Magento Solution Specialist – Content Area 3.8: Security

1. What are three major security features in native Magento EE v 1.13?

  • Encryption based on AES 256 where older versions used MD5
  • Magento Payment Bridge
  • Form keys to prevent XSS and CRSF attacks

2. What is the encryption, hashing key management method used in Magento EE v 1.13?

AES 256 is used to encrypt data. Magento stores an encryption key in

[mageroot]/app/etc/local.xml file. Sensitive database information is encrypted using this key when stored.
By | 2017-08-19T17:57:16+00:00 January 31st, 2016|Categories: Magento, MCSS|Tags: , |

About the Author:

Jason is a Magento Certified Solution Specialist and has been working with Magento for a few years - both with Enterprise and Community Editions.