Security is one of our foremost priorities in designing and providing the services of Viyahe. If you have any questions regarding the details on this page, please let us know at firstname.lastname@example.org.
Viyahe servers are distributed within a proprietary Virtual Private Cloud in Amazon Web Service’s global infrastructure. None of its internal servers are directly accessible from the Public Internet. Its public facing endpoints are encrypted and proxied with a firewall.
All customer and application data are encrypted at-rest, and despite the infrastructure already insulated from the Public Internet, connections within the private network are encrypted in-transit.
Viyahe only uses HTTPS to interact with our providers and partners. We only transmit the minimum customer data necessary for the providers to fulfill their service.
Viyahe SSL Certificates are issued, authenticated, and validated by Amazon Web Services.
Viyahe Public Internet endpoints are only accessible over HTTPS, and does not support serving unencrypted data or plain text. Downgrade attacks are impossible.
Viyahe only uses TLS 1.1 and 1.2 Protocols for its Public Internet endpoints, it cannot serve data using deprecated, old, and or vulnerable Transport and Socket Layers.
Communications between Viyahe, our Agents, and Customers are all encrypted in-transit with HTTPS.
Viyahe Public Internet endpoints are served via Amazon Web Service’s Cloud Distribution Network, which provides a layer of protection from external application and network layer attacks.
Viyahe does not store, transmit, or forward any payment or credit card information. We use Stripe as our payment gateway provider. Payment related information are transmitted only between your device and the Stripe infrastructure directly.
“Stripe has been audited by a PCI-certified auditor and is certified to PCI Service Provider Level 1. This is the most stringent level of certification available in the payments industry.” - Security at Stripe.
Author: Pat Ambrosio
Updated: January 9, 2019