CIOREVIEW >> Security >>

New Openbravo Commerce Suite Displays Improved Security

By CIOReview | Tuesday, May 3, 2016

FREMONT, CA: Openbravo ceaselessly strides to provide evolved, improved and stronger security, letting its customers guard their bottom lines. The first quarter Openbravo Commerce Suite will be released with two elementary yet very utile security features.

Terminal Authentication Security

Terminal authentication security lets the users to link physical devices with the POS Terminal configurations. The primary aim of this feature is to better the security of the Web POS functioning by employing device–such as laptop, tablet and terminal–access privileges to the system. These privileges only allow authorized terminal devices connect to the system as POS terminals. This ensures that the mapping of Physical Terminals or devices with Logical Terminals is one to one.

How to link a terminal

Steps to follow to use the authentication feature. Enable the Terminal Authentication enabled preference for the clients, since it is enabled by default for new Openbravo instances.

Add a Terminal Key Identifier as a code for each terminal

It will be visible in the POS Terminal screen and the user will enter a unique code for each terminal configuration:

First access

The first time a physical device accesses the system using the URL without a terminal ID parameter(/openbravo/web/org.openbravo.retail.posterminal/) it will realize there is no Terminal Configuration associated to that device and will request the terminal key identifier (the operation will not be possible till it is provided). After linking, the backend will mark that terminal as linked (the check “Is linked to a physical device” is true) so it won’t be possible to link it again

How to unlink a terminal

To revoke the access of a physical device, the button–Unlink device in the top right corner on the terminal configuration has to be pressed and a new code has to be entered. Web Pos will ask for the code of the terminal if linked physical device is accessed and physical devices can be changed this way.

Terminal auto-lock

Web POS backs the ability for multiple users to log in to one terminal. Each of one these open sessions may have pending tickets. Every time a user logs in with an open session, the pending tickets will be automatically loaded and displayed to the user. Along with the current manual session lock, we have added automatic lock which blocks the terminal after “n” minutes of inactivity.

To enable this functionality the user has to add the Web POS Session Timeout preference and allot a value in minutes. After defined minutes of inactivity, the terminal will be locked automatically and the user will be able to recover your session introducing your credentials again.