Privowny is a privacy-centric company. We use our security expertise to serve data protection.
Security and Privacy First
The sheer number of accounts that anyone needs daily has been going up uncontrollably and remembering countless account credentials has become a major hurdle to protecting one’s online privacy.
As a result, most sensitive personal data is currently unsafe.
People tend to use weak passwords (“123456” and “password” continue to be the most commonly used passwords) to ensure they will remember them and often reuse the same password for multiple accounts. They may even write them down on paper or create documents on their computers to keep them organized. Unfortunately, personal/professional computers can be extremely unsafe. They have a lot of vulnerabilities when not updated regularly and are prone to hacking, viruses, and malware.
But, people who choose to entrust a third party with their data may incur other types of risks… Is that company reliable? What kind of security processes, protocols do they use?
Privowny doesn’t ask to be trusted blindly. Here's why you can trust us:
- We are secure and private by design
- We use military-grade cryptography
- A robust architecture is where it starts
At Privowny, privacy is not an after-thought, it is our first building block.
- Our technology is designed with a privacy-centric mindset that keeps us out of reach of our users’sensitive data. Nobody, not even Privowny’s senior employees, has access to the complete information necessary to decrypt any of the sensitive data Privowny is entrusted with.
- The encryption keys we generate for our users are stored in 2 different locations, one of which could very well be tranferred to a 3rd party location for additional security. Privowny doesn’t need to know where it is.
- All decryption and encryption are performed on the user’s machine for maximum security.
- Administrative access is through an isolated network with highly restricted accesses based on the principle of least privilege.
Digital ID uses both asymmetric (RSA) and symmetric (AES) encryption algorithms with well-established protocols to ensure unbreakable technology.
- An RSA key pair (a public key for encryption and a private key for decryption) is generated at registration time. The private key is then encrypted using the user’s Master Key (using AES symmetric cryptography) and split in half with each half stored in a different location.
- Users create a secret Master Key that is used to decrypt their data. Only the creator of the Master Key knows it. We, at Privowny, don’t. We don’t store it, nor do we keep track of it in any way.
- In addition to using SSL to secure all data in transit, we use database and file system encryption technologies to keep all data safe at rest (every server uses encryption at rest to prevent anyone from having direct access to database or server file systems).
Digital ID’s architecture is based on the most stringent industry standards, AWS infrastructure, the zero-trust model, and the principle of least privilege.
- Amazon Web Services (AWS) is the undisputed leader in the public cloud services market. Privowny leverages the AWS network to create a multi-layered architecture that protects access to critical data with firewalls at every layer.
- Additionally, Privowny uses multiple geographically isolated datacenters for redundancy, availability, and added security.
- We use industry standard intrusion detection and web application firewalls in addition to industry best practices for monitoring and real time alerting.
- Software development follows the principle of least privilege in addition to industry best practices for secure development processes in order to not introduce vulnerabilities through code. Privowny uses an automated build process that includes vulnerability scanning and remediation, static analysis and dynamic scanning.