Security deep dive

How digi.me manages not to touch, hold or see data

img certificate

ISO27001 Information Security Management Standard

Digi.me is ISO27001 accreditited which means our processes and systems meet the rigorous Government standards and are reassessed every year.

img certificate
Authentication

Authentication

 User private key is generated on device only and not stored anywhere

 High entropy key derivation functions limit brute force attack viability

 Multiple devices may be enrolled for easy recovery

Encryption

Encryption

 Asymmetric and symmetric encryption are used to protect the account and data

 High integrity password vaults encrypted with market proven RSA function library, implemented as FIPS compliant 2048-bit, with OAEP padding

 File encryption via AES-256 by default with optional AES-128 for low-power devices

Encryption
API integrity

API integrity

 APIs exposed to public internet access are secured via strict SSL connection requirements, firewall rules, certificate pinning and Swagger API definitions

 Transactional design limits potential for denial of service, spoofing and fuzzing attacks

Cloud processing integrity

Cloud processing integrity

 All cloud processing is context-free and requires data access credentials from an authenticated user app via a secure connection request

 Personal data is never stored on any discs and all processing threads are destroyed when complete

Cloud processing integrity

Download our security presentation