Security

Bank grade encryption

Bitskout uses 128-bit SSL encryption for all authenticated sessions. This means that data sent to the Bitskout as well as data retrieved through the Bitskout management interface is protected

You are limited to your data only

Data stored in Bitskout is only available for you. Each request to retrieve data from Bitskout must be authenticated. Furthermore, requests are restricted to the currently logged-in account. Requests made to the Bitskout internal API require a logged in account and will not return successfully otherwise.

We never store your credit card info

When you purchase a paid Bitskout subscription, your credit card data is not transmitted through nor stored on our systems. Instead, we depend on Paddle.com, a company dedicated to this task. Paddle.com is PCI DSS SAQ A Compliant. You can find legal information, including terms of use and privacy policy, available via this link.

Bitskout employees have restricted access

Access to servers is restricted to infrastructure engineers and maintenance staff. Each employee is provided access through a unique key that can be revoked if needed. Each employee has their own login to our administrative web interface which can also be revoked. No Bitskout employee will access customer accounts unless required for support reasons.

Data on the ledger is hashed

Bitskout customers that use the distributed ledger to save workflow execution results have their data converted into a hash string using SHA-2 function (e.g. scrambling). No real data is transferred to a ledger, only its hash value. The same function is used in SSL encryption used for financial transactions, by Bitcoin protocol to validate transaction and protecting data via IPSec algorithm in data centres.