It’s great. Totally secure. Just great.
Well that was a short blog post! Thanks Donald. But let’s take a look a bit deeper.
All connections to and from CanYa devices & services are secure, encrypted communications. This not only helps ensure the integrity of our servers and code, but to protect your personal information when in transit.
How easy is it to see unencrypted comms?
You see, anybody can fire up Wireshark and listen in on communications on their network. If there are any plain text comms, we see something like this:
Now let’s take a look at what happens when we use encryption:
So that is all we need right?
Firstly, security is an evolving beast. Researchers periodically find theoretical and practical attacks to defeat encryption methods. For example if the method to generate random numbers used in encryption is found to be able to be reverse-engineered, they come up with a better way of producing random numbers. The agency largely responsible for these standards is NIST – a US government standards agency. The reputation of NIST was damaged with Edward Snowden NSA leaks which showed the NSA introduced weakened encryption standards.
The capabilities of nation states to decrypt communications is largely unknown, but assumed to be possible but with a degree of difficulty. Simply put, crooks cannot decrypt your data, but large governments probably can. In practice though, nation states do not care about your bank password (which they control through government regulation anyway), or could probably easier just get your data through a warrant.
How do you secure online data?
The latest spec used for web encryption is Transport Layer Security (TLS) v1.2. People often refer to this as “SSL” which was the name of the older spec (now considered insecure). The phrase “SSL” now just generally means “encrypted“. You will often see an address bar padlock() to show your data is encrypted in transit with SSL/TLS.
When a secure connection is established between two devices, they need to “handshake” and transfer some keys between each other (“key exchange“). This means encryption is sometimes a little slower to establish a connection (maybe 10-100ms), but overall well worth it. The TLS v1.3 draft spec. is already implemented in the next Apple iOS11 release which performs key exchange during the initial TCP handshake thus improving connection speeds significantly.
My favourite webcomic on encryption is from XKCD.com:
Is CanYa safe?
So an important part of any security implementation is containing the keys. At CanYa, we have a robust security policy that includes need-to-know, locked down privileges and the use of 2-factor authentication for all system access logins — this defeats the $5 wrench because a login becomes both something you own (physical) plus something you know (mental) which is harder to defeat.
Now comes the good part – your data. The good news is – we don’t even store any of your secure data! So even if the $5 wrench works, your bank & credit-card are safe. We use a third party payment service called PIN Payments. This is a great Australian company that does all of the extra credit-card & financial compliance requirements, and gives us an interface to work with.
For example when you add a credit-card into CanYa:
- We send this to PIN over an encrypted connection.
- PIN store your card (encrypted at rest).
- We keep the last 4 numbers only for display purposes and dump the rest immediately.
- CanYa get back a de-identified anonymous token (e.g. “ABC123”). We then use this token to ask PIN to do things like “Please debit $50 from card ABC123 into our account”, or “Please pay XYZ123 $50 from our account”. That is it.
Totally safe. Really secure. Great.