Security deep dive

How digi.me enables access to more and better data with more privacy

img certificate

Standards and accreditations

Digi.me is ISO 27001, NEN 7510 and MedMij accredited which means our processes and systems meet the rigorous Government standards and are reassessed every year.

img certificate
Authentication

Authentication

User private key is generated on device only and not stored anywhere

High entropy key derivation functions limit brute force attack viability

Encryption

Encryption

Asymmetric and symmetric encryption are used to protect the account and data

High integrity password vaults encrypted with market proven RSA function library, implemented as FIPS compliant 2048-bit, with OAEP padding

File encryption via AES-256 by default with optional AES-128 for low-power devices

Encryption
API integrity

API integrity

 APIs exposed to public internet access are secured via strict SSL connection requirements, firewall rules, certificate pinning and Swagger API definitions

 Transactional design limits potential for denial of service, spoofing and fuzzing attacks

Cloud processing integrity

Cloud processing integrity

All cloud processing is context-free and requires data access credentials from an authenticated user app via a secure connection request

Cloud processing integrity
Enterprise solutions

Read our Executive Security Briefing; modern techniques in commercial data privacy platforms

Download our security presentation