Security at Lipi.ai

Your trust is our priority. We implement industry-leading security measures to protect your data and ensure the integrity of our services.

Security Features

End-to-End Encryption

All data transmissions are encrypted using TLS 1.3, ensuring your font data and personal information remain secure during transit.

AWS Security

Built on AWS infrastructure with enterprise-grade security, including VPC isolation, security groups, and IAM policies.

Multi-Factor Authentication

Optional MFA support through AWS Cognito for enhanced account security using TOTP authenticators.

Secure Infrastructure

Our servers are hosted in SOC 2 compliant data centers with 24/7 monitoring and automatic security patching.

Regular Security Audits

We conduct regular security assessments and penetration testing to identify and address potential vulnerabilities.

Access Control

Role-based access control (RBAC) ensures users only have access to the resources they need.

Compliance & Certifications

🇪🇺

GDPR Compliant

We adhere to the General Data Protection Regulation for handling EU user data.

🏛️

SOC 2 Type II

Our infrastructure providers maintain SOC 2 Type II certification.

🔒

HTTPS Everywhere

All connections are secured with HTTPS and HSTS headers.

🛡️

OWASP Top 10

We follow OWASP guidelines to protect against common vulnerabilities.

Security Practices

Data Protection

  • Encryption at rest using AES-256
  • Encryption in transit using TLS 1.3
  • Regular automated backups with point-in-time recovery
  • Data residency options for compliance requirements

Application Security

  • Input validation and sanitization
  • SQL injection prevention through parameterized queries
  • XSS protection with Content Security Policy
  • CSRF tokens for state-changing operations

Infrastructure Security

  • AWS WAF for DDoS protection
  • Network isolation using VPCs
  • Regular security patches and updates
  • Intrusion detection and prevention systems

Access Management

  • Principle of least privilege
  • Regular access reviews and audits
  • Strong password requirements
  • Session timeout and management

Responsible Disclosure

We appreciate the security research community's efforts in helping keep Lipi.ai safe. If you discover a security vulnerability, please report it responsibly.

Report a Vulnerability

We aim to respond to all security reports within 48 hours.

Security Best Practices for Users

  • 1.
    Use Strong Passwords

    Create unique, complex passwords for your Lipi.ai account and enable two-factor authentication.

  • 2.
    Keep Your Account Secure

    Never share your login credentials and be cautious of phishing attempts.

  • 3.
    Review Account Activity

    Regularly check your account activity and report any suspicious behavior.

  • 4.
    Keep Software Updated

    Ensure your browser and operating system are up to date with the latest security patches.

Questions About Security?

Our security team is here to help address any concerns you may have.

Contact Security TeamView Privacy Policy