4

The application we are building needs to store people's SSN. We already protect them using HTTPS in transit and in storage using DynamoDB's in-built encryption. The question is, how to protect it in a web page once arrived in a user's browser?

Example: There are two types of users who can access a person's SSN. The owner of the SSN and the administrators so the page which have the SSN is already protected using an app wide authentication. My question is, what else should we do? Ask the user to enter the password in that specific page again? Anything else we can do?

THpubs
  • 7,804
  • 16
  • 68
  • 143
  • What are you even trying to protect from? The user? – user2357112 Sep 24 '21 at 11:27
  • To answer the question in the title, you display just the last 4 digits. That's enough for verification. To answer your specific circumstance, which administrators have access to a person's SSN? Payroll, sure. They need the numbers for tax withholding filings. Personnel, sure. They need to submit IRS paperwork. I can't think of anyone else in an organization that needs access to SSNs. – Gilbert Le Blanc Sep 24 '21 at 11:28

1 Answers1

2
  1. Prevent the browser from storing the value in cache by using the right headers:
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Cache-Control: post-check=0, pre-check=0
Pragma: no-cache

  1. Don't cache the value on your own like don't use local storage.

  2. Prevent XSS attacks on your application. And any other types of attacks that may reveal the data over injection from the server... I know, this goes deep. But the attack surface of typical applications is huge. Client-side injections, server-side injections, remote code execution, stupid business logic issues, logging. All this may reveal your SSNs to third parties. You need to comply with much more than just the client side to make sure your SSNs do not leak. Feel free to look into OWASP ASVS to see how big the list can get.

Marek Puchalski
  • 3,286
  • 2
  • 26
  • 35