Skip to content

fix(security): remove payment token logging from Android Pay sample#19

Open
arunmish-visa wants to merge 2 commits into
AuthorizeNet:masterfrom
arunmish-visa:feature/security-enhancement
Open

fix(security): remove payment token logging from Android Pay sample#19
arunmish-visa wants to merge 2 commits into
AuthorizeNet:masterfrom
arunmish-visa:feature/security-enhancement

Conversation

@arunmish-visa

Copy link
Copy Markdown

AISAST-70987fbf: Android Pay payment tokens logged to logcat.

  • OrderCompleteActivity.java:64,66,70 - Removed Log.d() calls that output raw payment tokens (tokenJSON, blob, anetBlob)
  • Added security comment explaining why payment tokens must not be logged
  • Prevents exposure via logcat, bug reports, or crash-reporting tools
  • Sample app now demonstrates secure payment token handling

Payment tokens contain encrypted card data that, combined with merchant keys, can yield PAN. Even in sample/demo code, logging this data teaches insecure practices that developers may copy into production.

AISAST-70987fbf: Android Pay payment tokens logged to logcat.

- OrderCompleteActivity.java:64,66,70 - Removed Log.d() calls that
  output raw payment tokens (tokenJSON, blob, anetBlob)
- Added security comment explaining why payment tokens must not be logged
- Prevents exposure via logcat, bug reports, or crash-reporting tools
- Sample app now demonstrates secure payment token handling

Payment tokens contain encrypted card data that, combined with merchant
keys, can yield PAN. Even in sample/demo code, logging this data teaches
insecure practices that developers may copy into production.
AISAST-d82576f5: CVV displayed in cleartext, vulnerable to shoulder-surfing
and screen capture.

Three-layer defense:
1. fragment_accept.xml:121 - Changed inputType from 'number' to
   'numberPassword' to mask CVV digits on screen
2. fragment_accept.xml:122 - Added importantForAutofill='no' to prevent
   autofill frameworks from caching CVV
3. CheckoutActivity.java:79-81 - Added FLAG_SECURE to prevent screenshots,
   screen recording, and overlay attacks

Protects CVV from:
- Shoulder-surfing (masked input)
- Screen capture malware / overlay attacks (FLAG_SECURE)
- Autofill cache leaks (importantForAutofill=no)

Sample app now demonstrates secure payment data entry best practices.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Development

Successfully merging this pull request may close these issues.

1 participant