AnsweredAssumed Answered

HTTP and HTTPS webpages [REM CSDK Integration] Query

Question asked by hlaxmina on Jul 18, 2016
Latest reply on Jul 19, 2016 by robdoyle

Hello Team:

 

My customer is in the process of REMobile CSDK Integration with their Internet and Net Banking websites. The customer has a combination of HTTP and HTTPS based webpages as part of their website.

 

Customer’s landing home page is HTTP based [Prelogin page] and once end consumer tries to perform a financial transaction on the banking website, it redirects the consumer to a HTTPS based site for secure transactions.

 

As we know, our REM CSDK requires end to end HTTPS/SSL connection and it is becoming a challenge on how to overcome this situation.

 

Customer would like to initiate the REM Assist functionality both from Pre-Login [HTTP based] and Post-Login [HTTPS based] sites and once voice, video, expert assist session is established, they would like to perform co-browse functionality by sharing HTTP and HTTPS pages.

 

Any thoughts on how to overcome the HTTP problem? I tried to play on the Reverse Proxy, so that it takes HTTP as input and redirects the user to HTTPS, by making HTTPS connection to the REAS. However, what I see is REAS doesn’t honour these kind of request [which is not HTTPS end to end] and there is a security exception message thrown as seen in the logs.

 

As HTTPS becomes mandate for deployment of REM CSDK, it is creating discomfort to the bank as they are not ready to move their prelogin [HTTP] based site to HTTPS. I have provided an intermediate option, where “Connect Us” URL can be provided on the HTTP page and on click of this page it will lead to a HTTPS page which has “Video Assist” button.

 

I would like to know your expert comments and suggest any better ideas. Thanks and have a good day.

Outcomes