Your data is safe with SignPOS

We take security seriously. From infrastructure to application layer, every component is designed to protect your business data.

Infrastructure Security

  • Hosted on AWS with multi-AZ redundancy
  • Automated backups with point-in-time recovery
  • DDoS protection via AWS Shield
  • Network isolation with VPC and security groups
  • 99.9% uptime SLA

Application Security

  • AES-256 encryption for data at rest
  • TLS 1.3 for all data in transit
  • JWT-based authentication with refresh token rotation
  • Role-based access control (RBAC)
  • Rate limiting and brute-force protection

Payment Security

  • PCI-DSS compliant payment processing
  • Tokenized card storage via payment partners
  • No raw card data stored on SignPOS servers
  • Secure UPI and wallet integrations

Compliance

  • GST-compliant billing and invoicing
  • Data residency in India (Mumbai region)
  • GDPR-aligned data handling practices
  • Regular third-party security audits

Responsible Disclosure

If you believe you've found a security vulnerability in SignPOS, we encourage you to report it responsibly. Please email us at security@signpos.in with details of the vulnerability. We take all reports seriously and will respond within 48 hours.

Contact Security Team