Signed uploads before processing
Verification creation returns a signed upload target. Processing begins only after the customer confirms upload completion with the upload-complete endpoint.
Security
Security and data handling for document verification
This page describes the current security-relevant product behavior documented in the repository today: signed uploads, HMAC-signed webhook delivery, separate sandbox and production apps, plan-based retention, and the review path for DPA or security requests.
Documented controls
Current control model
These are the concrete controls documented in the quickstart, billing specification, privacy policy, implementation plan, and threat-model material. This page does not claim certifications or controls that are not documented in the repo.
HMAC-signed webhook delivery
Outbound webhook payloads include timestamp, delivery id, and HMAC-SHA256 signature material. Production adds the documented retry schedule and dead_letter behavior.
Scoped credentials and environments
Every client app owns its own API keys, webhook endpoint, and signing secret. Separate apps, environment-prefixed keys, and webhook URLs are expected for sandbox and production.
Hashed secrets and plan-based retention
The codebase stores API keys and portal session tokens as hashes at rest. Verification history, delivery history, and debug request/response retention follow the plan-specific retention model.
Environment separation
Operational boundaries
Sandbox and production use the same core verification engine, but they do not have the same operational behavior. That separation matters for reliability, live usage, and data handling expectations.
| Area | sandbox | production |
|---|---|---|
| Upload boundary | Signed upload target per verification | Signed upload target per verification |
| Webhook authenticity | HMAC-signed payload, single delivery attempt | HMAC-signed payload, retry schedule plus dead_letter |
| App separation | Use separate apps, keys, and webhook URLs | Use separate apps, keys, and webhook URLs |
| Retention | Plan-based verification and delivery retention | Plan-based verification and delivery retention |
Security review and legal process
Related public documents
These pages carry the current public contract for pricing, privacy, legal terms, and implementation details.
Open pricing
Pricing, quota, overage, and retention by plan.
Open docs
Signed upload flow, webhook signature verification, and environment behavior.
Open privacy policy
Retention, privacy contacts, and public data handling terms.
Open terms of service
Service responsibilities, acceptable use, and billing terms.