Security & Privacy by default
Afeccto holds some of the most sensitive information a person ever creates. We engineer the platform so that even we cannot misuse it — and so a determined attacker has nothing useful to take.
Security controls
Encryption
All files are encrypted at rest. All traffic is TLS-encrypted in transit. Database connections use TLS.
Row-Level Isolation
Every table enforces row-level security. You can only access rows belonging to your account — verified on every query.
Signed Downloads
Files are never publicly addressable. Each download uses a short-lived, signed URL generated for you in real time.
Trusted Verifier
Before any beneficiary release, a Afeccto representative personally contacts your beneficiary to confirm and prevent accidental disclosure.
Audit Logs
Every login, every reminder response, every access is recorded. You can review your audit trail anytime from the dashboard.
No Secrets Stored
By design, Afeccto does not accept banking passwords, ATM PINs, debit/credit CVVs, OTPs, or internet banking credentials.
OWASP Top 10
We follow OWASP guidance: input validation, output encoding, rate limiting, secure session handling, and CSRF protection.
MFA-Ready Architecture
Two-factor authentication is engineered in. You can enable it from your account settings (rolling out).
What we will never ask you to store
- Banking passwords or internet-banking PINs
- ATM PINs
- Credit/Debit card CVV
- OTP codes
- UPI PINs
- Two-factor backup codes
Store account numbers, institution names, policy numbers, document locations, and instructions instead. Your family will be able to claim assets through proper legal channels — without exposing you to cyber risk.