Security that's beyond secure.
A quick scan of our security features:
Real-time streaming encryption
SSL/TLS encryption and HTTP strict transport
6 levels of encryption, one user password
No bulk encryption
No persistent password tokens
Protection against cross-site scripting (XSS) and cross-site-request forgery (CSRF) attacks
Strict security policies that protect our hardware and software from theft and invasion
Bulk-access vulnerability?
Not with Cellucrypt®.
A lot of cloud-based storage services use master keys to encrypt information in bulk, whereas our unique process, Cellucrypt®, automatically encrypts every single document, message thread and note individually. Even if hackers were to break past our patented security, they’d only be able to access that single piece of data and not, for example, massive databases full of user information.
Two is better than one.
The greatest vulnerability to any system, no matter how secure, is the user password. Our two-factor authentication option gives users peace of mind with the addition of a second, randomly generated key that must be used with their password in order to gain access to their account.
The option to opt-out.
While the ability to reset your password may seem convenient, it actually creates vulnerability in a system’s security. After all, if a company can reset your password, they can also access all the information in your account. As a Verifyle customer, you can choose to opt-out of the password-reset feature, meaning that no one but you can gain access to your information.
Under lock and key. And key. And key. And key. And key. And key.
Not satisfied with one, two or even three levels of security, our system uses a combination of six different encryption keys to access or share information. Some people call it overkill. We call it essential. But don't worry, you still only need to remember one password. All this extra security happens behind-the-scenes, making Verifyle both ultra-secure and extremely easy to use.
Password
derived key
Session
key
Object
key
Paired
public key
Paired
private key
User
master key
No information left behind.
Many cloud storage companies queue items for encryption in temporary directories, leaving information unencrypted and exposed. Our system encrypts each document as it’s being uploaded so your data is never left vulnerable to hackers. Not even for a split second.
A different spin on Diffie‑Hellman.
Our patented use of the Diffie-Hellman public and private key exchange is not only invisible to our users, it generates a unique set of keys for each object and individual involved in the exchange of information. This allows for a much greater control of information and a higher level of protection than the standard folder links that many cloud storage companies use.
Covering all your bases.
Verifyle uses strong SSL/TLS encryption, HTTP strict transport security and perfect forward secrecy to protect our users’ data. We also use AES‑128‑bit encryption instead of AES‑256 because, in addition to performing up to 40% better, there is a known weakness in the key expansion function that affects AES‑256. This weakness actually reduces the complexity of AES‑256 to lower than AES-128. And that doesn’t fly with us.
