arrow_backBack to homeLast updated: 2026-05-11

Security

Summary of the security controls currently applied to the production service.

Access protection

Authentication is protected with secure sessions, JWT validation, and clear separation between public and authenticated surfaces. Local bypass flows remain disabled in production.

Data protection

Connections use HTTPS, downloads are signed, and OCR source-file retention stays disabled by default in production. Operational secrets are not exposed to the client.

Operational response

Critical authentication, storage, and OCR incidents are handled with deploy runbooks, smoke checks, and pre-release configuration review.