Is my data encrypted?
The data in Kubera is encrypted at-rest and in-transit.
It’s NOT end-to-end encrypted.
Long answer:
When you think of online security the first thing that comes to your mind is encryption. You may have also heard of ‘end-to-end encryption’ as the gold standard for security.
What is end-to-end encryption?
End-to-end encryption makes the data encrypted or unreadable by the very service or the app you used to create it, because the app simply doesn't hold the keys to decrypt it. It’s only readable by the user who holds the key to decrypt it and no one else.
Your data in Kubera is NOT end-to-end encrypted, because it will not allow Kubera to deliver on one of the fundamental promises of the service - ensuring safe transfer of your data to your beneficiary as simple Excel and Zip files. Even though we can’t do end-to-end, your data in Kubera is indeed encrypted at-rest and in-transit.
What are at-rest and in-transit encryption?
At-rest encryption: All our databases and files storage in Amazon (AWS) servers have their content encrypted while sitting idle and when they’re backed up. This protects against unauthorized copying, transfer or retrieval of user data from our servers. Even if someone was somehow able to get hold of a backup of the database, it’d be useless, because they wouldn’t have the key to decrypt it.
In-transit: Your data when in transit from our servers to your browser requires HTTPS on all pages, and uses HSTS to ensure browsers only ever connect to us over a secure connection.