Security & Encryption
Your safety and privacy are our top priorities. Learn about the enterprise-grade security measures that protect your emergency communications.
Security Features
Enterprise-grade security measures protecting your most sensitive information
End-to-End Encryption
All messages and data are encrypted using AES-256 encryption, ensuring your information remains private and secure.
Secure Infrastructure
Built on enterprise-grade cloud infrastructure with SOC 2 certified data centers and 24/7 automated monitoring.
One-Time Password Authentication
Secure, passwordless access using one-time codes sent directly to your email. No passwords to remember or leak.
Client-Side Encryption
Emergency messages are encrypted on your device before transmission. Your encryption keys never leave your device in plaintext.
Zero-Knowledge Architecture
We cannot read your emergency messages or access your personal communications. Only authorized contacts with the correct PIN can decrypt them.
GDPR Compliant
Full compliance with GDPR, CCPA, and other international privacy regulations.
Encryption Standards
Data in Transit
All communications between your device and our servers use the latest TLS encryption standards with perfect forward secrecy. This ensures that even if encryption keys are compromised in the future, past communications remain secure. Every API call, file upload, and data sync is protected during transmission.
Data at Rest
Emergency messages and sensitive data are encrypted client-side using AES-256 encryption before being stored. Your encryption keys are derived from your emergency PIN using industry-standard key derivation functions. We cannot decrypt your messages—only authorized emergency contacts with the correct PIN can access them.
Key Management
Your encryption keys never leave your device in plaintext. We use a zero-knowledge architecture where keys are derived locally from your PIN. Server-side data encryption (for non-sensitive metadata like timestamps and status) uses built-in encryption with regularly rotated keys managed through industry-standard practices.
Infrastructure Security
Data Centers
CheckPoint is built on enterprise-grade cloud infrastructure with SOC 2 Type II certified data centers featuring 24/7 physical security, redundant power systems, and environmental monitoring. Data is replicated across multiple availability zones for high availability and disaster recovery.
Network Security
Multi-layered network security including Cloudflare Web Application Firewall (WAF), DDoS protection, infrastructure-level intrusion detection, and rate limiting on all API endpoints. All database connections use encrypted protocols.
Monitoring & Logging
Comprehensive security event logging tracks authentication attempts, PIN verification, emergency protocol triggers, and data access patterns. Real-time monitoring with automated alerts for suspicious activity. All logs are encrypted and retained for 90+ days for security analysis and compliance.
Access Controls
Employee Access
Strict principle of least privilege with role-based access controls. Administrative access to production systems is limited to essential personnel only. All privileged actions are logged and reviewed. Multi-factor authentication is required for all administrative access to infrastructure.
Customer Data
Zero-knowledge architecture ensures that CheckPoint staff cannot access your emergency messages, encrypted protocols, or personal communications. We can only see non-sensitive metadata (e.g., protocol status, timestamps) necessary for system operation. Your PIN never leaves your device in plaintext and cannot be recovered by our team.
Audit Trails
Comprehensive audit logging of all authentication events, PIN attempts, emergency access, protocol triggers, and administrative actions. Secure audit log storage with tamper-resistant controls. Security events are retained for 90+ days and can be exported for compliance purposes.
Certifications & Compliance
Independently verified security standards and regulatory compliance
Built on SOC 2 Infrastructure
Hosted on enterprise-grade cloud infrastructure with SOC 2 Type II certification
GDPR Compliant
Full compliance with European data protection regulations including right to access, rectification, and deletion
CCPA Compliant
California Consumer Privacy Act compliance with transparent data practices and user rights
Zero-Knowledge Architecture
Client-side encryption ensures we cannot access your sensitive emergency data
Our Security Practices
Continuous security improvement through industry best practices
Regular Security Audits
Security-focused development practices with thorough code review for critical features including authentication, encryption, and data access controls. Automated security scanning of dependencies via GitHub Dependabot with immediate patching of known vulnerabilities. Community-driven security through responsible disclosure program.
Vulnerability Management
Continuous dependency monitoring with automated updates for security patches. Proactive vulnerability scanning and immediate response to security advisories. All security updates are tested in staging environments before production deployment to ensure stability.
Incident Response
Documented incident response procedures with clear escalation paths. Security monitoring with automated alerts for suspicious activity. Customer notification protocols for any security events affecting user data. Transparent communication and rapid response to security concerns.
Report a Security Vulnerability
We take security seriously. If you've discovered a vulnerability, please report it responsibly.
Our Commitment
• Recognition: While we don't offer a formal bug bounty program, we deeply appreciate security researchers and will provide recognition based on the significance of your discovery.
• Responsible Disclosure: Please allow us reasonable time to address vulnerabilities before public disclosure.
• No Legal Action: We will not pursue legal action against researchers who follow responsible disclosure practices.
Contact Methods
Email: legal@safety-checkpoint.com
PGP Key: Request our PGP public key at legal@safety-checkpoint.com
Submit Vulnerability Report
Please provide detailed information to help us understand and address the issue quickly.