Security
Enterprise-grade security with zero-knowledge encryption
Server-Side Encryption
All sensitive data is encrypted at rest using a unique key per user, ensuring isolation across all accounts and operations.
AES-256-GCM Encryption
Industry-standard encryption using AES-256-GCM with 256-bit keys.
Per-User Key Isolation
Every user gets a dedicated encryption key. Data encrypted under one key cannot be accessed or decrypted by any other user. Isolation is enforced at the encryption level.
AES-KW Key Wrapping
Each user's encryption key (DEK) is wrapped using AES Key Wrap before being stored. This ensures that raw encryption keys are never persisted in plaintext.
Password Storage
Passwords are encrypted and stored in sessionStorage, cleared when tab closes.
Rate Limiting
Tier-based rate limiting to prevent abuse (Free: 10/min, Pro: 100/min, Agency: 1000/min).
Row Level Security (RLS)
Database-level security ensuring users can only access their own data.
HTTPS In-Transit Encryption
All data transmission is encrypted using HTTPS.
Security Best Practices
Following industry best practices for secure data handling and encryption.