Developers moving to the upcoming paid version of Google Translate need to follow the documentation so their implementation of the package doesn’t lead them to paying for someone else’s use of the platform.In its current form, if it’s running on the same server as the chat program it’s translating for, Google Translate exposes to public view the customer identification code associated with a particular user.MASSIVE: Hackers launch millions of Java exploits, says MicrosoftProxying the translator to another server hides the API that exposes the code and solves the problem, Google says in its documentation. Developers at unified communications vendor IceWarp, which integrates Google Translate into its UC product, discovered the problem while working on its own implementation and put out a warning.If the customer code is left exposed it can be copied and placed in another instance of Google Translate, meaning that the customer whose code was stolen will receive the bill for the customer who reuses it, says IceWarp. At the moment the problem doesn’t make any difference because Google doesn’t charge for use of Google Translate, says Ladislav Goc , IceWarp’s president.But come January, Google says it will charge licensees based on how many characters it translates. Then, if the proxying option isn’t used, customers run the risk of being hacked and billed for other licensees’ use, Goc saysGoogle points to its documentation that says developers can restrict their API keys to a white list. “As a best practice for security, we recommend that developers proxy the API requests through their own server to keep their key private,” a spokesman for Google says.Goc says IceWarp’s implementation will be done on an accompanying server, not the Web server hosting the chat page. That means the raw code is blocked from public view, he says.Read more about wide area network in Network World’s Wide Area Network section. Related content brandpost How an integrated platform approach improves OT security By Richard Springer Sep 26, 2023 5 mins Security news Teachers urged to enter schoolgirls into UK’s flagship cybersecurity contest CyberFirst Girls aims to introduce girls to cybersecurity, increase diversity, and address the much-maligned skills shortage in the sector. By Michael Hill Sep 26, 2023 4 mins Back to School Education Industry IT Training news CREST, IASME to deliver UK NCSC’s Cyber Incident Exercising scheme CIE scheme aims to help organisations find quality service providers that can advise and support them in practising cyber incident response plans. By Michael Hill Sep 26, 2023 3 mins IT Governance Frameworks Incident Response Data and Information Security news Baffle releases encryption solution to secure data for generative AI Solution uses the advanced encryption standard algorithm to encrypt sensitive data throughout the generative AI pipeline. By Michael Hill Sep 26, 2023 3 mins Encryption Generative AI Data and Information Security Podcasts Videos Resources Events SUBSCRIBE TO OUR NEWSLETTER From our editors straight to your inbox Get started by entering your email address below. Please enter a valid email address Subscribe