See how we keep your documents safe with modern, state-of-the-art security implementations.
Communication over secure SSL connection prevents a user's credentials from being stolen and man-in-the-middle attacks where an attacker is able to sniff all the data that is being sent.
Only correctly verified accounts can create and sign contracts. The verification process consists of two factors; verification of email address through unique links issued by email.
Verification of phone through secure one-time passwords sent by text message
To sign a contract user must also provide a secure confirmation token sent in a text message.
The user provides a password only once and gets a secure token as a response.
The user has to provide a received token on each request to the application. Tokens are invalidated after some specific time which requires user to login again and prevents from stealing these tokens.
Session data is remembered on a client side and is not stored on a server which improves security in case of any malicious operations
Passwords and verification tokens are stored in an encrypted format using modern and state-of-the-art solutions including the bcrypt key derivation function. We don't store plain data but use cryptographic one-way hash functions
Contracts can only be viewed through the website using a verified account or using a unique key that is issued to the recipient's email address