Introduction
Envisso provides merchant risk management solutions to payment service providers. We do this by integrating our solution with our clients using a secure data environment that guarantees controlled access to systems, processes and personnel using industry standard security principles and control procedures.Overview of Security Controls
- Secure file transfer follows industry standard security processes and uses encryption both at rest and in transit.
- Audit trails are enabled to track authentication, authorisation and usage of file transfers into the system.
- Data entitlement: We follow the principle of least privilege, which is realised by defining role hierarchies where each role segregates what data is entitled to a user.
Envisso Network Environment
The Envisso platform is a cloud native solution which utilises the elastic nature of the cloud to scale out as our clients’ demands increase. The diagram below illustrates the network interaction between our clients and the Envisso platform.
Data Sharing Protocol
Envisso uses industry standard solutions used by large financial institutions to ensure security and reliability of the data. We support SFTP (secure file transfer protocol) as the mechanism to receive data into our platform. In order for a client to send data using our SFTP servers, we need to set up an account for our clients on our SFTP server. There are 4 steps to set up this process:1) Set up a public key
SFTP uses a secure connection protocol using a public key cryptography mechanism to secure the channel. In order for you to use this mechanism you will first need to set up a public/private key pair for your account. Below are instructions on how to do this using thessh-keygen utility.
- Generate an RSA or ED25519 based key pair:
- For an RSA key use:
ssh-keygen -t rsa -b 4096 -C "your_email@example.com" - For an ED25519 key use:
ssh-keygen -t ed25519 -C "your_email@example.com"
- For an RSA key use:
- Once this key pair is generated, share your public key with Envisso.
- The private key needs to be retained on the machine connecting to Envisso’s SFTP account.
2) Send public key and IP address(es)
Once the key pair has been generated, share the following with Envisso:- Public key.
- IP Address(es) the system will be using to connect to the Envisso SFTP account.
3) Receive credentials (username)
The Envisso Support Team will respond to the email containing public key and IP address(es) within 1 business day. The response email will contain your username for accessing the Envisso SFTP server.4) Connect to our server
Once your public key has been added into Envisso’s system, you can access the SFTP using the following credentials:- Username: sent via email
- Host / Server:
sftp.envisso.com - Port: 22 (default)
3.1.250.9318.136.139.249
Setting up a pipeline
- Automated data upload — Using a scheduler, set up a periodic job to upload the file using an SFTP utility. An example setup:
- Scheduler: cron or autosys
- Transfer utility: SFTP on Linux
- Manual data upload — Connect to the server using an SFTP client. Examples:
- FileZilla on Windows
- SFTP on Linux, or Cyberduck
- SFTP on Mac
Troubleshooting
If you are facing issues, follow the preliminary checklist below:- Verify your public-facing IP address(es) match the one(s) shared with Envisso.
- Verify you or the system is using the right private key and the right algorithm (RSA-4096 or ED25519).
- Verify you are using the username shared by Envisso over email while initiating the connection.