The government's restrictions on activities during the Covid-19 pandemic resulted in the closure of numerous activities. This has resulted in the closure of numerous businesses, particularly small and medium-sized enterprises, as a result of a lack of customers. Therefore, a new invention was developed in the field of Entrepreneurial Lockers that enables transactions to be conducted without the need for face-to-face interaction and without the use of cash. This innovation entails the development of a website that serves as a digital ordering and payment system. In order to ensure that users feel secure while using the website, it is imperative to assess the website's data security to prevent the occurrence of any unintended events. The OWASP method is employed in this investigation to assess the security of the IoT-based entrepreneurial storage system in order to identify critical security vulnerabilities. The findings indicate that the system has satisfied numerous security standards; however, it necessitates improvement in the areas of access control, framework updates, and logging. This investigation offers suggestions for enhancing the security of data in IoT-based systems.

Kominfo, “Mulai 3 Juli, Pemerintah Berlakukan PPKM Darurat di Jawa-Bali.” Accessed: Dec. 28, 2022. [Online].

Hidayatullah Muttaqin, “Pentingnya Inovasi di Tengah Langkah Berat Perekonomian Indonesia pada Masa Pandemi Covid-19.” Accessed: Dec. 28, 2022. [Online].

Pamungkas Ashadi, “Meriahkan Hardiknas, Nusaputera Semarang Launching Loker Siega Autobox Digital,” Suara Merdeka, 2023. Accessed: May 30, 2024. [Online].

Yulius Bisma Cahyaprawira, Andre Kurniawan Pamudji, Tecla Brenda Chandrawati, and Erdhi Widyarto Nugroho, “Internet of Things-Based Entrepreneurship Lockers,” Journal Business and Technology, vol. 2, no. 3, 2022, Accessed: Apr. 27, 2024. [Online].

F. H. P. B. H. A. D. W. Victorio Almers Chrisetya Putra, “Financial Technology with QRIS Payment System for Entrepreneurship Locker,” Sisforma, vol. 10, no. 1, 2023.

Abbas Shah Syed, Daniel Sierra-Sosa, Anup Kumar, and Adel Elmaghraby, “IoT in Smart Cities: A Survey of Technologies, Practices and Challenges,” Smart Cities, Mar. 2021, Accessed: Apr. 30, 2023. [Online].

Denny Tenggino and Tuga Mauritsius, “Evaluation of Factors Affecting Intention To Use QRIS Payment Transaction,” ICIC Express Letters, vol. 16, no. 4, pp. 343–349, Apr. 2022, Accessed: Dec. 28, 2022. [Online].

Bank Indonesia, “QRIS,” Bank Indonesia, 2024.

Stephani Inggrit Inggrit Swastini Dewi, Andre Kurniawan Pamudji, and Agustina Alam Anggitasari, “Business Model Canvas for SIEGA Autobox Automated Locker,” SISFORMAA, vol. 11, no. 1, 2024.

Muhammad Idris, Iwan Syarif, and Idris Winarno, “Web Application Security Education Platform Based on OWASP API Security Project,” International Journal of Engineering Technology, vol. 10, no. 2, 2022.

Matthew Bach-Nutman, “Understanding The Top 10 OWASP Vulnerabilities,” ArXiv, 2020.

Dewi Aryanti, Nurholis, and Joy Nashar Utamajaya, “Analisis Kerentanan Keamanan Website Menggunakan Metode Owasp (Open Web Application Security Project) Pada Dinas Tenaga Kerja,” Syntax Fusion, vol. 1, no. 3, 2021.

Muhammad Idris, Iwan Syarif, and Idris Winarno, “Development of Vulnerable Web Application Based on OWASP API Security Risks,” in 2021 International Electronics Symposium (IES), 2021.

K. A. Sedek, N. Osman, M. N. Osman, and Hj. K. Jusoff, “Developing a Secure Web Application Using OWASP Guidelines,” Computer and Information Science, vol. 2, no. 4, Oct. 2009, doi: 10.5539/cis.v2n4p137.

OWASP Foundation, “OWASP Top Ten Web Application Security Risks 2021,” 2021.