Security

• PCI DSS compliance
• SSL / TLS certificate
  • TLS certificate for your domain on your server
  • Dalenys’s TLS certificate authority
• Public Dalenys IP ranges to be authorized to contact your platform
  • Sandbox
  • Production

PCI DSS compliance

Dalenys Payment (formerly Rentabiliweb Europe) is PCI DSS (Payment Card Industry Data Security Standard) Level 1 Service Provider certified. It is the highest level of requirement in terms of security for banking data processing.

SSL / TLS certificate

All HTTP exchanges with the Dalenys platform should be secured with TLS.

The recommended TLS version is the 1.2.

warning

We plan to disable the support of TLS1.0 and TSL1.1 in the upcoming months in response to the doubts concerning the level of security of these versions.

Here is a PHP code sample for configuring your curl client to force TLS1.2 HTTPS requests:

<?php

$ch = curl_init($url);

// ...

curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);

// This line force TLS1.2 protocol
curl_setopt($ch, CURLOPT_SSLVERSION, CURL_SSLVERSION_TLSv1_2);

$data = curl_exec($ch);

curl_close($ch);

// ...

TLS certificate for your domain on your server

If you want to use external elements on your payment form (links, images, CSS, scripts, etc.) or if you want your exchanges with your cms to benefit from optimal security conditions, you must own a TLS certificate on your servers.

In terms of security, it is a highly recommended prerequisite. Be prepared : Depending on the certification authority and the certificate type you are ordering, the whole process may take up to several weeks. The following websites offer interesting deals:

• http://www.godaddy.com/
• http://www.verisign.com/
• http://www.thawte.com/
• http://www.comodo.com/

Dalenys’s TLS certificate authority

The Dalenys platform uses a TLS certificate with an extended validation allowing a higher than 256-bit SSL encryption.

99% of the web browsers recognize these certificates and display a “green” address bar along with a padlock when you reach the Dalenys platform. These are authenticity and security symbols.

Reference: https://www.digicert.com/ev-ssl-certification

If the certification authority of Daleny’s TLS certificate is not installed on your server, you must download and add the following files to your server configuration:

• DigiCert SHA2 Extended Validation Server CA
• DigiCert High Assurance EV Root CA
• DigiCert SHA2 Secure Server CA
• DigiCert Global Root CA

Public Dalenys IP ranges to be authorized to contact your platform

Sandbox

80.70.210.32/27 that being:
HostMin: 80.70.210.33
HostMax: 80.70.210.62

34.155.95.118/27 that being:
HostMin: 34.155.95.97
HostMax: 34.155.95.126

34.155.8.233/27 that being:
HostMin: 34.155.8.225
HostMax: 34.155.8.254

Production

80.70.210.64/27 that being:
HostMin: 80.70.210.65
HostMax: 80.70.210.94

80.70.213.64/27 that being:
HostMin: 80.70.213.65
HostMax: 80.70.213.94