Security is in our DNA
Built by Hackers to make sure we keep you ahead of Hackers. Following Industry best practices along with 'out-of-box' security mechanisms help us to secure your data like never before.
Embrace the blockchain revolution
Blockchain is now being adopted by top banks, governments and organisations across the world. Primeauth is presumably the first authentication provider that leverages blockchain to serve clients in a better way.
Blockchain was built with Confidentiality as the core principle. With a 'permission-based' blockchain network in place and hashing of data before storing makes sure that confidentiality is satisfied.
By architecture, Blockchain is an immutable form of storage meaning once written data items can't be modified. This makes sure that the data integrity is maintained. Also we use many other ways to maintain Integrity.
Primeauth uses Industry standard Cryptographic algorithms without storing any private keys on Primeauth's servers. This will make sure only the person who is the real owner to access the data.
Content Security Policy
Primeauth has implemented Content Security Policy. Content Security Policy (CSP) is an added layer of security that helps to detect and mitigate certain types of attacks, including Cross Site Scripting (XSS) and data injection attacks.
Secure Socket Layer
SSL is a standard security protocol for establishing encrypted links between a web server and a browser in an online communication.The usage of SSL ensures that all data transmitted between the server and browser remains encrypted.
Primeauth leverages Industry standard algorithm. RSA is an algorithm used by modern computers to encrypt and decrypt messages. It is an asymmetric cryptographic algorithm. Asymmetric means that there are two different keys.
Built by Hackers
Primeauth team was co-founded by Hackers with over 7 years of experience in the field of Information Security. This ensures security is given priority.
Built on battle tested technologies
Primeauth was built using Ruby on Rails as a backend and some other open source technologies which are well maintained and regularly updated.
Secure Development Life cycle
Primeauth's development process contains security testing as one of the step and we make sure we deliver the deliverables of the step with utmost quality.
Once the design for the new feature or product is done we make sure we do a through analysis of the entire design from a security angle. This will make sure any architectural or design oriented flaws are corrected even before coding phase.
In this process of coding, we make sure we use static code analysers and eliminate flaws that originate from flawed code. This step also contains eliminating insecure and outdated libraries which might cause security issues.
This phase consists of In-house security team testing for security issues. Also, the inputs from the hacker community through a responsible disclosure program are taken into consideration and patches are pushed into production.
Deploying onto Production
Security in the production environment is the most important phase in the SDLC. In this we regularly update/setup Application level firewalls, Intrusion Detection System, Intrusion Prevention System and other components of the Server Security.
Found a bug? Let us know.
Nothing is perfect. Help us in building a merely perfect solution and Together we can create a secure Internet.
" Hacker is any skilled computer expert that uses their technical knowledge to overcome a problem "
How to report?
Please make sure that the report contains as much technical details as possible. This will ensure faster bug fixing process. This will help us to process security reports faster.
What to expect?
Expect a response upon reporting the security issue. We will reward with an entry into our wall-of-fame and a certificate certifying the receipt of the report.
What we expect?
We expect you to be ethical in the entire process without giving out Information. Give us 90 days and if we don't respond, tell the world about it. You can blog once it's fixed.
Report a security issue
Thanks for making a positive move towards helping us build a flawless product. Fill the form below to report the security issue.