The latest version of Book Report connects to your KDP Account with a browser extension. This page describes how it works from a security perspective.
Your Amazon Password
Book Report never knows your Amazon password. Our code makes no attempt to learn, track, or save your password. The security risk that would comes with us storing Amazon passwords would be too great for most of our users.
How Amazon Authentication Works
To explain how Book Report works, I need to explain a bit about how Amazon's authentication works. When you browse to something that you need to be logged in for, here's what happens:
- You are shown a sign in page, where you enter your email and password.
- If your password wasn't correct, you are shown an error message.
- If your password was correct, your browser is given temporary access tokens in the form of cookies.
Once you are logged in, you can access everything without reentering your password. That is because your browser sends those access tokens with every subsequent request to Amazon, which Amazon's servers can confirm as legitimate.
How Book Report's Browser Extension Works
Book Report's browser extension watches the cookies you have for the kdp.amazon.com domain. When it sees you have a new set of access tokens, those tokens are securely submitted to and stored on our servers. Then when you need the latest data in Book Report, we make data requests to Amazon's servers that include those tokens. Amazon confirms the tokens are valid and sends the data you need to our servers to be processed and displayed.
Benefits Over a Password-Based Approach
Our databases are secured to the fullest extent possible, so we do not anticipate the access tokens we store ever falling into the wrong hands. But when it comes to security, it makes sense to consider the worst case possible.
If Book Report's servers are ever compromised, the fact that we're storing access tokens instead of passwords will be a huge positive on an otherwise horrible day.
Here are the reasons we chose access tokens over asking for your password:
- Access tokens decay. Have you ever been signed into KDP, then tried to access a certain page and been asked to sign in again? This occurs because of access token decay. Access tokens will let you check sales reports for a full week, but if you try to change your tax information with week-old tokens, they won't work. If your access tokens fall into the wrong hands, it's likely they will have aged enough that they can't be used to cause serious damage.
- Access tokens can be destroyed. When you sign out of your Amazon account, two things happen: Your browser deletes its copy of your tokens, and Amazon marks those tokens as invalid. If there is ever any evidence of a breach, Book Report will tell Amazon's servers to invalidate all the access tokens we have stored. This will render any stolen tokens useless, and it means you won't ever receive a panicked email from us asking you to change your password ASAP.
- Access tokens are never reused. Answer honestly: Do you use your Amazon password for any other services? In computer security, we use the term "blast radius". If a password is compromised, the blast radius is every service you use that password for. If you reuse the password for your email, then the blast radius also includes every service that you've signed up for using that email, because of password reset forms. For a lot of people, the blast radius of their password leaking would essentially be their entire digital life. The blast radius of access tokens leaking is limited to Amazon, and it's further limited by token decay, and it can be shut down quickly.
- Access tokens are less valuable. A database full of passwords for successful publishing businesses would be a high-value target for a potential hacker. Because of the three points above, our database would be worth much less. The potential payoff for breaking into a database full of passwords would be so high that a hacker may spend many months and thousands of dollars trying to break in. Our servers could withstand an attack like that without leaking anything, but because of what we're storing it's unlikely they'll ever have to.
Conclusion
This system lets Book Report access your sales data in an incredibly secure fashion. Our servers are locked-down as ever, but the unlikely scenario of someone breaking in has been thoroughly considered so that the damage would be minimized.