Skip to main content

Security

members

Ensuring the security and privacy of our customer data and transactions is a top priority at KamioKash. We implement comprehensive security measures across our infrastructure to protect against unauthorized access, data breaches, and other vulnerabilities. Below is an overview of our security protocols and practices.

Front-End Security

Cloudflare DNS and Vercel

  • Proxied Cloudflare DNS Records: We use Cloudflare to manage DNS records, leveraging their proxy capabilities to enhance the security and performance of our front-end applications. This setup provides additional layers of security, including DDoS protection and traffic filtering, to ensure our services remain accessible and secure at all times.
  • Deployment on Vercel: Our front-end applications are deployed on Vercel, known for its robust security standards. Vercel provides automatic HTTPS for all deployments, ensuring that all communications between the user and our applications are encrypted.

API Security

Protected Endpoints

  • Secure API Access: Our APIs are protected with SSL/TLS certificates, ensuring that all data in transit between our clients and services is encrypted and safeguarded from interception. We enforce HTTPS on all our API endpoints to guarantee secure communication.

Data Encryption

  • Encryption in Transit and at Rest: We adhere to the best practices of encrypting all data in transit and at rest. Whether data is being transmitted over the network or stored in our databases, it is encrypted using strong encryption standards to prevent unauthorized access.

API Key and Secret Management

Secure Handling of API Keys

  • One-Way Encryption: Our API keys and secrets are protected using one-way encryption, ensuring that they are stored securely and cannot be reverse-engineered. When an API key and secret pair is generated, it is viewable only once at the time of creation. Clients are encouraged to store this information securely, as it cannot be retrieved again from our systems.

  • Limited Access: We can implement strict policies to control and limit what each API key can access within our Wallets and Rewards APIs. This approach ensures that API keys are granted only the necessary permissions for their intended use, minimizing the risk of unauthorized access to sensitive information and operations.

Best Practices for API Key Usage

  • Secure Storage: Clients are advised to store their API keys and secrets in a secure location, such as a password manager, security store or an encrypted database. It is crucial to avoid hard-coding these credentials in application code or storing them in insecure locations like codebases Never commit API keys to a codebase!.

  • Regeneration Policy: In the event of a potential compromise or as a routine security measure, clients have the ability to regenerate API keys and secrets through the KamioKash Dashboard. This practice helps maintain the security integrity of the client's integration with our APIs.

  • Access Review: Regularly review and audit the access levels granted to each API key. Remove or restrict access as necessary to align with the principle of least privilege, ensuring that each key can only perform actions that are essential for its purpose.

Reporting and Revocation

  • Incident Reporting: If you suspect that an API key and secret pair has been compromised, it is imperative to report the incident to our security team immediately. Prompt reporting allows us to take necessary actions to mitigate any potential security risks. We also recommend disabling or deleting a key that has been compromised to limit suface and duration of attach.

  • Key Revocation: Upon receiving a report of a compromised key, we will promptly revoke the key's access to prevent any unauthorized use. Clients can then generate a new key and secret pair to restore secure access to our APIs.

Our commitment to secure API key and secret management is part of our broader security strategy designed to protect our clients and their data. By following these guidelines and utilizing the security features provided, clients can confidently integrate with KamioKash's APIs knowing their operations are safeguarded.

Database Security and Compliance

Secure Database Storage

  • Our Databases: Our databases are hosted on a platform that provides high performance and reliability along with comprehensive security features. These features include network isolation, encryption at rest using keys managed through a key management service, and automated backups encrypted at rest.
  • Compliance Certifications: Our hosting services comply with various standards and certifications, including SOC 1, SOC 2, and SOC 3. These certifications attest to the high standards of security and data protection measures in place, ensuring that our data handling practices meet rigorous industry requirements.

Continuous Security Monitoring

We continuously monitor our systems for potential threats and vulnerabilities. Our security team is dedicated to applying timely security updates, conducting regular security assessments, and adhering to best practices in vulnerability management to protect our infrastructure and data.

Commitment to Security

At KamioKash, we are committed to maintaining the highest levels of security and data protection. We understand the importance of trust in our services and are dedicated to continuously improving our security posture to meet and exceed industry standards.

For more information about our security practices or if you have any security concerns, please contact our support team.