Security that's beyond secure.
Our patented encryption key management technology puts your documents and messages beyond the reach of any attack, including those powered by quantum computing.
A quick scan of our security features:
Real-time streaming encryption
SSL/TLS encryption and HTTP strict transport
6 levels of encryption, one user password
No bulk encryption
No persistent password tokens
Protection against cross-site scripting (XSS) and cross-site-request forgery (CSRF) attacks
Strict security policies that protect our hardware and software from theft and invasion
Dynamically generated, password-derived keys keep all encryption keys safe from quantum attacks
Bulk-access vulnerability?
Not with Cellucrypt®.
A lot of cloud-based storage services use master keys to encrypt information in bulk, whereas our unique process, Cellucrypt®, automatically encrypts every single document, message thread and note individually. Even if hackers were to break past our patented security, they’d only be able to access that single piece of data and not, for example, massive databases full of user information.
Two is better than one.
The greatest vulnerability to any system, no matter how secure, is the user password. Our two-factor authentication option gives users peace of mind with the addition of a second, randomly generated key that must be used with their password in order to gain access to their account.
The option to opt-out.
While the ability to reset your password may seem convenient, it actually creates vulnerability in a system’s security. After all, if a company can reset your password, they can also access all the information in your account. As a Verifyle customer, you can choose to opt-out of the password-reset feature, meaning that no one but you can gain access to your information.
Under lock and key. And key. And key. And key. And key. And key.
Not satisfied with one, two or even three levels of security, our system uses a combination of six different encryption keys to access or share information. Some people call it overkill. We call it essential. But don't worry, you still only need to remember one password. All this extra security happens behind-the-scenes, making Verifyle both extremely easy to use and secure from the even most powerful attacks.
Password
derived key
Session
key
Object
key
Paired
public key
Paired
private key
User
master key
No information left behind.
Many cloud storage companies queue items for encryption in temporary directories, leaving information unencrypted and exposed. Our system encrypts each document as it’s being uploaded so your data is never left vulnerable to hackers. Not even for a split second.
Not your every day key exchange.
In contrast to the methods of Diffie-Hellman and RSA, where a “public” key is transmitted over the internet in order to allow information to be shared, our “shared” and “held” keys are never exposed. This protects our users from even the most powerful attacks, including those powered by quantum computing. And because we generate a unique set of keys for each object and individual involved in the exchange of information, we deliver much greater control of information and a higher level of protection than systems that use standard methods for encrypting shared information.
Covering all your bases.
Verifyle uses strong SSL/TLS encryption, HTTP strict transport security and perfect forward secrecy to protect our users’ data. We also use AES‑128‑bit encryption instead of AES‑256 because, in addition to performing up to 40% better, there is a known weakness in the key expansion function that affects AES‑256. This weakness actually reduces the complexity of AES‑256 to lower than AES-128. And that doesn’t fly with us.
