Security at Krab.ai

Your trust is our top priority. We employ bank-grade security measures to protect your data and ensure safe, reliable financial services for the trucking industry.

Bank-Grade Security Standards

Krab.ai follows the same security standards as leading banks and financial institutions. Our platform is regularly audited by independent security firms to ensure we maintain the highest levels of data protection.

How We Protect Your Data

256-bit SSL Encryption

All data transmission is encrypted using industry-standard SSL/TLS protocols, ensuring your information remains secure during transit.

Multi-Factor Authentication

Add an extra layer of security with OTP-based two-factor authentication for all user accounts and transactions.

Secure Infrastructure

Our servers are hosted on Google Cloud Platform with enterprise-grade security, regular backups, and 99.9% uptime SLA.

24/7 Security Monitoring

AI-powered continuous monitoring detects and prevents suspicious activities, with real-time alerts for potential threats.

Data Protection Measures

Encryption at Rest

All stored data is encrypted using AES-256 encryption. Your sensitive information is protected even if physical security is compromised.

Access Control

Role-based access control ensures only authorized personnel can access specific data. All access is logged and monitored.

Regular Backups

Automated daily backups with geo-redundant storage ensure your data is never lost and can be recovered quickly.

Compliance & Certifications

We maintain compliance with global security standards and undergo regular third-party audits to ensure the highest levels of security and privacy protection.

ISO 27001

Compliant

Information Security Management System

PCI DSS

Level 1

Payment Card Industry Data Security Standard

SOC 2 Type II

Certified

Service Organization Control

GDPR

Compliant

General Data Protection Regulation

Our Security Practices

Application Security

  • Secure Development Lifecycle: All code undergoes security review before deployment, with automated scanning for vulnerabilities.
  • Regular Penetration Testing: Independent security experts test our systems quarterly to identify and fix potential vulnerabilities.
  • Bug Bounty Program: We reward security researchers who responsibly disclose vulnerabilities in our systems.
  • API Security: Rate limiting, authentication tokens, and request validation protect our APIs from abuse.

Operational Security

  • Employee Training: All team members undergo security awareness training and background verification.
  • Incident Response: 24/7 security operations center with defined incident response procedures.
  • Vendor Management: All third-party vendors undergo security assessment before integration.

How You Can Stay Secure

Do's

  • ✓ Use strong, unique passwords
  • ✓ Enable two-factor authentication
  • ✓ Keep your app updated
  • ✓ Log out from shared devices
  • ✓ Report suspicious activities immediately

Don'ts

  • ✗ Share your login credentials
  • ✗ Click on suspicious links
  • ✗ Use public WiFi for transactions
  • ✗ Save passwords in browsers on shared devices
  • ✗ Ignore security warnings

Report Security Issues

If you discover a security vulnerability in our systems, please report it responsibly. We appreciate the security community's efforts in helping us maintain the highest security standards.

Security Contact

Email: security@krab.ai

PGP Key: Available on request

We aim to respond to all security reports within 24 hours and resolve critical issues within 72 hours.

Bug Bounty Program: Valid security vulnerabilities may be eligible for rewards up to ₹5,00,000 based on severity and impact.

Stay Updated on Security

Subscribe to our security bulletin to receive updates about new security features, best practices, and important security notifications.

Subscribe to Security Updates