My current project is testing a web page for user booking some services using VISA card. I dont have any experience about security testing. Any one could share that I should do for basic security testing?

Report
Question

Please briefly explain why you feel this question should be reported .

Report Cancel

My current project is testing a web page for user booking some services using VISA card. I dont have any experience about security testing. Any one could share that I should do for basic security testing?

solved 0
Manual 4 Answer 1003 views 0

Answers ( 4 )

  1. Tri Nguyen
    1
    July 27, 2015 at 9:32 am

    Please briefly explain why you feel this answer should be reported .

    Report Cancel
    I have a little bit experience in Security Testing and want to share some points:
    1. Usually, to test some kind of payment via VISA/Master Card/Banking, we will test via Web Service (try to google if in case you dont know what it is). When sending this kind of process, we usually have a token, that maybe a encrypt string combine with your information using to validate and secure customer account/information.

    2. We also need to test when the application online or offline (maybe internet getting disconnected, application broken) and check if transaction success or not, check balance of customer in case of failure and return their money of couse. :)

    3. For Visa/Master Case number, validate the mask. This to check the card number is correct or not/ valid to use or not.

    4. For further process like process payment, check the role of each application user, there are some restriction in it because these information is very sensitive.

    Let me remember , will update you if i found anything more :). Hope it helps.
    Best answer
  2. AmirShahzad
    1
    July 27, 2015 at 1:50 pm

    Please briefly explain why you feel this answer should be reported .

    Report Cancel
    You can use tempare data plugin of firefox for the security testing and end to end testing ..
    along with that try to expose hidden field on the form during submission the request . question is how to find hidden field ? u can find it using firebug and search hidden in " find html& css"
  3. zooty
    1
    July 29, 2015 at 3:08 pm

    Please briefly explain why you feel this answer should be reported .

    Report Cancel
    Thanks guys so much.

    I'm very appreciate for your help

    Please let me know if you want to share more
  4. Thanh Huynh
    0
    July 30, 2015 at 10:35 am

    Please briefly explain why you feel this answer should be reported .

    Report Cancel
    @Zooty,

    Re: Please let me know if you want to share more

    Of course, we want to. Please feel free to share or to ask things so that we can learn each others. Experience is to share not to keep ;)

Leave an answer

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>

zooty R

About [zooty]