Security

Enterprise-grade security for your e-commerce platform

Security First Approach

STSTSI Commerce is built with security as a foundational principle, not an afterthought. Every layer of the platform implements industry-standard security practices to protect your business and your customers' data.

Authentication & Authorization

✓ IMPLEMENTEDJWT Token-Based Authentication

The Storefront API uses stateless JWT (JSON Web Token) authentication for customer-facing applications. Tokens are cryptographically signed and expire after 24 hours, requiring refresh for continued access.

  • Stateless Design: No server-side session storage required
  • Token Expiration: Configurable expiry (default 24 hours)
  • Refresh Mechanism: Secure token renewal without re-authentication
  • Cryptographic Signing: HMAC-SHA256 signature verification

✓ IMPLEMENTEDSession-Based Authentication for Admin

The Manager Admin interface uses traditional session-based authentication with enhanced security features.

  • Session Fixation Protection: New session ID on authentication
  • Remember Me: Secure persistent login with cryptographic tokens (24-hour validity)
  • Secure Cookies: HttpOnly and SameSite protection
  • Configurable Timeout: Session timeout configurable via Spring properties

✓ IMPLEMENTEDRole-Based Access Control (RBAC)

Granular permission system with distinct roles for precise access control:

Admin Portal Roles:

  • ADMIN: Full system access, user management, critical operations
  • PRODUCT_MANAGER: Product catalog and inventory management
  • TAX_MANAGER: Tax rates and additional charges configuration
  • PROMOTION_MANAGER: Discount and promotion management
  • ORDER_MANAGER: Order processing and fulfillment
  • VIEWER: Read-only access to reports and data

Storefront API:

  • USER: Authenticated customer access for shopping, orders, wishlists, and reviews

Data Protection

✓ IMPLEMENTEDPassword Security

All passwords are hashed using BCrypt with strength factor 10, providing robust protection against brute-force and rainbow table attacks.

  • BCrypt Hashing: Industry-standard adaptive hashing function
  • Salt Per Password: Unique salt for each password
  • No Plain Text Storage: Passwords never stored in readable form
  • Secure Password Reset: Time-limited tokens for password recovery

✓ IMPLEMENTEDPrice Integrity Validation

Server-side price verification prevents client-side price manipulation attacks.

  • Server-Side Validation: All prices verified against database on checkout
  • Cart Item Validation: Prices re-calculated from current SKU prices
  • Promotion Validation: Discount eligibility verified server-side
  • Transaction Integrity: Database constraints prevent invalid orders

✓ IMPLEMENTEDSQL Injection Prevention

Complete protection against SQL injection through parameterized queries and ORM.

  • JPA/Hibernate: ORM layer prevents direct SQL manipulation
  • Parameterized Queries: All queries use prepared statements
  • No Dynamic SQL: No string concatenation for SQL construction
  • Input Validation: Bean Validation on all user inputs

Network Security

✓ IMPLEMENTEDSecurity Headers

Comprehensive HTTP security headers protect against common web vulnerabilities.

Storefront API Headers:

X-Frame-Options: DENY
Content-Security-Policy: default-src 'self'
X-Content-Type-Options: nosniff

Manager Admin Headers:

Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Security-Policy: default-src 'self' 'unsafe-inline' https://cdn.jsdelivr.net
X-XSS-Protection: 1; mode=block
Referrer-Policy: strict-origin-when-cross-origin
Permissions-Policy: geolocation=(), microphone=(), camera=()

✓ IMPLEMENTEDCORS Configuration

Configurable Cross-Origin Resource Sharing prevents unauthorized access from untrusted domains.

  • Whitelist Approach: Only specified origins allowed
  • Environment-Based: Different origins for dev/staging/production
  • Credentials Support: Controlled cookie/auth header sharing
  • Pre-flight Caching: Optimized OPTIONS request handling

✓ IMPLEMENTEDCSRF Protection

Cross-Site Request Forgery protection on all state-changing operations in the Manager Admin.

  • Synchronizer Token Pattern: Unique token per session
  • Double-Submit Cookie: Additional validation layer
  • SameSite Cookies: Modern browser protection

Payment Security

✓ IMPLEMENTEDPCI Compliance Through Payment Gateways

STSTSI Commerce never stores or processes credit card data directly, maintaining PCI compliance through certified payment gateway integrations.

  • No Card Storage: Payment details handled exclusively by gateway
  • Token-Based Payments: Only payment tokens stored
  • Gateway Integration: Stripe and other PCI-certified providers
  • Webhook Verification: Cryptographic signature validation

✓ IMPLEMENTEDSecure Configuration Management

Payment gateway configuration is protected through access controls and deployment best practices.

  • Access Control: Only ADMIN role can view or modify payment configuration
  • Environment Variables: Secrets should be provided via environment variables, never in version control
  • Database Storage: Configuration stored in database with restricted access

Application Security

✓ IMPLEMENTEDInput Validation

Comprehensive input validation prevents injection attacks and data corruption.

  • Bean Validation: Jakarta Validation annotations on all DTOs
  • Type Safety: Strong typing prevents type confusion
  • Length Limits: Maximum sizes enforced on all inputs
  • Format Validation: Email, phone, date format checking

✓ IMPLEMENTEDConcurrent Update Protection

Optimistic locking prevents race conditions and data corruption in high-traffic scenarios.

  • Version Control: JPA @Version on critical entities
  • Inventory Protection: Prevents overselling through version checks
  • Transaction Isolation: Proper ACID compliance

✓ IMPLEMENTEDInventory Reservation System

Temporary inventory holds during checkout prevent overselling while maintaining availability.

  • Time-Limited Reservations: Automatic expiry after checkout timeout
  • Atomic Operations: Reserve/release operations are transactional
  • Stock Validation: Real-time availability checking

Operational Security

✓ IMPLEMENTEDDatabase Migrations

Liquibase-managed database migrations ensure safe, versioned schema updates.

  • Version Control: All schema changes tracked in version control
  • Rollback Support: Ability to revert changes if needed
  • Checksum Validation: Detects unauthorized schema modifications

RECOMMENDEDSSL/TLS Encryption

Production deployments should enforce HTTPS for all communication.

  • TLS 1.2+: Use modern, secure protocols
  • Valid Certificates: Use trusted CA certificates
  • HSTS Enabled: Force HTTPS on all connections
  • Redirect HTTP: Automatically upgrade insecure connections

Security Best Practices

For Administrators

  • Use strong, unique passwords for all admin accounts
  • Enable two-factor authentication when available
  • Regularly review user access and remove unused accounts
  • Monitor logs for suspicious activity
  • Keep the platform updated with latest security patches
  • Use environment-specific configurations (dev/staging/prod)
  • Regularly backup databases and test restore procedures

For Developers

  • Never commit secrets to version control
  • Use environment variables for sensitive configuration
  • Validate all user inputs on server-side
  • Follow principle of least privilege for database users
  • Implement proper error handling without exposing stack traces
  • Use prepared statements for all database queries
  • Keep dependencies updated to patch known vulnerabilities

For Deployment

  • Use strong, randomly generated JWT and Remember-Me secrets
  • Configure firewall rules to restrict database access
  • Enable audit logging for all critical operations
  • Use separate databases for dev/staging/production
  • Implement rate limiting to prevent brute force attacks
  • Use a Web Application Firewall (WAF) in production
  • Regularly perform security audits and penetration testing

Compliance & Standards

Industry Standards

  • OWASP Top 10: Protection against common web vulnerabilities including injection, XSS, CSRF, and broken authentication
  • PCI DSS: Payment Card Industry compliance achieved through PCI-certified payment gateway integrations (Stripe, Square, Moneris)
  • Data Sovereignty: Self-hosted architecture gives you complete control over data residency and storage location

Security Reporting

If you discover a security vulnerability in STSTSI Commerce, please report it responsibly.

Responsible Disclosure

To report security vulnerabilities:

  1. Email our security team at security@ststsi.com
  2. Include detailed steps to reproduce the vulnerability
  3. Allow us 90 days to address the issue before public disclosure
  4. Do not exploit the vulnerability or access data beyond proof of concept

We appreciate security researchers who help keep our platform secure.

Questions About Security?

Contact our team to discuss security features, compliance requirements, or custom security enhancements.