Secure and Reliable Payment Processing for QuickBooks

RECUR360 has met all the security requirements in place by Intuit by intuit to be approved and listed on apps.com and desktop.apps.com

A Robust App Server Configuration

  • Caching has been disabled on all SSL pages and all pages that contain sensitive data by using value no-cache and no-store instead of private in the Cache-Control header.
  • All OS, web server, and app server security patches are up to date, and new patches are applied in a commercially reasonable time frame after they are made available by the hardware and software vendors.
  • HTTPS is enforced on all pages.
  • Web server has been configured to disable the TRACE and other HTTP methods if not being used.

Attack Vulnerability

RECUR360 has passed Intuit's security test against the following vulnerabilities.

  • Cross Site Request Forgery.
  • Cross Site Scripting (including reflected and stored cross site scripting).
  • SQL Injection.
  • XML Injection.
  • Authentication, Sessions Management and Functional level access control.
  • Forwards or Redirects in use have been validated.

OAuth Token Management

RECUR360 meets the following requirements for OAuth token management:

  • Intuit OAuth tokens or customer-identifying information is not exposed within the app or shared with other parties.
  • Token management once a user completes the OAuth authorization workflow:
    • Encrypt and store the consumer key, consumer secret, access token, access token secret, and realmId in persistent memory.
    • Encrypt the Intuit access token with a symmetric algorithm.
    • Store encrypted app keys in a separate configuration file.

Delivered with Confidence

No info shared with third parties

With industry standard security coding guidelines in place, you can be confident that RECUR360 will provide one of the best integration platforms for QuickBooks.

QuickBooks Data Usage

RECUR360 handles QuickBooks data securly by preventing any third-party from accessing information from QuickBooks. Functionality does not exist to export, save, or store your QuickBooks data for any purpose other than using it for the purpose of RECUR360 core functionality.

Cookie Management

All app session cookies are set to be secure and HTTPOnly.