Trust and security go hand-in-hand. That’s why security is critical to the ivault platform.
From making sure everyone is who they say they are, to ensuring private activities stay that way, we’ve designed ivault’s security on our belief that nothing is more precious than our users’ trust. Because trust is essential to a thriving community and sharing economy.
Complying with consumer protection standards is just the start. Our platform incorporates industry-leading features to maximize our users’ security and minimize the risk of data theft or manipulation.
Our security measures include:
Enforcing KYC checks so every user is authenticated
Adhering to AML measures to tackle illicit funds
Full compliance with OWASP standards
Providing non-custodial wallets for users – because with ivault, data isn’t treated as a commodity to be bought and sold.
Your Vault is your safe place for your belongings. Everything which is stored in the vault stays private until you decide to publish something.
The non-custodial wallet ensures that your details are yours to keep. The only person who can access everything you got in your Vault is you – we do not store private keys.
ivault never shares personal data and information, unless required by law.
ivault balances complete privacy with seamless, safe communication and interaction.
This starts with user profiles. After they’re KYC-cleared, users can have an avatar or nickname to stay private.
Users can keep their personal information private when using the app. They don’t need to use their name, share their phone number or give their address when borrowing or renting – just agree on a meeting point instead.
KYC ensures that we can share a user’s identity when it’s absolutely necessary. Trust is a two-way street and the ivault app offers the perfect mix between privacy and accountability.
We enforce KYC because it:
Safeguards our users and their information from fraud
Ensures everyone’s identities are real and their assets are secure
Stops those involved in illegal activities from joining our community
Protects the integrity and reputation of ivault while minimizing operational and legal risks.
ivault adds another layer of security by adhering to AML procedures. This stops our platform from being used for money laundering or financing illegal activities. It’s essential to our mission of creating a sustainable community where fairness comes first.
We’ve built our app’s security from the ground up following the industry standards of OWASP (Open Web Application Security Project). They act as a seal of trust, instilling confidence and ensuring a safe, seamless user experience. ivault users also have complete control over their assets and data through a non-custodial wallet. Together, this guarantees maximum security for our users and shows our commitment to protecting each and every one of them.
How ivault follows OWASP standards:
Cryptographic standards secure user data – including private keys for non-custodial wallets – so it can’t be read or manipulated if intercepted.
Insecure Direct Object References (IDOR) prevention validates, filters and cleans all data inputs to prevent unauthorized access of user wallets and other resources.
Secure authentication and session management prevents unauthorized access.
Cross-Site Scripting (XSS) and injection attacks protection validates and cleans all data inputs and outputs to prevent attacks, such as stealing user keys or other sensitive information.
Secure and up-to-date configuration of our servers, databases, and other systems minimize the risk of a security breach.
Regular vulnerability checks and updates of our third-party libraries, frameworks, and components mitigate any potential security risks.
Avoiding unnecessary redirects and forwards – or validating them – helps to prevent phishing attacks.
We also have extra security measures for our non-custodial wallets:
Secure key storage: Users’ private keys are encrypted and securely stored on their device – not on our servers.
Biometric authentication: Optional fingerprint or face recognition or accessing the wallet.
Backup and recovery: Users can recover their assets if they lose access to their device.