Security
Your data security is our top priority. Here's how we protect your information.
Encryption at Rest
All data is encrypted using AES-256 encryption when stored in our databases.
Encryption in Transit
All communications use TLS 1.3 encryption. We enforce HTTPS across all endpoints.
Secure Authentication
Passwords hashed with bcrypt. httpOnly cookies for session management. CSRF protection on all endpoints.
Rate Limiting
API rate limiting protects against abuse and DDoS attacks. Automatic blocking of suspicious activity.
Fraud Detection
Advanced algorithms detect and prevent referral fraud, self-referrals, and bot activity.
Audit Logging
Comprehensive audit logs track all account activities and API requests for security analysis.
Infrastructure
Cloud Infrastructure
Hosted on enterprise-grade cloud infrastructure with automatic failover and redundancy.
Database Security
PostgreSQL with encrypted connections, automated backups, and point-in-time recovery.
Network Security
Web Application Firewall (WAF), DDoS protection, and network segmentation.
Regular Updates
Dependencies and systems are regularly updated to patch security vulnerabilities.
Security Best Practices
We recommend the following practices when using Select:
- Use strong, unique passwords for your account
- Enable two-factor authentication (coming soon)
- Keep your API keys secure and rotate them periodically
- Use webhook signatures to verify incoming requests
- Review your account activity regularly
- Report any suspicious activity immediately
Responsible Disclosure
We take security seriously and appreciate the security research community's efforts to keep our platform safe. If you discover a security vulnerability, please report it responsibly.