The best protection for private data is encryption. Only the account holder has access to clear text private details at the time of input into the browser.
Account secret key and PKI key pair can be rotated on demand. See product information.
Endpoint REST Services, Authorization, JWS Token Issue and End User Authentication Pricing:
| Verviam Identity Management IDaaS Features |
|
| Unlimited Cloud API services |
|
| Option to include Federated ID |
|
| Data encrypted in browser |
|
| GDPR compliant |
|
| Data field level encryption |
|
| Data security with Intelligent Threat Protection |
|
| Access authentication at API Gateway |
|
| Authentication supports UserID and Password, ClientID and Client Secret, Signed JWT Token |
|
| Authorization supports OpenID scopes and ABAC tags |
|
| No unencrypted data in transit or storage |
|
Public Private Keypair |
|
| Key Rotation |
|
| Signed JWT from browser to API Gateway |
|
| Option to include attribute tags |
|
| Account private data never in plain text outside browser |
|
| Robust encryption algorithms (AES 256 bit, RSA 2048 bit keys) |
|