Security Improvements in the new Release of Openbravo Commerce Suite
Security is an important topic in every business. Some big retailers have recently suffered severe security breaches (Target, Adobe, AOL, eBay, etc.) and this has had a negative impact on consumer confidence, according to a report in a recent IBM white paper.
Openbravo continuously evolves to provide better and stronger security so its customers can protect their bottom lines. The first quarter Openbravo Commerce Suite will be released with two simple but very useful security features. Let’s look at the security benefits we have achieved, the configuration needed in your Openbravo instance and how to use it.
Terminal Authentication Security
Terminal authentication allows us to link POS Terminal configurations with physical devices. The main goal of this feature is to improve the security of the Web POS operation by enforcing device (terminal, laptop, tablet…) access privileges to the system so only authorized terminal devices can connect to the system as POS terminals. Now we ensure that the mapping of Physical Terminals (devices) with Logical Terminals (as defined in Openbravo for Retail configuration) is 1 to 1, to avoid messing up data coming from different physical POS terminals. It strengthens and simplifies the assignment of a physical POS terminal to a Logical POS terminal.How to link a terminal
How can we start using this authentication feature? Just follow these two easy steps:
(Enable the Terminal Authentication enabled preference for your client if you haven’t yet . It is enabled by default for new Openbravo instances).
1. Add a Terminal Key Identifier as a code for each terminal. It will be visible in the POS Terminal screen and the user will enter a unique code for each terminal configuration:
2. First access. The first time a physical device accesses the system using the URL without a terminal ID parameter(<IP_address>/openbravo/web/org.openbravo.retail.posterminal/) it will realize there is no Terminal Configuration associated to that device and will request the terminal key identifier (the operation will not be possible till it is provided). After linking, the backend will mark that terminal as linked (the check “Is linked to a physical device” is true) so it won’t be possible to link it again.
How to unlink a terminal
In case we want to revoke the access of a physical device, it is enough to press the button Unlink device in the top right corner on the terminal configuration and enter a new code. If we try to access with the linked physical device, Web POS will ask for the code of the terminal and that way you can change one physical device by another.
Web POS supports the ability for multiple users to log in to one terminal. Each of these open sessions might have pending tickets. Every time a user logs in with an open session, the pending tickets will be automatically loaded and shown to the user. In addition to the current manual session lock, we have added automatic lock which blocks the terminal after “n” minutes of inactivity.
To enable this functionality you have to add the Web POS Session Timeout preference and assign a value in minutes. After defined minutes of inactivity, the terminal will be locked automatically and you will be able to recover your session introducing your credentials again.
For a demo about the complete list of features of the new release of Openbravo Commerce Suite
please click here!