Security: How Ackify Protects Your Data
Security is at the heart of Ackify. Each proof of acknowledgment relies on robust cryptographic mechanisms, and our architecture is designed to minimize the exposure of your data.
Ed25519
Digital signatures used by OpenSSH and Signal. Compact keys, maximum security.
Storage control
Your documents on your S3, reference-only mode, or Ackify hosting: you decide.
TLS 1.3
Encryption in transit and at rest. Keys protected by software HSM.
Open source
Auditable source code (AGPL-3.0). Total transparency on our practices.
Ed25519 Cryptography
Each reading confirmation generates an Ed25519 (EdDSA) digital signature. This algorithm, used by OpenSSH and Signal, offers an excellent security level with compact keys. The signature is timestamped and linked to the document content: any subsequent modification would be immediately detectable.
Privacy by design: you control your data
Ackify offers you several storage options: connect your own S3, use reference-only mode (the document stays with you), or opt for secure Ackify hosting on our European servers. In all cases, only the cryptographic acknowledgment proofs are necessary for traceability.
With your own storage
Documents = your S3 or reference mode. Cryptographic proofs = at Ackify. You choose the level of separation.
Encryption in transit and at rest
All communications are encrypted via TLS 1.3. Data at rest (acknowledgment proofs, metadata) are encrypted on our European servers. Signing keys are protected by a software HSM (Hardware Security Module).
Compliance and audits
Ackify is GDPR compliant by design. Our source code is open (AGPL-3.0), allowing anyone to audit our security practices. We apply the principle of least privilege and conduct regular security reviews.