Security

Last Updated: November 28, 2025

Security-First Architecture

Security isn't a feature at Rial—it's the foundation. Our cryptographic verification system is built on zero-knowledge proofs, hardware-backed security, and industry-leading practices to protect your data and privacy.

AWS Cloud Infrastructure SOC 2 Type II Compliant ISO 27001 Certified GDPR Compliant

1. Infrastructure Security

  • Encryption: TLS 1.3 for data in transit, AES-256-GCM for data at rest
  • Network Security: VPC isolation, WAF protection, DDoS mitigation
  • Access Control: Zero-trust architecture, principle of least privilege
  • Monitoring: 24/7 security monitoring, automated threat detection
  • Backup: Automated encrypted backups, disaster recovery plan

2. Application Security

  • Secure Development: Security-focused SDLC, code review process
  • Dependency Management: Automated vulnerability scanning, regular updates
  • API Security: Rate limiting, authentication tokens, request validation
  • Input Validation: Sanitization of all user inputs, OWASP Top 10 protection
  • Session Management: Secure cookie handling, automatic session expiry

3. Mobile App Security

  • Hardware-Backed Security: iOS Secure Enclave, Android Keystore, Play Integrity API
  • Code Protection: Obfuscation, anti-tampering measures
  • Certificate Pinning: Protection against man-in-the-middle attacks
  • Root/Jailbreak Detection: Warning users of compromised devices
  • Local Storage: Encrypted storage using platform keychain

4. Cryptographic Architecture

Our verification system uses advanced cryptography to prove image authenticity without exposing sensitive data:

  • Zero-Knowledge Proofs: zk-SNARKs for privacy-preserving verification
  • Elliptic Curve Cryptography: ECDSA with secp256k1 for digital signatures
  • Hash Functions: SHA-256 for image fingerprinting, Poseidon for ZK circuits
  • Blockchain Anchoring: Immutable proof storage on Ethereum/Polygon

5. Data Protection

For verification services:

  • Photos Never Uploaded: Original images never leave your device
  • Minimal Data Collection: Only cryptographic hashes and proofs stored

For claims and submission services:

  • Encrypted Storage: Submitted photos are encrypted at rest using AES-256
  • Access Controls: Photos accessible only to authorized parties and Rial operations staff
  • Audit Logging: All photo access is logged for accountability
  • Secure Transmission: TLS 1.3 encryption for all photo uploads

For all services:

  • Data Residency: Control over where your data is processed
  • Right to Deletion: Request removal of your data at any time

6. Report a Vulnerability

We take security seriously. If you discover a vulnerability, please report it responsibly:

Email: security@riallabs.com

We investigate all reports and will respond within 48 hours.

Zero-Trust Philosophy

Our architecture assumes no trust—every request is verified, every action is logged, and every piece of data is encrypted. This approach ensures your security even if individual components are compromised.