft and fraud while we strive to provide better service to you.

Password Management

The marketplace password strength is configured very strongly by default.
To help safeguard your account, follow these security password measure tips:

  1. We strongly recommend that you do not use passwords that you have previously used, particularly for other online channels/services.
  2. If possible, CHANGE passwords on a quarterly basis, at the very least.
  3. NEVER disclose your passwords or pin numbers to anybody, even the NETAPPS team. If you need to reset your password or pin, please utilize the app's password reset feature or navigate to the password and pin settings page.
  4. AVOID using your name, nickname, or birth date as a password.

Account Users

For enhanced security, here's how to maintain account user credentials.

Navigate to USER & TEAMS in the Settings menu.

  • Keep the admin user as the Account Manager role and remove or add roles you wish to assign to the account manager. For other users, remove the Account Manager role and assign roles for each user.
    Please double-check the phone number and email address.
  • You can set your 2FA (Two-factor authentication). The 2FA login options are "Always remember" or "On Each Login".
    Please note that the 2FA will not impede on the connectivity.

Traffic Security

We update the app on a regular basis. Please update your app to the most recent version so we can better serve you. If you are unsure which version, you are using or need assistance upgrading to a new version, contact support@netappsmarketplace.com. We will gladly assist you.

Account Abuse and Control

Sessions expire one hour after the last successful transaction or if the app is left idle after one hour to reduce the danger of password theft or misuse; only certain KYC level accounts may modify the specified time.

To proceed with a transaction, you must enter your pin again.

Risks That May Arise If Controls Are Not Enforced

  • You stand a risk if your password has been compromised or you have not changed your password in a long time.
  • When using MITM techniques to connect the client network to the NETAPPS platform.

Compliance

NETAPPS is PCI DSS Level 1 Certified. All NETAPPS products have been audited by an independent PCI Qualified Security Assessor (QSA). This is the highest level of accreditation available in the global payments sector.

NETAPPS holds a Central Bank of Nigeria Payment System Service Providers (PSSP) Commercial Licence.

General Security Recommendations

  • Always use longer and more complex passwords that are unique to each user. Reinforce internal credential storage and management to reduce the possible cause of future data leakage.
  • Keep your PINS private, just like your passwords.
  • Avoid hard-coding user credentials into a public code repository.

Verify the Authenticity of the Login Page to Prevent Phishing Attacks

  • Keep an eye on the URL and the site content.
  • Examine the Favicon. Websites can put whatever icon they want in the tab.
  • Examine the domain name. The domain name can assist you verify that you are landing on a legitimate NETAPPS technologies site.
  • In your browser's address bar, look for the site's security status. A secure website will have a green padlock icon to the left of the URL in most browsers. You may check the website's information by clicking the padlock icon (e.g., the type of encryption used).
    As an example:
    1. The domain name contains many dashes or symbols.
    2. Domain names that mimic ours (e.g., "netAPps" or "NetAPPS").
    3. Sites with domain extensions tend not to be credible.
  • Examine the connection type of the website. The NETAPPS web interface website uses an "https" tag, which is more secure and hence more trustworthy than the more usual "http" identification. This is because most fraudulent sites would not bother with the security certification process that a reputable https site would.
  • On the webpage, look for broken English. If you see a high number of misspelled (or missing) words, poor language, or confusing wording, you should doubt the site's legitimacy.

Security guidelines for SMS fraud prevention

With the rise of cyber-attacks on the internet, online applications are being targeted in a variety of ways. To successfully fight against these assaults, we provide online application security guidelines that may be adopted based on the most prevalent web application flaws leveraged in fraud situations.

Please do not click on any link given to your phone or email that is not from a NETAPPS certified address.

Please keep in mind that NETAPPS will not ask you for your password, credit card information, or pin. Please disregard such messages as they are not from us.

Thank you for choosing NETAPPS Technologies. We are committed to protecting your privacy and security. This Privacy Policy explains how we collect, use, and share information about you when you use our products and services. Please read this Privacy Policy carefully. By using our products and services, you agree to this Privacy Policy. If you do not agree to this Privacy Policy, do not use our products and services.