Get Started
Tailor-Made ItinerariesTour & Cruise ItinerariesFIT Package ItinerariesRole Guides
Kaptio AdminSupplier ContractingProduct Design/BuildProduct ContentTraining ManagerData ExpertsDevelopersKaptio Platform Architecture
Architecture OverviewDevelopment GuidelinesFunctional DecompositionPlatform FAQNew to Salesforce?Security & ComplianceManage your EnvironmentsData Import & ExportGlobal Platform Setup
Getting Started with Core ConfigurationManage Global SettingsConfigure ChannelsManaging Users, Roles & AccessUnderstanding Your Sample DataPIM: Supplier Contracting
Managing SuppliersSetup LocationsManaging ServicesConfigure PricesBulk Import Service DataManage InventoryPromotion & Discount SetupPIM: Tour & Package Design
Getting Started with PackagesUnderstanding Departure TypesManage Package PricingSetup Package ContentConfigure Package DefaultingCRM Module
Customizing Kaptio TravelManage Account Record TypesSetup Trip & Itinerary WorkflowManage Salesforce FeaturesCONNECT: Land & Air Connectivity
Getting Started with ConnectivityPNR Import Setup & UsageIntegrating Amadeus Hotel Connectivity Setup & UsageDOCS Module
Getting Started: ContentManaging Content & MediaSetup Document StagesSetup TemplatesBuilding Custom Content ComponentsBulk Import Content DataUsing the Document Starter KitUsing the ATOL Certificate Starter KitPersonalizing DocumentsGenerating DocumentsCustomer Access to DocumentsEmail Setup & UsageAdvanced Sample Email TemplateCRS: Training Guides
Getting Started: TrainingTraining Reservation TeamsTraining Finance TeamsPAY: Payment Gateway Integrations
Getting Started: PaymentsImplementing Braintree/PayPalIntegrating Your Own GatewayData Migration
Guide to Booking MigrationPeripheral Integration Guides
Accounting IntegrationData Warehouse IntegrationWebsite IntegrationSalesforce Security & Compliance
At Kaptio, security and compliance are paramount. We offer a range of secure, cloud-based products, built on the Salesforce platform, which are hosted in ISO 27001 and SOC 2 compliant data centers.
We are an AppExchange Salesforce partner. Being built on the Salesforce platform allows us to provide you with software that is regularly updated, flexible to integrate with third-party applications, and scalable to support your company’s growth. Salesforce is committed to achieving and maintaining the trust of its customers. Integral to their mission is providing a robust security and privacy program that carefully considers data protection matters across their suite of services, including data submitted by customers.
Salesforce has heavily invested in the security and resilience of its infrastructure. Its data center operations have received ISO 27001 and SOC 2 Type II audits. Salesforce.com is a certified licensee of the TRUSTe Web Privacy Seal, a certified licensee of the TRUSTe Safe Harbor Seal and abides by the EU Safe Harbour Framework. It has detailed network and physical security mechanisms in place.
The Salesforce Security and Compliance Site provides visibility into our compliance certifications and enables customers to self-service compliance document downloads (SOC reports, ISO 27001 Certification, DR Testing Site Switch, Data Security Maintenance and more).
SOC1 and SOC2
We understand the importance of these audits in demonstrating the effectiveness of business process controls and information technology controls, however, Kaptio has not gone through this process as of yet.
The primary reason we have not undergone SOC1 or SOC2 audits is that our platform is built on Salesforce, which already undergoes rigorous security assessments and compliance audits, including SOC1 and SOC2. As a cloud-based platform, Salesforce maintains a robust security infrastructure and meets stringent industry standards to ensure the protection of customer data.
Furthermore, previous customers have not specifically requested us to obtain SOC1 or SOC2 reports, as they rely on the security measures implemented by Salesforce as a trusted and established provider. This is a testament to the high level of confidence placed in Salesforce's security practices and compliance certifications.
However, we are constantly evaluating the evolving needs of our customers and the industry landscape. If future requirements or customer demands necessitate the acquisition of SOC1 and SOC2 reports for our platform, we are open to exploring that possibility. We prioritize the security and compliance of our platform and are committed to meeting the expectations of our customers.
Salesforce Security Review
The Kaptio Travel Platform is required to undergo a security review to become listed on the Salesforce AppExchange. The AppExchange security review tests the security posture of partner solutions, including how well it protects customer data. In August 2015, Kaptio successfully passed its first security review. Salesforce periodically re-reviews applications renewal process for the application.
The security review helps you identify security vulnerabilities that a bad actor could potentially exploit. Salesforce security review teams test our solution with threat-modeling profiles that are based on the most common web vulnerabilities. The teams attempt to penetrate the defenses programmed in our solution. Their goal is to extract or modify data that they don’t have permission to access, just as security threats attempt to do.
Here is a sample of the common security threats that Salesforce test for during the security review process:
- SOQL and SQL injection
- Cross-site scripting
- Nonsecure authentication and access control protocols
- Vulnerabilities specific to the Salesforce platform, such as record-sharing violations
For more information about the most critical web application security risks, read the Open Web Application Security Project (OWASP) Top Ten awareness document. OWASP is a nonprofit foundation that works to improve the security of software.
The scope of cyberthreats is large, and Salesforce upholds high security standards for solutions distributed on AppExchange. Salesforce provide a range of tools to help partners security tests their applications, including the Partner Security Portal. The portal hosts the Source Code Scanner (Checkmarx) and Chimera automated security scanning tools. These tools are used to identify security vulnerabilities in AppExchange solutions.
Payment Integrations Security
Kaptio provides a framework for integrating with payment gateway providers. The framework only supports Hosted Payment integration flow.
Hosted Payment integration flows ensure that the security and PCI compliance of payment transactions is the responsibility of the payment gateway provider. The integration is usually low-maintenance and easy to set up. The down side is that, depending on the provider, there will be less flexibility in terms of page design, layout and user experience.
For cases where a Hosted Payment integration flow is not possible, for example for integrating refund or direct debit capability, there is a way to integrate the Kaptio Payment flow through API/XML integration. For API/XML integrations, the security and PCI compliance of payment transactions is the responsibility of the customer. The integration requires SSL and PCI compliance to be met and in most cases approved by the payment technology provider. These integrations are complex, both to setup and maintain. The benefit is full control over flow and design of the user payment experience. The client will require a third-party payment specialist to participate in the development, testing and security review of this kind of integration.
The customer can integrate with any payment gateway providers who provide either one of these integration types. Kaptio Travel has built-in support for several payment gateways. For more information see: http://help.kaptio.com/knowledgebase/supported-payment-gateways/
The payment gateway framework supports multiple payment gateways that can be enabled on a per-channel or a per-currency level. It can also support per-authorization and payment tokenization, as long as the payment gateway provider supports these kinds of operations.
PCI Compliance & Security Validation
In terms of PCI compliance, we offer hosted payment integration with our payment gateway partners, including Braintree & Paypal. This means that the security and PCI compliance of payment transactions are the responsibility of the payment gateway provider. Hosted payment integration is typically low-maintenance and easy to set up.
Please note that we do not handle card data for API/XML integrations. If you require such an integration, the security and PCI compliance of payment transactions become your responsibility as the customer. This integration requires SSL and PCI compliance, which must be met and approved by the payment technology provider. API/XML integrations are more complex to set up and maintain, but they offer full retention of customer card data and greater control over the user payment experience. Rest assured, we never have access to card data in these integrations.
Kaptio recommends that clients validate their PCI compliance annually. Most can do this with a Self-Assessment Questionnaire (SAQ) provided by the PCI Security Standards Council. The type of SAQ depends on how you integrated your payment gateway with Kaptio, and which of the methods below you use to collect card data. Certain methods may require you to upload additional PCI documentation (for example the API/XML approach).
For Hosted integrations
Requirement: SAQ A.
For Kaptio customers who are using the hosted approach to collect card details from customers, you are eligible for the simplest method of PCI validation: SAQ A.
Several providers will automatically creates a combined SAQ A and Attestation of Compliance (AoC) for you, available for you to download in your account’s compliance settings, and no action is required on your part to submit further proof of your PCI compliance.
This is possible because all form inputs containing card data within a hosted page served from the payment provider's domain—not yours—so your customers’ card information never touches your servers.
For API/XML integrations
Requirement: SAQ D
We strongly discourage passing card information directly to your providers API as it means your integration is directly handling card information. If you send card details directly to your providers API, you’ll be required to upload your SAQ D annually to prove your business is PCI compliant. SAQ D is the most onerous of all the SAQs, with over 40 pages of requirements you must implement to remain PCI compliant. We highly recommend you migrate to the hosted approach of card information to substantially reduce the scope of your PCI compliance.
In addition to the significant PCI burden that this method places on you, it is not supported the various fraud prevention toolset that are built into the hosted payment sites from various providers.
External Access to Payment Pages
To access the Kaptio Travel application, users need to login with a username and password. Kaptio Travel users can share data with their customers via customer links on external domains. This includes payment collection pages.
Access to this domain is open and requires no username or password. Kaptio Travel provides a private link or unguessable URL for content; anyone who has the link may access the information, but the link is not posted publicly or easily guessable. The user can share the private link with friends, family or other trusted contacts who can in turn forward the link to others who will be able to access it, without any account authentication or access control. Kaptio Travel users can unpublish content, making the link inactive.
Additional references:
There are four options for configuring domains and URLs for customer access:
- Secure force.com domain Kaptio will set up an HTTPS secure path (https) using the force.com domain. HTTPS automatically alerts browsers to use an added encryption layer of SSL/TLS to protect the traffic and increase the user’s security.
- Standard force.com domain Kaptio will setup a standard HTTP path using the force.com domain. The data exchanged between server and browser is not encrypted.
- Standard force.com domain with CNAME to customer domain Kaptio will setup a standard HTTP path using the force.com domain. A contact from the customer site who has access to the customer’s web domain (domain DNS) can then set up a CNAME record to redirect users from a force.com domain to the customer’s domain (instead of customer.force.com, this would be subdomain.customer.com).
- Secure force.com domain with CNAME to customer domain Currently not supported unless as part of a Customer Community, see
https://success.salesforce.com/ideaView?id=087300000006nxHAAQ
From a security standpoint, Kaptio can only recommend approach 1 or 4, with 4 only being possible with licenses for Customer Community members from Salesforce.
TLS/HTTPS
TLS refers to the process of securely transmitting data between the client—the app or browser that your customer is using—and your server. This was originally performed using the SSL (Secure Sockets Layer) protocol. However, this is outdated and no longer secure, and has been replaced by TLS. The term “SSL” continues to be used colloquially when referring to TLS and its function to protect transmitted data.
All Payment pages must make use of a modern version of TLS (e.g., TLS 1.2) as it significantly reduces the risk of you or your customers being exposed to a man-in-the-middle attack. TLS attempts to accomplish the following:
- Encrypt and verify the integrity of traffic between the client and your server
- Verify that the client is communicating with the correct server. In practice, this usually means verifying that the owner of the domain and the owner of the server are the same entity. This helps prevent man-in-the-middle attacks. Without it, there’s no guarantee that you’re encrypting traffic to the right recipient.
- Your customers are more comfortable sharing sensitive information on pages visibly served over HTTPS, which can help increase your customer conversion rate.
Salesforce requires the use of TLS 1.1, in order to align with industry best practices for security and data integrity. This is by default the standard for all Salesforce customers without any additional configuration.