Skip to content

Responsible Vulnerability Disclosure

DTS is committed to protecting our customers, our systems, and the data entrusted to us. If you believe you have discovered a security vulnerability in a DTS product, service, or system, we encourage you to report it so we can investigate and address it responsibly.

How to Report a Vulnerability

Please report suspected security vulnerabilities by email with: help@dtsconnex.com

Please use the subject line so it is handled correctly: Responsible Vulnerability Disclosure

What to Include

When submitting a report, please include:

  • A clear description of the issue and the affected product or service

  • Steps to reproduce the issue (proof-of-concept details are helpful)

  • Any relevant logs, screenshots, or timestamps, if available

  • Whether the issue is publicly known or actively being exploited, if known

  • Contact information so we can follow up with questions

If you would like to encrypt your report, please contact us and we will coordinate a secure method for exchanging sensitive details.

Scope

In Scope

  • DTS-owned applications, services, and systems used to deliver DTS products

Out of Scope

  • Third-party services not controlled by DTS

  • Social engineering of DTS personnel

  • Physical security testing

  • Denial-of-service (DoS) testing

  • Issues requiring unlikely user interaction or non-standard configurations

Guidelines for Responsible Testing

We ask that researchers:

  • Make a good-faith effort to avoid privacy violations, data destruction, or service disruption

  • Do not access, modify, or exfiltrate data beyond what is necessary to demonstrate the vulnerability

  • Do not use vulnerabilities to compromise systems or accounts

  • Stop testing and report promptly if sensitive data is encountered

Our Commitment

DTS commits to the following:

  • We will acknowledge receipt of vulnerability reports and may request additional information

  • We will investigate reports and take appropriate remediation actions based on risk and impact

  • We will treat reports confidentially to the extent possible and consistent with our obligations

  • We will not pursue legal action against individuals who report vulnerabilities in good faith and in accordance with this policy

Disclosure

We ask that you provide DTS a reasonable opportunity to investigate and remediate vulnerabilities prior to public disclosure. If you intend to publish details of a vulnerability, please coordinate with us in advance.

 Connect your stores, your banks, your devices. 

Talk to our team about connecting your stores, your banks, and your devices on one platform. Most enterprise deployments are live in under 90 days. 

Book a Demo
Talk to sales
separator-line