Security
Security for the payer
On this page, we present the most important security elements of Khipu. It is not meant to be a summary, so we do not avoid topics or technical terms.
We prefer to provide you with all the information that may be useful so that you know that, when paying through Khipu, you are doing so through a secure system that you can trust.
Khipu's payment terminals are web browsers, specially designed and developed to process electronic payments. They can be accessed from a mobile application or a merchant's website.
What the payment terminal does is automate the process of fund transfer, presenting the user with an interface that only asks for their identification and security details necessary to authorize the recipient and the amount of the transfer.
Then, the terminal informs the transfer details to carry out the payment reconciliation (that is, ensuring the amount and recipient of the transfer match the charge) and issues the corresponding payment receipt.
In the eyes of the payer's bank, Khipu's payment terminal is just another web browser, like Internet Explorer, Chrome, Firefox, or any other. In any case, it is software that takes control of the interface and mediates between the user and the bank's server.
General safety elements
Use of HTTPS protocol
The payment terminal, like a web browser, is built on WebKit, the same browsing framework used by Google Chrome and Apple Safari, among others. Thus, all security elements, particularly the implementation of the HTTPS protocol, are provided by this implementation. HTTPS is a secure communication protocol, which means that the data being transferred can only be read by the parties involved in the communication. The level of encryption that Khipu uses for communication with banks is the one that banks have defined as standard, and the level of encryption associated with each page is the same as that used by multi-purpose browsers – such as Internet Explorer, Google Chrome, Firefox, Safari, or any other browser that uses WebKit. When communicating with the Khipu server, additional security elements are added, such as HSTS and double encryption, to ensure end-to-end encryption.
Maintenance of navigation routes
Khipu only navigates through known web addresses that have been previously configured for each of the banks with which Khipu operates, in order to ensure that the procedure is carried out correctly, preventing individuals or malicious software from diverting data. When the user activates the Khipu payment terminal to process a payment, the first step is to download from the Khipu server the navigation path corresponding to the bank to be used, thereby ensuring that the procedure is carried out correctly. This configuration is implemented by Khipu's engineering staff: the user does not have access to an interface that allows the Khipu payment terminal to navigate to an address other than one of those that are configured.
Additionally, the system is prepared to manage the possibility that the payment terminal encounters a page that it cannot recognize or for which it does not have a configured action. In this situation, the system sends that page, along with other data from the user's navigation, excluding their passwords, to the Khipu server. This initiates a reconfiguration process of the navigation path of the bank that the user was using to pay. Only to configure and maintain navigation paths, Khipu may receive and store pages from a bank that users have reached under conditions not configured in the system. This occurs in less than 1% of cases. The data from these pages is not used to conduct campaigns or any other type of analysis other than maintaining properly configured navigation paths for the banks.
Password and private data management
Khipu does not store users' credentials and protects them with the utmost diligence during the payment process. The privacy of users' banking credentials (i.e., their keys and secondary keys) is always maintained within the private domain of each user. Khipu does not store any password of any user to access a bank account or to make any transfer. Credentials are sent directly from the payment terminal to the bank's website when using Khipu Inside and go through a microservice of Khipu when using Khipu Web. When using Khipu Web, the credentials are sent to Khipu's microservice through an encrypted session with https (TLS 1.3) and an additional end-to-end encryption using x25519-xsalsa20-poly1305. The data is decrypted by the microservice that runs on a segregated network segment and is never stored on a persistent medium, such as a database, filesystem, message queue, or otherwise. From Khipu's microservice, this data is sent to the server of the financial institution using the security mechanisms defined by them, usually https (TLS 1.2 or higher).
Additionally, Khipu keeps all personal information of its users under absolute confidentiality, except for information related to collection operations, which is communicated to the recipient specified by the collector, becoming public in the event the collection is generic or has a public use payment link. Users, for their part, are responsible for keeping all of their passwords secret. It is important to note that Khipu has no responsibility for any interference from trojans, spyware, or malicious software that a user may have on their devices. Additionally, payment terminals allow the user to save their credentials, for which the user's device security mechanism is used, locally storing that information and only allowing access to it through the security mechanism defined for that device (pattern, fingerprint, pin, faceId, etc.).
Verification of operations
Khipu performs a meticulous check of each completed transaction. This verification occurs in the destination account of the transfer and, after being confirmed, a payment receipt is generated in PDF format with a digital signature. Additionally, registered users of Khipu have the option to obtain and save their receipts after logging into the Khipu website.
The collector's identity is secured.
Unlike how traditional electronic transfers operate, where only a RUT is validated against a bank account number, Khipu always knows with certainty the identity of who the recipient of the funds is, avoiding fraud through identity theft. A payee user will always be registered with Khipu, and their identity cannot be edited or modified: all their data is provided by the bank at the time of registering the current account that receives the funds. The use of trade names for a business is accepted, subject to a written request from the payee, which is also reviewed on a case-by-case basis by Khipu's operations area.
There are Payment Service Providers (PSP) that include Khipu among their payment options; in these cases, Khipu knows the identity of the PSP but not of the final merchant of the transaction.
Legal protection
From a legal point of view, the paying user gives a mandate to Khipu. This means that Khipu's legal representatives have criminal responsibility towards the payer, meaning that users are protected by the highest level of liability possible in Chile.
External security audit (monthly)
Every month an external security company conducts a data traffic analysis of the payment terminals on Android and iOS to validate the transmitted information and the connections made.
Comparative security
If we compare the security features of Khipu with the various alternatives available in Chile for payment, it is relevant to highlight the following aspects.
First, Khipu online payment is more secure than other options because:
It is a web browser for a specific purpose, meaning that it is designed and developed for a unique and specific goal: banking transactions.
It knows the correct web addresses of each page of each authorized bank, which reduces the possibility of errors and minimizes the risk of scams and phishing.
It provides electronically signed payment receipts.
It operates with legal mandates for both the payer and the receiver.
It uses double HSTS encryption and an extended validation certificate.
Second, in-person payments with Khipu are more secure than other options because:
It uses dynamic security elements (second passwords, digipass, or coordinates from a matrix card), while in-person payment methods only use passwords and other fixed data – such as the same bank card, which have a high risk of being cloned; and once copied, they can be reused for other in-person payments and even to withdraw funds from ATMs; in addition to all the points of online payment.
Phishing protection
Khipu protects users against phishing, which is currently the largest threat of fraud on the Internet. These frauds involve deceiving people and stealing their security data. By using the Khipu payment terminal, users are protected against this type of fraud because Khipu knows and uses the correct address of each configured bank.
This security feature is unique to Khipu; it should be noted that the alternative of a general-purpose browser (such as Internet Explorer, Google Chrome, or Safari) makes it impossible to restrict the addresses of bank pages and limit browsing only to these addresses because those browsers must allow navigation to any page.
However, it is possible to trick a user into installing a fake Khipu or using a website that does not correspond to Khipu Web, so the payment terminal should always be installed from one of the official sources or the payment initiated from a trusted merchant.
Additionally, another security threat to be aware of is Trojans. These are malicious programs that trick users into stealing their confidential information.