Security & Compliance
Enterprise-grade security built into every layer
Data Encryption
All data is encrypted both at rest and in transit using industry-standard encryption protocols.
- ✓TLS 1.3 for data in transit
- ✓AES-256 encryption for data at rest
- ✓Encrypted database backups
- ✓Secure key management using AWS KMS
OAuth 2.0 Security
Our OAuth implementation follows industry best practices and security standards.
- ✓PKCE (Proof Key for Code Exchange) support
- ✓Short-lived authorization codes (10 minutes)
- ✓Rotating refresh tokens
- ✓Granular scopes and permissions
Infrastructure Security
- ✓Cloud infrastructure hosted on AWS with SOC 2 compliance
- ✓Regular security audits and penetration testing
- ✓24/7 infrastructure monitoring and logging
- ✓DDoS protection and rate limiting
- ✓Automated backups with point-in-time recovery
Compliance
GDPR Compliant
Full compliance with EU General Data Protection Regulation including data portability and right to be forgotten.
KYC/AML Standards
Identity verification processes meet global KYC and AML regulatory requirements.
OAuth 2.0 Certified
Implementation follows OAuth 2.0 and OpenID Connect specifications.
Data Residency
Data residency options available to meet regional compliance requirements.
Incident Response
We maintain a comprehensive incident response plan to quickly address any security concerns.
- ✓24/7 security operations center
- ✓Automated threat detection and response
- ✓Transparent communication during incidents
- ✓Post-incident analysis and remediation
Responsible Disclosure
We welcome reports from security researchers. If you discover a security vulnerability, please report it to security@unboarder.com.
We commit to acknowledging reports within 24 hours and providing updates on remediation efforts.