Course Dashboard
ActiveComprehensive overview of modules, students, and network activity.
Course ID
a27bf6143a1f064dfac7fefcfb43c1ea3ca317d9a1ad228e6d0049bf
Policy ID
840eaf6969058f531aaec39051e7a536b56740d7ba324f7db7ad0010
Validator Address
addr_test1xzzqatmfdyzc75c64mpeq50855mt2e6q67arynmak7ksqyrjflq8ctkef92tz72vjdf6m2tams3k84dvyvhg32ts45fqf87hu8
Authorized Teachers
Course Modules
4 Active Modules| Assignment ID | Prerequisites | Learning Targets (SLTs) |
|---|---|---|
|
7b6d9a1ebab68cd0d3267a7f7a95a9a5497dd22f490c8861cc7761585dd4122a
|
-
|
Explain how API keys and short-lived tokens are used to authenticate payment API requests, and describe how each should be stored
Apply the principle of least privilege to the components of a POS integration
Identify common authentication vulnerabilities in payment integrations and describe how to prevent them
|
|
869904d743706e3bae97f1251af4d0299d38d9dacb52082fc51d92b5cf729374
|
-
|
Explain how TLS protects data in transit between POS components and how to verify it is configured correctly
Describe what point-to-point encryption does and why it removes card data from your integration's scope
Explain how tokenization works and why a card token is safe to store where a card number is not
|
|
c4b3f4386535d2b32d25fdb71c77069079e121f59ba43a368ee446a584f110a5
|
-
|
Identify the main attack vectors targeting POS systems: skimming, man-in-the-middle, injection, and insider threat
Describe how each attack vector exploits a specific weakness in the POS architecture from Course 2
Explain why mapping the attack surface is the first step in securing any integration
|
|
f5f75f345f20ec3c99c495c16bf14b559d17fb5de34484d61cdd16749bec01de
|
-
|
Describe the PCI-DSS requirements most relevant to a developer building a POS integration in Kenya
Identify the regulatory requirements from the Central Bank of Kenya that apply to payment system operators
Describe the immediate steps to take when a POS security breach is suspected
|