To provide secure communications between all aspects of KOR Connect all information is transferred with encryption and using SSL(TLS) protocol.
All data is encrypted at rest in Lambda functions using a symmetric algorithm AES-256-GCM in Galois Counter Mode (GCM) with 256-bit keys.
To ensure that all calls are made from approved origins, on and off the browser, each API connection uses Google’s Recaptcha V3 to validate where the call is coming from. For more information click here.
Google Recaptcha V3 blocks unwanted bots without any interaction from the user. This allows for a safe and seamless user experience without the Recaptcha image puzzles in V2.
As additional security KOR Connect automatically expires requests. If an attacker manages to steal a valid token, by the time the token is used it will be invalid and expired.
KOR Connect uses AWS as the main cloud vendor for infrastructure requirements. KOR Connect utilizes Amazon’s secure data centers and leverages Amazon Web Service’s (AWS) technology. Amazon’s data center operations have been accredited under:
SOC 1 and SOC 2/SSAE 16/ISAE 3402 (Previously SAS 70 Type II)
PCI Level 1