Link to home
Start Free TrialLog in
Avatar of Terry Woods
Terry WoodsFlag for New Zealand

asked on

Does it matter if a hacker gains access to a Payment Express Account user id?

A client of mine has had their website hacked. If the hacker now knows the users PxPayUserid (which is a big long random looking string), can they use it for malicious purposes? I couldn't find anything on the Payment Express website saying either way.
SOLUTION
Avatar of Neil Russell
Neil Russell
Flag of United Kingdom of Great Britain and Northern Ireland image

Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
Avatar of Terry Woods

ASKER

Thanks @Neilsr. I don't suppose you can provide a reference to that in their documentation somewhere?
ASKER CERTIFIED SOLUTION
Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
Though PaymentExpress gave a different answer to @Neilsr, I wouldn't like to assume that PaymentExpress was correct. What if the hacker replaced the user id value with their own? Would payments start going to their account? Maybe there are safeguards in place through the Payment Express API's but I wouldn't like to assume.