Security
Learn how we keep your documents safe with modern, state-of-the-art security implementations.
Profile verification
Only correctly verified accounts can create and sign contracts. The verification process consists of two factors: Verification of the email address through unique links issued by email. And verification of phone through secure one-time passwords sent by text message.
Secure digital signature
We offer an advanced two-factor signature that applies a unique token issued in an email and a secure one-time password sent via SMS. Advanced electronic signatures like ours are uniquely linked to, and capable of, identifying the signatory. They are also linked to documents in a way that any subsequent change of the data is detectable. We also offer official national signatures for some countries.
Read more about digital signatureTechnical measures
Secure SSL connection
We use bank-like SSL encryption for our SSL connection - SHA-256 with RSA Encryption. It helps to prevent from stealing a user's credentials and supports man-in-the-middle attacks where an attacker can sniff all the data that is being sent.
Tested and certified
We are compliant with the SOC2 auditing procedure that ensures that we manage data and networks securely and in the interest of our users. This technical audit provides valuable insights into our organization’s risks and security posture, vendor management, internal controls governance, regulatory oversight, and more.
Encrypted storage
Passwords and verification tokens are stored encrypted, using modern and state-of-the-art solutions, including the BCrypt key derivation function. We do not store plain data, but use cryptographic one-way hash functions.
Penetration testing
We are undergoing blackbox penetration tests regularly to assess risk posture and to identify security issues. It covers the security of the platform, the functionality of our application and the vulnerability of its business logic.
