Security

Security is Not a Feature —
It's a Foundation

We take the security of your account, your data, and our infrastructure seriously. Here's a transparent look at how we keep VerifyN secure.

TLS 1.2+ Encryption
Active
AES-256 Data at Rest
Active
WAF & DDoS Protection
Active
Regular Penetration Testing
Quarterly
99.9% Uptime SLA
Active
24/7 Security Monitoring
Active
Platform Security

How We Protect the Platform

Multiple overlapping layers of security protect your data and keep VerifyN reliable.

Encryption in Transit & at Rest

All data transmitted between your browser and our servers is encrypted using TLS 1.2 or higher. Sensitive data stored in our databases is encrypted at rest using AES-256 encryption.

Secure Credential Storage

Passwords are never stored in plaintext. We use bcrypt with a high work factor to hash and salt all passwords. API keys are hashed before storage using HMAC-SHA256.

Infrastructure Security

Our infrastructure runs on AWS with strict network segmentation, private VPCs, and security groups that limit access to only what's necessary. All systems are monitored 24/7.

Access Controls

Role-based access controls (RBAC) limit internal access to user data on a need-to-know basis. All internal access is logged and audited. Production access requires multi-factor authentication.

DDoS Protection

We use Cloudflare for DDoS mitigation, WAF protection, and rate limiting. Our infrastructure is designed to withstand and automatically recover from denial-of-service attacks.

Intrusion Detection

We operate real-time intrusion detection systems that alert our security team to anomalous patterns. Automated responses can isolate suspicious activity before human review.

Your Account

Protect Your Account

Security is a shared responsibility. Here are the steps we recommend every VerifyN user take to keep their account secure.

Use a Strong, Unique Password

Your VerifyN password should be at least 12 characters and unique — not reused from any other service. Consider using a password manager to generate and store it.

Enable Two-Factor Authentication

We strongly recommend enabling 2FA on your account via your Profile settings. This adds a second layer of protection even if your password is compromised.

Protect Your API Keys

Treat your API keys like passwords. Never commit them to public repositories, expose them in client-side code, or share them. Rotate keys immediately if you suspect exposure.

Monitor Your Wallet Activity

Review your transaction history regularly. If you notice any unexpected charges or usage, contact our support team immediately.

Beware of Phishing

We will never ask for your password via email or live chat. Emails from VerifyN will always come from @verifyn.online domains. Check sender addresses carefully.

Incident Response

If we detect a security incident that affects your data, we will notify you promptly by email and via the platform. We maintain an incident response plan and conduct post-incident reviews to prevent recurrence.

For security concerns or suspected incidents with your account, contact us immediately at security@verifyn.online.

Data Residency

Our primary infrastructure runs in AWS regions. Enterprise customers can request data residency in specific regions upon request. All data transfers comply with applicable data protection regulations.

Responsible Disclosure

We welcome reports from security researchers. If you discover a vulnerability in our platform, please disclose it responsibly by emailing us at security@verifyn.online.

  • Please do not access or modify user data beyond what is necessary to demonstrate the vulnerability
  • Do not perform automated scanning that may degrade service
  • Give us reasonable time to investigate and patch before public disclosure
  • We review all reports and will acknowledge receipt within 48 hours

Have a Security Concern?

Report a vulnerability, ask about our security practices, or reach out about enterprise security requirements.