WARNING Affiliate Key doesn't provide account safety

[zpjet]

Be careful when switching your iPad from test to production - and make sure you removed (or never stored) the test account credentials from the device's keychain.

Our iPad had connectivity issues, and the app got logged out. It could also be that the receptionist tried to solve the connection by logging out and back in.

But because the production was protected by 2FA, he tried another stored credentials - and they worked, which made him happy as he could accept the payment, or he thought so.

We only realised this 42 payments and £8,500 later that we're "receiving" money to test account - so all integration worked, invoices were issued, emails sent, but customers' cards were not charged.

I would never think this is the case because I had one AK for test, and another for production.

I didn't even think of the test account as I assumed the payment link - which includes the AK - would fail to open the app and do the payment request on the Air reader.

I hope the developers will think about a way how to securely match the payment link and application. I believe the loss of money we’re potentially facing (or amount of extra work) was so easily avoided if the app logged into

• test account worked with test AK link only, and
• production account worked with production AK link only.

Regards,
Josef

PS: Yes, if you use your own app, you may use app_id, but in our case, we use Safari and web app where the app_id is always com.sumup.appswitch as discussed here.