Ensuring Trust and Confidence
At Recur360, we take the security of our users' information very seriously. We are proud to announce that our platform has successfully met all the rigorous security requirements put in place by Intuit, one of the most trusted names in the industry. This has enabled us to receive their official approval and be listed on both apps.com and desktop.apps.com.
Get Started
SERVER CONFIGURATION
A Robust App Server Configuration
All OS, web server, and app server security patches are up to date, and new patches are applied in a commercially reasonable time frame after they are made available by the hardware and software vendors.
Caching has been disabled on all SSL pages and all pages that contain sensitive data by using value no-cache and no-store instead of private in the Cache-Control header.
HTTPS is enforced on all pages. SSL has been configured to support TLS version 1.1 or higher.
TRACE and other HTTP methods have been disabled on the web server.
SECURE TOKENS
OAuth Token Management
Recur360 meets the following requirements for OAuth token management: Intuit OAuth tokens or customer-identifying information is not exposed within the app or shared with other parties. Token management once a user completes the OAuth authorization workflow: Encrypt and store the consumer key, consumer secret, access token, access token secret, and realmId in persistent memory. Encrypt the Intuit access token with a symmetric algorithm. Store encrypted app keys in a separate configuration file.
ENHANCED SECURITY
Attack Vulnerability
Recur360 has passed Intuit's security test against the following vulnerabilities: Cross Site Request Forgery, Cross Site Scripting (including reflected and stored cross site scripting), SQL Injection, XML Injection, Authentication, Sessions Management and Functional level access control, and forwards or Redirects in use have been validated.
GET STARTED
Try it for free
Start growing faster, smarter, and stronger. Create an account and start creating your invoices with a free trial.
Sign Up